[go: up one dir, main page]

CN104486191A - Mobile terminal access method - Google Patents

Mobile terminal access method Download PDF

Info

Publication number
CN104486191A
CN104486191A CN201410709812.3A CN201410709812A CN104486191A CN 104486191 A CN104486191 A CN 104486191A CN 201410709812 A CN201410709812 A CN 201410709812A CN 104486191 A CN104486191 A CN 104486191A
Authority
CN
China
Prior art keywords
access
vpn
server
access server
access request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201410709812.3A
Other languages
Chinese (zh)
Other versions
CN104486191B (en
Inventor
罗海宁
冷默
韩帅
邵国安
吕品
周民
杨绍亮
杨洪伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
STATE INFORMATION CENTER
Original Assignee
STATE INFORMATION CENTER
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by STATE INFORMATION CENTER filed Critical STATE INFORMATION CENTER
Priority to CN201410709812.3A priority Critical patent/CN104486191B/en
Publication of CN104486191A publication Critical patent/CN104486191A/en
Application granted granted Critical
Publication of CN104486191B publication Critical patent/CN104486191B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a mobile terminal access method, and relates to the field of network security. The invention aims to solve the problem that unified scheduling cannot be performed in the prior art. The method comprises the following steps: s10, the user terminal sends an access request to a preset access server, the access server can receive the access requests sent by all the user terminals in a unified way, and the access requests carry access modes; s20, the access server receives the access request sent by the user terminal and determines the access mode according to the access request; s30, if the access mode is VPDN line access, the access server sends an access request to a preset LNS server; s40, the LNS server receives the access request sent by the access server, verifies the access request to obtain a verification result, and returns the verification result to the access server; s50, the access server receives the verification result returned by the LNS server; and S60, when the verification result is that the verification fails, the access server returns a message of the failure of the verification to the user terminal.

Description

移动终端接入方法Mobile terminal access method

技术领域technical field

本发明涉及网络安全领域,尤其涉及一种移动终端接入方法。The invention relates to the field of network security, in particular to a mobile terminal access method.

背景技术Background technique

现有技术中,移动终端接入信息系统时,可以通过互联网线路接入,也可以通过虚拟专用拨号网(Virtual Private Dial-up Networks,VPDN)线路接入;互联网线路接入和VPDN线路接入需要分别连接到VPN网关和LNS服务器,而VPN网关和LNS服务器是相互独立的,即互联网线路接入和VPDN线路接入是相互独立的。In the prior art, when a mobile terminal accesses an information system, it can be accessed through an Internet line, or through a virtual private dial-up network (Virtual Private Dial-up Networks, VPDN) line; Internet line access and VPDN line access Need to connect to VPN gateway and LNS server respectively, and VPN gateway and LNS server are independent of each other, that is, Internet line access and VPDN line access are independent of each other.

然而,由于互联网线路接入和VPDN线路接入是相互独立,用户无法进行统一调度。However, since Internet line access and VPDN line access are independent of each other, users cannot perform unified scheduling.

发明内容Contents of the invention

本发明提供一种移动终端接入方法,能够方便用户统一调度互联网线路和VPDN线路的接入请求。The invention provides a mobile terminal access method, which can facilitate users to uniformly schedule access requests of Internet lines and VPDN lines.

本发明解决技术问题采用如下技术方案:一种移动终端接入方法,包括:S10、用户终端向预设接入服务器发送接入请求,所述接入服务器能够统一接收所有用户终端发送的接入请求,所述接入请求中携带接入方式;S20、所述接入服务器接收所述用户终端发送的接入请求,并根据所述接入请求确定接入的方式;S30、如果接入的方式是VPDN线路接入,所述接入服务器向预设LNS服务器发送所述接入请求;S40、所述LNS服务器接收所述接入服务器发送的接入请求后对所述接入请求进行验证,得到验证结果,并向所述接入服务器返回该验证结果;S50、所述接入服务器接收所述LNS服务器返回的验证结果;S60、当所述验证结果为验证失败时,所述接入服务器向所述用户终端返回验证失败的消息。The present invention adopts the following technical solution to solve the technical problem: a mobile terminal access method, including: S10, the user terminal sends an access request to a preset access server, and the access server can uniformly receive the access requests sent by all user terminals request, the access request carries the access method; S20, the access server receives the access request sent by the user terminal, and determines the access method according to the access request; S30, if the access The method is VPDN line access, the access server sends the access request to a preset LNS server; S40, the LNS server verifies the access request after receiving the access request sent by the access server , obtain a verification result, and return the verification result to the access server; S50, the access server receives the verification result returned by the LNS server; S60, when the verification result is verification failure, the access The server returns a verification failure message to the user terminal.

