CN100394747C - Wireless VPN Router - Google Patents
Wireless VPN Router Download PDFInfo
- Publication number
- CN100394747C CN100394747C CNB2006100274030A CN200610027403A CN100394747C CN 100394747 C CN100394747 C CN 100394747C CN B2006100274030 A CNB2006100274030 A CN B2006100274030A CN 200610027403 A CN200610027403 A CN 200610027403A CN 100394747 C CN100394747 C CN 100394747C
- Authority
- CN
- China
- Prior art keywords
- module
- virtual private
- private network
- wireless
- network routing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000013461 design Methods 0.000 claims abstract description 6
- 230000006870 function Effects 0.000 claims description 36
- 238000012545 processing Methods 0.000 claims description 21
- 230000001360 synchronised effect Effects 0.000 claims description 14
- 239000013078 crystal Substances 0.000 claims description 13
- 230000005540 biological transmission Effects 0.000 claims description 12
- 238000006243 chemical reaction Methods 0.000 claims description 6
- 230000006854 communication Effects 0.000 abstract description 7
- 238000004891 communication Methods 0.000 abstract description 6
- 230000009977 dual effect Effects 0.000 abstract description 3
- 238000007726 management method Methods 0.000 description 23
- 238000010586 diagram Methods 0.000 description 6
- 238000000034 method Methods 0.000 description 6
- 239000004065 semiconductor Substances 0.000 description 6
- 230000007246 mechanism Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000013332 literature search Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000000275 quality assurance Methods 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
一种无线虚拟专网路由器,属于无线通信技术领域。本发明包括:硬件平台、虚拟专网路由模块,硬件平台采用嵌入式设计,由核心板和接口板组成,核心板和接口板通过双立直插连接器连接,虚拟专网路由模块由支撑程序模块和管理程序模块组成,虚拟专网路由模块直接工作在硬件平台上,硬件平台启动后,虚拟专网路由模块在核心板提供的空间上自动运行实现虚拟专网路由功能,同时通过输出控制信号给接口板管理无线广域网接入,虚拟专网路由模块通过支撑程序模块实现虚拟专网路由,管理程序模块通过WEB界面对硬件平台和支撑程序模块进行配置和管理。本发明能大大减低设备成本,而且能减少故障点,提供稳定的无线安全网络接入。
A wireless virtual private network router belongs to the technical field of wireless communication. The present invention includes: a hardware platform and a virtual private network routing module. The hardware platform adopts an embedded design and is composed of a core board and an interface board. The core board and the interface board are connected by a dual vertical in-line connector. It is composed of the management program module, and the virtual private network routing module directly works on the hardware platform. After the hardware platform is started, the virtual private network routing module automatically runs on the space provided by the core board to realize the virtual private network routing function, and at the same time outputs the control signal to the The interface board manages the wireless wide area network access, the virtual private network routing module implements virtual private network routing through the supporting program module, and the management program module configures and manages the hardware platform and the supporting program module through the WEB interface. The invention can greatly reduce equipment cost, reduce fault points, and provide stable wireless security network access.
Description
技术领域 technical field
本发明涉及一种无线通信技术领域的路由器,具体涉及一种无线虚拟专网路由器。The invention relates to a router in the technical field of wireless communication, in particular to a wireless virtual private network router.