可选的,本实施例提供的移动终端接入方法,还包括:S70、当所述验证结果为验证成功时,所述接入服务器向所述用户终端返回提示用户输入VPN信息的提示消息;S80、所述用户终端接收所述接入服务器发送的提示消息后提示;S90、所述用户终端接收用户根据提示输入的VPN信息,并向所述接入服务器发送,所述VPN信息中携带待接入的VPN类型;S91、所述接入服务器接收所述用户终端发送的VPN信息,并根据所述VPN信息从预设VPN网关集群中选取第一VPN网关;S92、所述接入服务器向所述第一VPN网关发送所述VPN信息;S93、所述第一VPN网关接收所述接入服务器发送的VPN信息,并根据所述VPN信息建立与所述用户终端的第一沟通逻辑通道。Optionally, the mobile terminal access method provided in this embodiment further includes: S70. When the verification result is successful, the access server returns a prompt message prompting the user to input VPN information to the user terminal; S80. The user terminal prompts after receiving the prompt message sent by the access server; S90. The user terminal receives the VPN information input by the user according to the prompt, and sends it to the access server. VPN type of access; S91, the access server receives the VPN information sent by the user terminal, and selects the first VPN gateway from the preset VPN gateway cluster according to the VPN information; S92, the access server sends The first VPN gateway sends the VPN information; S93. The first VPN gateway receives the VPN information sent by the access server, and establishes a first communication logical channel with the user terminal according to the VPN information.

可选的,本实施例提供的移动终端接入方法中所述S91,包括:S911、所述接入服务器根据所述VPN信息确定VPN类型;S912、所述接入服务器根据该VPN类型从预设VPN网关集群中选取第一目标网关集群;S913、所述接入服务器从所述第一目标网关集群中选取第一VPN网关。Optionally, the step S91 in the mobile terminal access method provided in this embodiment includes: S911, the access server determines the VPN type according to the VPN information; S912, the access server determines the VPN type according to the VPN type from the preset It is assumed that a first target gateway cluster is selected from the VPN gateway cluster; S913. The access server selects a first VPN gateway from the first target gateway cluster.

可选的,本实施例提供的移动终端接入方法还包括:S94、所述用户终端接收用户输入的认证信息,并通过所述第一沟通逻辑通道向所述第一VPN网关发送所述认证信息;S95、所述第一VPN网关接收所述用户终端发送的认证信息,并根据所述认证信息进行身份认证。Optionally, the mobile terminal access method provided in this embodiment further includes: S94. The user terminal receives the authentication information input by the user, and sends the authentication information to the first VPN gateway through the first communication logical channel. Information; S95. The first VPN gateway receives the authentication information sent by the user terminal, and performs identity authentication according to the authentication information.

可选的,本实施例提供的移动终端接入方法还包括:S96、如果是互联网线路接入,所述接入服务器根据所述接入请求从预设VPN网关集群中选取第二VPN网关;所述接入请求还携带待接入的VPN类型;S97、所述接入服务器向所述第二VPN网关发送所述接入请求;S98、所述第二VPN网关接收所述接入服务器发送的接入请求,并根据所述接入请求建立与所述用户终端的第二沟通逻辑通道。Optionally, the mobile terminal access method provided in this embodiment further includes: S96. If Internet line access is used, the access server selects a second VPN gateway from a preset VPN gateway cluster according to the access request; The access request also carries the VPN type to be accessed; S97, the access server sends the access request to the second VPN gateway; S98, the second VPN gateway receives the access request, and establish a second communication logical channel with the user terminal according to the access request.

可选的,本实施例提供的移动终端接入方法中所述S94,包括:S941、所述接入服务器根据所述接入请求确定VPN类型;S942、所述接入服务器根据该VPN类型从预设VPN网关集群中选取第二目标网关集群;S943、所述接入服务器从所述第二目标网关集群中选取第二VPN网关。Optionally, the step S94 in the mobile terminal access method provided in this embodiment includes: S941, the access server determines the VPN type according to the access request; S942, the access server determines the VPN type according to the VPN type Select a second target gateway cluster from the preset VPN gateway cluster; S943. The access server selects a second VPN gateway from the second target gateway cluster.

可选的,本实施例提供的移动终端接入方法中所述S20,包括:S201、所述接入服务器监听是否接收到接入请求;如果是,执行S202;否则,重新执行所述S201;所述S202、所述接入服务器根据该接入请求确定接入的方式。Optionally, S20 in the mobile terminal access method provided in this embodiment includes: S201, the access server monitors whether an access request is received; if yes, execute S202; otherwise, re-execute S201; In S202, the access server determines an access mode according to the access request.

可选的,本实施例提供的移动终端接入方法,在所述S30之前,还包括:S21、所述接入服务器判断其是否支持该接入的方式;如果支持,执行所述S30。Optionally, before the step S30, the mobile terminal access method provided in this embodiment further includes: S21, the access server judges whether it supports the access method; if yes, execute the step S30.

可选的,本实施例提供的移动终端接入方法,还包括:S22,如果不支持,所述接入服务器向所述用户终端发送不支持该接入的方式的消息。Optionally, the mobile terminal access method provided in this embodiment further includes: S22, if not supported, the access server sends a message that the access mode is not supported to the user terminal.

本发明具有如下有益效果:通过接入服务器接收接入请求,并根据接入请求确定接入的方式;当接入的方式是VPDN线路接入时,接入服务器向LNS服务器发送该接入请求,使LNS服务器对接入请求进行验证,并在验证失败时,向用户终端返回验证结果。由于通过接入服务器统一接收所有用户终端发送的接入请求,因此可以通过接入服务器统一对互联网线路接入和VPDN线路接入进行调度,使本发明实施例提供的技术方案解决了现有技术中由于互联网线路接入和VPDN线路接入是相互独立,用户无法进行统一调度。此外,该方案通过同一个接入服务器对所有用户终端发送的接入请求进行管理,还能降低硬件成本并提高管理效率。The present invention has the following beneficial effects: the access request is received by the access server, and the access mode is determined according to the access request; when the access mode is VPDN line access, the access server sends the access request to the LNS server , so that the LNS server verifies the access request, and returns the verification result to the user terminal when the verification fails. Since the access requests sent by all user terminals are uniformly received through the access server, the Internet line access and VPDN line access can be uniformly scheduled through the access server, so that the technical solution provided by the embodiment of the present invention solves the problem of the prior art Since Internet line access and VPDN line access are independent of each other, users cannot perform unified scheduling. In addition, the solution manages the access requests sent by all user terminals through the same access server, which can also reduce hardware costs and improve management efficiency.

附图说明Description of drawings

图1为本发明实施例1提供的移动终端接入方法的流程图;FIG. 1 is a flowchart of a mobile terminal access method provided in Embodiment 1 of the present invention;

图2为本发明实施例2提供的移动终端接入方法的流程图一;FIG. 2 is a flowchart 1 of a mobile terminal access method provided in Embodiment 2 of the present invention;

图3为本发明实施例2提供的移动终端接入方法的流程图二;FIG. 3 is a second flow chart of the mobile terminal access method provided by Embodiment 2 of the present invention;

图4为本发明实施例3提供的移动终端接入方法的流程图;FIG. 4 is a flowchart of a mobile terminal access method provided in Embodiment 3 of the present invention;

图5为本发明实施例4提供的移动终端接入方法的流程图;FIG. 5 is a flowchart of a mobile terminal access method provided in Embodiment 4 of the present invention;

图6为本发明实施例5提供的移动终端接入方法的流程图一;FIG. 6 is a first flowchart of a mobile terminal access method provided in Embodiment 5 of the present invention;

图7为本发明实施例5提供的移动终端接入方法的流程图二。FIG. 7 is a second flow chart of the mobile terminal access method provided by Embodiment 5 of the present invention.

具体实施方式Detailed ways

下面结合实施例及附图对本发明的技术方案作进一步阐述。The technical solutions of the present invention will be further described below in conjunction with the embodiments and the accompanying drawings.

实施例1Example 1

如图1所示,本实施例提供了一种移动终端接入方法,包括:As shown in Figure 1, this embodiment provides a mobile terminal access method, including:

步骤101,用户终端向预设接入服务器发送接入请求。Step 101, the user terminal sends an access request to a preset access server.

在本实施例中,步骤101中接入服务器能够统一接收所有用户终端发送的接入请求;该接入请求中携带接入方式。其中,接入方式包括:互联网线路接入或VPDN线路接入。In this embodiment, in step 101, the access server can uniformly receive the access requests sent by all user terminals; the access request carries the access mode. Wherein, the access mode includes: Internet line access or VPDN line access.

步骤102,接入服务器接收用户终端发送的接入请求,并根据该接入请求确定接入的方式。Step 102, the access server receives the access request sent by the user terminal, and determines the access method according to the access request.

在本实施例中,步骤102可以包括:接入服务器监听是否接收到接入请求;如果是,接入服务器根据该接入请求确定接入的方式;否则继续监听。In this embodiment, step 102 may include: the access server monitors whether an access request is received; if yes, the access server determines an access method according to the access request; otherwise, continues to monitor.

步骤103,如果接入的方式是VPDN线路接入,该接入服务器向预设LNS服务器发送该接入请求。Step 103, if the access mode is VPDN line access, the access server sends the access request to the preset LNS server.

步骤104,LNS服务器接收接入服务器发送的接入请求后对该接入请求进行验证,得到验证结果,并向接入服务器返回该验证结果。Step 104: After receiving the access request sent by the access server, the LNS server verifies the access request, obtains a verification result, and returns the verification result to the access server.

步骤105,接入服务器接收LNS服务器返回的验证结果。Step 105, the access server receives the verification result returned by the LNS server.

步骤106,当验证结果为验证失败时,接入服务器向用户终端返回验证失败的消息。Step 106, when the verification result is verification failure, the access server returns a verification failure message to the user terminal.