背景技术 Background technique
随着互联网访问的增加,传统的互联网接入服务已越来越满足不了用户需求,因为传统的互联网只提供浏览、电子邮件等单一服务,没有服务质量保证,没有权限和安全机制,VPN(虚拟专网)能解决这些问题。虚拟专网的组网方式为企业提供了一种低成本的网络基础设施,并增加了企业网络功能,扩大了其专用网的范围。有线接入+虚拟专网方式已经得到企业用户的认可。但是无线接入+虚拟专网方式由于无线应用环境一直得不到广泛的发展。近年来无线数据通信发展迅速,尤其是GPRS/CDMA1x2.5G网络的快速发展,无线接入+虚拟专网方式已经在速度和稳定性能方面被人们接受,正越来越受到人们的重视,同时由于无线接入+虚拟专网方式独有的移动性,价格低廉以及快速方便施工等特点得到了广泛的应用。With the increase of Internet access, traditional Internet access services can no longer meet the needs of users, because the traditional Internet only provides single services such as browsing and e-mail, without service quality assurance, authority and security mechanisms, VPN (virtual private network) can solve these problems. The networking method of virtual private network provides a low-cost network infrastructure for enterprises, and increases the functions of enterprise network and expands the scope of its private network. The way of wired access + virtual private network has been recognized by enterprise users. However, the wireless access + virtual private network method has not been widely developed due to the wireless application environment. In recent years, wireless data communication has developed rapidly, especially the rapid development of GPRS/CDMA1x2.5G network. The unique mobility, low price and fast and convenient construction of the wireless access + virtual private network mode have been widely used.
经对现有技术的文献检索发现,中国专利申请号为:CN200410012761.5,发明名称:基于GPRS/CDMA20001X的通用无线透明VPN网桥系统传输方法,该专利给出了采用GPRS/CDMA20001X无线接入实现虚拟专网的方式,该方式能利用无线网络实现虚拟专网功能:使用该系统异地机构在与总部进行数据信息交换时将感觉不到地域间隔的存在,等同在同一企业内部局域网上进行信息交换。同时该系统对数据的传输具有高度加密和鉴权机制。但是具体实施方法采用了无线虚拟专网终端+虚拟专网网关,这样不仅成本昂贵,设备庞大而且故障点多。无线广域网虚拟专网路由器能代替无线虚拟专网终端+虚拟专网网关的具体实现方式,研究基于无线广域网的虚拟专网路由器是整个无线网络的能否大规模推广使用的关键,研究该路由器是当务之急。After searching the literature of the prior art, it is found that the Chinese patent application number is: CN200410012761.5, and the title of the invention: the transmission method of the general wireless transparent VPN bridge system based on GPRS/CDMA20001X. The way to realize the virtual private network, which can use the wireless network to realize the function of the virtual private network: using this system, the remote organization will not feel the existence of the geographical gap when exchanging data information with the headquarters, which is equivalent to conducting information on the intranet of the same enterprise. exchange. At the same time, the system has a highly encrypted and authenticated mechanism for data transmission. However, the specific implementation method adopts wireless virtual private network terminal + virtual private network gateway, which is not only expensive, but also has huge equipment and many failure points. The wireless WAN virtual private network router can replace the wireless virtual private network terminal + virtual private network gateway. The research on the virtual private network router based on the wireless wide area network is the key to the large-scale promotion and use of the entire wireless network. The research on the router is It is imperative.
路由器成千上万,但广域网的无线虚拟专网路由器一直是设计中的一个难点,主要原因在于无线网络的复杂性。进一步文献检索,发现目前国内外还没有一款无线广域网虚拟专网路由器。There are thousands of routers, but the wireless virtual private network router of the wide area network has always been a difficult point in the design, the main reason is the complexity of the wireless network. Further literature search found that there is no wireless WAN virtual private network router at home and abroad.
发明内容 Contents of the invention
本发明的克服现有技术中的不足,提供一种无线虚拟专网路由器,使其既满足无线数据传输又具有虚拟专网安全的特性,能够适合于需要无线安全传输数据的使用环境。The present invention overcomes the deficiencies in the prior art and provides a wireless virtual private network router, which not only meets wireless data transmission but also has the characteristics of virtual private network security, and is suitable for use environments that require safe wireless data transmission.
本发明是通过以下技术方案实现的,本发明包括:硬件平台、虚拟专网路由模块。所述的硬件平台采用嵌入式设计,由核心板和接口板组成,核心板和接口板通过双立直插连接器连接。所述的虚拟专网路由模块由