本发明具有如下有益效果:通过接入服务器接收接入请求,并根据接入请求确定接入的方式;当接入的方式是VPDN线路接入时,接入服务器向LNS服务器发送该接入请求,使LNS服务器对接入请求进行验证,并在验证失败时,向用户终端返回验证结果。由于通过接入服务器统一接收所有用户终端发送的接入请求,因此可以通过接入服务器统一对互联网线路接入和VPDN线路接入进行调度,使本发明实施例提供的技术方案解决了现有技术中由于互联网线路接入和VPDN线路接入是相互独立,用户无法进行统一调度。此外,该方案通过同一个接入服务器对所有用户终端发送的接入请求进行管理,还能降低硬件成本并提高管理效率。The present invention has the following beneficial effects: the access request is received by the access server, and the access mode is determined according to the access request; when the access mode is VPDN line access, the access server sends the access request to the LNS server , so that the LNS server verifies the access request, and returns the verification result to the user terminal when the verification fails. Since the access requests sent by all user terminals are uniformly received through the access server, the Internet line access and VPDN line access can be uniformly scheduled through the access server, so that the technical solution provided by the embodiment of the present invention solves the problem of the prior art Since Internet line access and VPDN line access are independent of each other, users cannot perform unified scheduling. In addition, the solution manages the access requests sent by all user terminals through the same access server, which can also reduce hardware costs and improve management efficiency.

实施例2Example 2

如图2所示,本实施例提供了一种移动终端接入方法,该方法与图1所示的相似,区别在于,还包括:As shown in Figure 2, this embodiment provides a mobile terminal access method, which is similar to that shown in Figure 1, the difference is that it also includes:

步骤107,当验证结果为验证成功时,接入服务器向用户终端返回提示用户输入VPN信息的提示消息。Step 107, when the verification result is that the verification is successful, the access server returns a prompt message prompting the user to input VPN information to the user terminal.

步骤108,用户终端接收接入服务器发送的提示消息后提示。Step 108, the user terminal prompts after receiving the prompt message sent by the access server.

步骤109,用户终端接收用户根据提示输入的VPN信息,并向接入服务器发送。Step 109, the user terminal receives the VPN information input by the user according to the prompt, and sends it to the access server.

在本实施例中,步骤109中VPN信息中携带待接入的VPN类型。In this embodiment, the VPN information in step 109 carries the VPN type to be accessed.

步骤110,接入服务器接收用户终端发送的VPN信息,并根据该VPN信息从预设VPN网关集群中选取第一VPN网关。Step 110, the access server receives the VPN information sent by the user terminal, and selects a first VPN gateway from the preset VPN gateway cluster according to the VPN information.

在本实施例中,步骤110选取第一VPN网关的过程可以包括:接入服务器根据VPN信息确定VPN类型;接入服务器根据该VPN类型从预设VPN网关集群中选取第一目标网关集群;接入服务器从第一目标网关集群中选取第一VPN网关。特别的,为了实现负载均衡,接入服务器从第一目标网关集群中选取第一VPN网关的过程可以为:通过轮询的方式,从第一目标网关集群中获取访问压力最小的第一VPN网关。In this embodiment, the process of selecting the first VPN gateway in step 110 may include: the access server determines the VPN type according to the VPN information; the access server selects the first target gateway cluster from the preset VPN gateway cluster according to the VPN type; then The ingress server selects the first VPN gateway from the first target gateway cluster. In particular, in order to achieve load balancing, the process for the access server to select the first VPN gateway from the first target gateway cluster may be: obtain the first VPN gateway with the least access pressure from the first target gateway cluster by polling .

步骤111,接入服务器向该第一VPN网关发送VPN信息。Step 111, the access server sends VPN information to the first VPN gateway.

步骤112,第一VPN网关接收接入服务器发送的VPN信息,并根据该VPN信息建立与用户终端的第一沟通逻辑通道。Step 112, the first VPN gateway receives the VPN information sent by the access server, and establishes a first communication logical channel with the user terminal according to the VPN information.

进一步的,如图3所示,本实施例提供的移动终端接入方法,还可以包括:Further, as shown in FIG. 3, the mobile terminal access method provided in this embodiment may also include:

步骤113,用户终端接收用户输入的认证信息,并通过该第一沟通逻辑通道向第一VPN网关发送该认证信息。Step 113, the user terminal receives the authentication information input by the user, and sends the authentication information to the first VPN gateway through the first communication logical channel.

步骤114,第一VPN网关接收用户终端发送的认证信息,并根据该认证信息进行身份认证。Step 114, the first VPN gateway receives the authentication information sent by the user terminal, and performs identity authentication according to the authentication information.

在本实施例中,在通过LNS验证成功后,还需经VPN网关,减少了对运营商专网--VPDN专线的依赖性,提高了虚拟专用网络接入的安全性。In this embodiment, after successfully passing the LNS verification, a VPN gateway is required, which reduces the dependence on the operator's private network—VPDN private line, and improves the security of virtual private network access.

本发明具有如下有益效果:通过接入服务器接收接入请求,并根据接入请求确定接入的方式;当接入的方式是VPDN线路接入时,接入服务器向LNS服务器发送该接入请求,使LNS服务器对接入请求进行验证,并在验证失败时,向用户终端返回验证结果。由于通过接入服务器统一接收所有用户终端发送的接入请求,因此可以通过接入服务器统一对互联网线路接入和VPDN线路接入进行调度,使本发明实施例提供的技术方案解决了现有技术中由于互联网线路接入和VPDN线路接入是相互独立,用户无法进行统一调度。此外,该方案通过同一个接入服务器对所有用户终端发送的接入请求进行管理,还能降低硬件成本并提高管理效率。The present invention has the following beneficial effects: the access request is received by the access server, and the access mode is determined according to the access request; when the access mode is VPDN line access, the access server sends the access request to the LNS server , so that the LNS server verifies the access request, and returns the verification result to the user terminal when the verification fails. Since the access requests sent by all user terminals are uniformly received through the access server, the Internet line access and VPDN line access can be uniformly scheduled through the access server, so that the technical solution provided by the embodiment of the present invention solves the problem of the prior art Since Internet line access and VPDN line access are independent of each other, users cannot perform unified scheduling. In addition, the solution manages the access requests sent by all user terminals through the same access server, which can also reduce hardware costs and improve management efficiency.

实施例3Example 3

如图4所示,本实施例提供的移动终端接入方法,该方法与图1所示的相似,区别在于,还包括:As shown in Figure 4, the mobile terminal access method provided in this embodiment is similar to that shown in Figure 1, the difference is that it also includes:

步骤115,如果是互联网线路接入,接入服务器根据接入请求从预设VPN网关集群中选取第二VPN网关。Step 115, if it is Internet line access, the access server selects a second VPN gateway from the preset VPN gateway cluster according to the access request.

在本实施例中,如果通过互联网线路接入,接入请求中不仅携带接入方式,还携带待接入的VPN类型。通过步骤115选取第二VPN网关的过程包括:接入服务器根据接入请求确定VPN类型;接入服务器根据该VPN类型从预设VPN网关集群中选取第二目标网关集群;接入服务器从该第二目标网关集群中选取第二VPN网关。特别的,为了实现负载均衡,该接入服务器选取第二VPN网关的过程包括:通过轮询的方式,从第二目标网关集群中获取访问压力最小的第二VPN网关。In this embodiment, if the access is via an Internet line, the access request not only carries the access method, but also carries the type of VPN to be accessed. The process of selecting the second VPN gateway through step 115 includes: the access server determines the VPN type according to the access request; the access server selects the second target gateway cluster from the preset VPN gateway cluster according to the VPN type; the access server selects the second target gateway cluster from the first VPN gateway cluster; The second VPN gateway is selected from the second target gateway cluster. In particular, in order to achieve load balancing, the process of selecting the second VPN gateway by the access server includes: obtaining the second VPN gateway with the least access pressure from the second target gateway cluster in a polling manner.

步骤116,接入服务器向该第二VPN网关发送接入请求。Step 116, the access server sends an access request to the second VPN gateway.

步骤117,第二VPN网关接收接入服务器发送的接入请求,并根据该接入请求建立与用户终端的第二沟通逻辑通道。Step 117, the second VPN gateway receives the access request sent by the access server, and establishes a second communication logical channel with the user terminal according to the access request.

本发明具有如下有益效果:通过接入服务器接收接入请求,并根据接入请求确定接入的方式;当接入的方式是VPDN线路接入时,接入服务器向LNS服务器发送该接入请求,使LNS服务器对接入请求进行验证,并在验证失败时,向用户终端返回验证结果。由于通过接入服务器统一接收所有用户终端发送的接入请求,因此可以通过接入服务器统一对互联网线路接入和VPDN线路接入进行调度,使本发明实施例提供的技术方案解决了现有技术中由于互联网线路接入和VPDN线路接入是相互独立,用户无法进行统一调度。此外,该方案通过同一个接入服务器对所有用户终端发送的接入请求进行管理,还能降低硬件成本并提高管理效率。The present invention has the following beneficial effects: the access request is received by the access server, and the access mode is determined according to the access request; when the access mode is VPDN line access, the access server sends the access request to the LNS server , so that the LNS server verifies the access request, and returns the verification result to the user terminal when the verification fails. Since the access requests sent by all user terminals are uniformly received through the access server, the Internet line access and VPDN line access can be uniformly scheduled through the access server, so that the technical solution provided by the embodiment of the present invention solves the problem of the prior art Since Internet line access and VPDN line access are independent of each other, users cannot perform unified scheduling. In addition, the solution manages the access requests sent by all user terminals through the same access server, which can also reduce hardware costs and improve management efficiency.

实施例4Example 4

如图5所示,本实施例提供的移动终端接入方法,包括:As shown in Figure 5, the mobile terminal access method provided in this embodiment includes:

步骤501,用户终端向预设接入服务器发送接入请求。该过程与图1所示的步骤101相似,在此不再一一赘述。Step 501, the user terminal sends an access request to a preset access server. This process is similar to step 101 shown in FIG. 1 , and will not be repeated here.

步骤502,接入服务器监听是否接收到接入请求。Step 502, the access server monitors whether an access request is received.

在本实施例中,当步骤502的监听结果为是时,执行步骤503;否则,重新执行步骤502。In this embodiment, when the monitoring result of step 502 is yes, step 503 is executed; otherwise, step 502 is re-executed.

步骤503,接入服务器根据该接入请求确定接入的方式。Step 503, the access server determines the access mode according to the access request.

步骤504至步骤507,如果接入方式是VPDN线路接入,通过LNS服务器进行验证,并在验证结果为验证失败时,向用户终端返回验证失败的消息。上述过程与图1所示的步骤103至步骤106相似,在此不再一一赘述。From step 504 to step 507, if the access mode is VPDN line access, verify through the LNS server, and return a message of verification failure to the user terminal when the verification result is verification failure. The above process is similar to step 103 to step 106 shown in FIG. 1 , and will not be repeated here.

本发明具有如下有益效果:通过接入服务器接收接入请求,并根据接入请求确定接入的方式;当接入的方式是VPDN线路接入时,接入服务器向LNS服务器发送该接入请求,使LNS服务器对接入请求进行验证,并在验证失败时,向用户终端返回验证结果。由于通过接入服务器统一接收所有用户终端发送的接入请求,因此可以通过接入服务器统一对互联网线路接入和VPDN线路接入进行调度,使本发明实施例提供的技术方案解决了现有技术中由于互联网线路接入和VPDN线路接入是相互独立,用户无法进行统一调度。此外,该方案通过同一个接入服务器对所有用户终端发送的接入请求进行管理,还能降低硬件成本并提高管理效率。The present invention has the following beneficial effects: the access request is received by the access server, and the access mode is determined according to the access request; when the access mode is VPDN line access, the access server sends the access request to the LNS server , so that the LNS server verifies the access request, and returns the verification result to the user terminal when the verification fails. Since the access requests sent by all user terminals are uniformly received through the access server, the Internet line access and VPDN line access can be uniformly scheduled through the access server, so that the technical solution provided by the embodiment of the present invention solves the problem of the prior art Since Internet line access and VPDN line access are independent of each other, users cannot perform unified scheduling. In addition, the solution manages the access requests sent by all user terminals through the same access server, which can also reduce hardware costs and improve management efficiency.

实施例5Example 5

如图6所示,本实施例提供的移动终端接入方法,包括:As shown in Figure 6, the mobile terminal access method provided in this embodiment includes:

步骤601至步骤602,用户终端向接入服务器发送接入请求,接入服务器根据接入请求确定接入的方式。该过程与图1所示的步骤101至步骤102相似,在此不再一一赘述。From step 601 to step 602, the user terminal sends an access request to the access server, and the access server determines the access mode according to the access request. This process is similar to step 101 to step 102 shown in FIG. 1 , and will not be repeated here.

步骤603,接入服务器判断其是否支持该接入的方式。Step 603, the access server judges whether it supports the access mode.

在本实施例中,如果通过步骤603确定接入服务器支持该接入方式,则执行步骤604。In this embodiment, if it is determined in step 603 that the access server supports the access mode, step 604 is executed.

步骤604至步骤607,如果接入方式是VPDN线路接入,通过LNS服务器进行验证,并在验证结果为验证失败时,向用户终端返回验证失败的消息。上述过程与图1所示的步骤103至步骤106相似,在此不再一一赘述。From step 604 to step 607, if the access mode is VPDN line access, verify through the LNS server, and return a message of verification failure to the user terminal when the verification result is verification failure. The above process is similar to step 103 to step 106 shown in FIG. 1 , and will not be repeated here.

进一步的,如图7所示,如果通过步骤603确定接入服务器不支持该接入方式,本实施例提供的移动终端接入方法,还包括:Further, as shown in FIG. 7, if it is determined in step 603 that the access server does not support the access method, the mobile terminal access method provided in this embodiment further includes:

步骤608,接入服务器向用户终端发送不支持该接入方法的消息。Step 608, the access server sends a message that the access method is not supported to the user terminal.

本发明具有如下有益效果:通过接入服务器接收接入请求,并根据接入请求确定接入的方式;当接入的方式是VPDN线路接入时,接入服务器向LNS服务器发送该接入请求,使LNS服务器对接入请求进行验证,并在验证失败时,向用户终端返回验证结果。由于通过接入服务器统一接收所有用户终端发送的接入请求,因此可以通过接入服务器统一对互联网线路接入和VPDN线路接入进行调度,使本发明实施例提供的技术方案解决了现有技术中由于互联网线路接入和VPDN线路接入是相互独立,用户无法进行统一调度。此外,该方案通过同一个接入服务器对所有用户终端发送的接入请求进行管理,还能降低硬件成本并提高管理效率。The present invention has the following beneficial effects: the access request is received by the access server, and the access mode is determined according to the access request; when the access mode is VPDN line access, the access server sends the access request to the LNS server , so that the LNS server verifies the access request, and returns the verification result to the user terminal when the verification fails. Since the access requests sent by all user terminals are uniformly received through the access server, the Internet line access and VPDN line access can be uniformly scheduled through the access server, so that the technical solution provided by the embodiment of the present invention solves the problem of the prior art Since Internet line access and VPDN line access are independent of each other, users cannot perform unified scheduling. In addition, the solution manages the access requests sent by all user terminals through the same access server, which can also reduce hardware costs and improve management efficiency.

本发明实施例提供的移动终端接入方法,可以应用在接入终端多样化、安全要求高的国家电子政务外网等信息系统中。The mobile terminal access method provided by the embodiment of the present invention can be applied to information systems such as national e-government extranets with diversified access terminals and high security requirements.

以上实施例的先后顺序仅为便于描述,不代表实施例的优劣。The sequence of the above embodiments is only for convenience of description, and does not represent the advantages or disadvantages of the embodiments.

最后应说明的是:以上实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围。Finally, it should be noted that: the above embodiments are only used to illustrate the technical solutions of the present invention, rather than to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those of ordinary skill in the art should understand that: it can still be Modifications are made to the technical solutions described in the foregoing embodiments, or equivalent replacements are made to some of the technical features; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the spirit and scope of the technical solutions of the various embodiments of the present invention.

Claims (9)

1. a mobile terminal cut-in method, is characterized in that, comprising:
S10, user terminal send access request to default access server, and described access server can unify the access request receiving the transmission of all user terminals, carries access way in described access request;
S20, described access server receive the access request that described user terminal sends, and determine the mode of access according to described access request;
If the mode of S30 access is the access of VPDN circuit, described access server sends described access request to default LNS server;
S40, described LNS server are verified described access request after receiving the access request of described access server transmission, are verified result, and return this result to described access server;
S50, described access server receive the result that described LNS server returns;
S60, when described the result is authentication failed, described access server returns the message of authentication failed to described user terminal.
2. mobile terminal cut-in method according to claim 1, is characterized in that, also comprise:
S70, when described the result is for being proved to be successful, described access server returns prompting user to described user terminal and inputs the prompting message of VPN information;
S80, described user terminal are pointed out after receiving the prompting message of described access server transmission;
S90, described user terminal receive the VPN information of user according to prompting input, and send to described access server, carry VPN type to be accessed in described VPN information;
S91, described access server receive the VPN information that described user terminal sends, and from default vpn gateway cluster, choose the first vpn gateway according to described VPN information;
S92, described access server send described VPN information to described first vpn gateway;
S93, described first vpn gateway receive the VPN information that described access server sends, and link up logical channel according to described VPN information foundation with first of described user terminal.
3. mobile terminal cut-in method according to claim 1, is characterized in that, described S91, comprising:
S911, described access server determine VPN type according to described VPN information;
S912, described access server choose first object gateway cluster according to this VPN type from default vpn gateway cluster;
S913, described access server choose the first vpn gateway from described first object gateway cluster.
4. mobile terminal cut-in method according to claim 2, is characterized in that, also comprise:
S94, described user terminal receive the authentication information of user's input, and send described authentication information by described first communication logical channel to described first vpn gateway;
S95, described first vpn gateway receive the authentication information that described user terminal sends, and carry out authentication according to described authentication information.
5. mobile terminal cut-in method according to claim 1, is characterized in that, also comprise:
S96 is if the Internet lines access, and described access server chooses the second vpn gateway according to described access request from default vpn gateway cluster; Described access request also carries VPN type to be accessed;
S97, described access server send described access request to described second vpn gateway;
S98, described second vpn gateway receive the access request that described access server sends, and link up logical channel according to described access request foundation with second of described user terminal.
6. mobile terminal cut-in method according to claim 5, is characterized in that, described S94, comprising:
S941, described access server determine VPN type according to described access request;
S942, described access server choose the second intended gateway cluster according to this VPN type from default vpn gateway cluster;
S943, described access server choose the second vpn gateway from described second intended gateway cluster.
7. mobile terminal cut-in method as claimed in any of claims 1 to 6, is characterized in that, described S20, comprising:
S201, described access server monitor whether receive access request; If so, S202 is performed; Otherwise, re-execute described S201;
The mode accessed determined by described S202, described access server according to this access request.
8. mobile terminal cut-in method as claimed in any of claims 1 to 6, is characterized in that, before described S30, also comprises:
S21, described access server judge its mode whether supporting this access; If supported, perform described S30.
9. mobile terminal cut-in method according to claim 8, is characterized in that, also comprise:
S22, if do not supported, described access server sends the message not supporting the mode of this access to described user terminal.
CN201410709812.3A 2014-11-28 2014-11-28 Mobile terminal access method Active CN104486191B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410709812.3A CN104486191B (en) 2014-11-28 2014-11-28 Mobile terminal access method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410709812.3A CN104486191B (en) 2014-11-28 2014-11-28 Mobile terminal access method

Publications (2)

Publication Number Publication Date
CN104486191A true CN104486191A (en) 2015-04-01
CN104486191B CN104486191B (en) 2018-06-22

Family

ID=52760697

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410709812.3A Active CN104486191B (en) 2014-11-28 2014-11-28 Mobile terminal access method

Country Status (1)

Country Link
CN (1) CN104486191B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108616515A (en) * 2018-04-09 2018-10-02 华北水利水电大学 A kind of processing method of enterprise communication information
WO2019209497A1 (en) * 2018-04-24 2019-10-31 Microsoft Technology Licensing, Llc Virtual private network gateway management

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1747436A (en) * 2005-10-24 2006-03-15 杭州华为三康技术有限公司 Access method and system for client end of virtual private network
US20060187942A1 (en) * 2005-02-22 2006-08-24 Hitachi Communication Technologies, Ltd. Packet forwarding apparatus and communication bandwidth control method
CN101197835A (en) * 2007-12-27 2008-06-11 华为技术有限公司 Virtual private network access method, system and device
CN101599904A (en) * 2009-06-26 2009-12-09 中国电信股份有限公司 The method and system that a kind of virtual dial-up safe inserts
CN102523583A (en) * 2011-12-07 2012-06-27 福建星网锐捷网络有限公司 VPDN multi-access point backup access method and equipment
CN103188351A (en) * 2011-12-27 2013-07-03 中国电信股份有限公司 IPSec VPN communication service processing method and system under IPv6 environment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060187942A1 (en) * 2005-02-22 2006-08-24 Hitachi Communication Technologies, Ltd. Packet forwarding apparatus and communication bandwidth control method
CN1747436A (en) * 2005-10-24 2006-03-15 杭州华为三康技术有限公司 Access method and system for client end of virtual private network
CN101197835A (en) * 2007-12-27 2008-06-11 华为技术有限公司 Virtual private network access method, system and device
CN101599904A (en) * 2009-06-26 2009-12-09 中国电信股份有限公司 The method and system that a kind of virtual dial-up safe inserts
CN102523583A (en) * 2011-12-07 2012-06-27 福建星网锐捷网络有限公司 VPDN multi-access point backup access method and equipment
CN103188351A (en) * 2011-12-27 2013-07-03 中国电信股份有限公司 IPSec VPN communication service processing method and system under IPv6 environment

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108616515A (en) * 2018-04-09 2018-10-02 华北水利水电大学 A kind of processing method of enterprise communication information
WO2019209497A1 (en) * 2018-04-24 2019-10-31 Microsoft Technology Licensing, Llc Virtual private network gateway management
US10749971B2 (en) 2018-04-24 2020-08-18 Microsoft Technology Licensing, Llc Virtual private network gateway management

Also Published As

Publication number Publication date
CN104486191B (en) 2018-06-22

Similar Documents

Publication Publication Date Title
CN111865598B (en) Identity verification method and related device for network function service
KR102478442B1 (en) Method for setting pdu type, method for setting ue policy, and related entities
CN106161496B (en) The remote assistance method and device of terminal, system
CN106685917B (en) The realization method and system that internet of things equipment and controller are intelligently bound
CN103152331B (en) The method, system and the cloud server that log in/register is carried out by mobile terminal
CN112997447B (en) Timestamp-based access processing for wireless devices
WO2014048236A1 (en) Method and apparatus for registering terminal
EP3185619B1 (en) Method and device for connecting to network
US20140165160A1 (en) Method and apparatus for controlling access between home device and external server in home network system
CN102780922B (en) DTV channel search method and channel searching system
CN106572517A (en) Network slice processing method, access network selecting method and apparatus
EP3007385B1 (en) Terminal peripheral control method, m2m gateway, and communications system
US9417887B2 (en) Method and apparatus for bootstrapping gateway in device management system
WO2022067831A1 (en) Method and apparatus for establishing secure communication
WO2018045983A1 (en) Information processing method and device, and network system
CN105007164A (en) Centralized safety control method and device
CN105072149A (en) Method and device for building remote communication through proxy gateway
CN103945378B (en) A kind of authentication method and equipment middleware of terminal collaboration
CN104486191B (en) Mobile terminal access method
CN104104564B (en) Equipment room establishes the method and device based on WIFI LANs automatically in private clound
CN105162769A (en) Gateway authority transfer method and gateway authority transfer device
CN113596792B (en) Binding method and device of electronic equipment, storage medium and electronic device
CN114666097B (en) Communication method and system of Internet of things equipment
CN104468293A (en) VPN access method
CN104994158A (en) Method for safely controlling household appliance through centralized gateway

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant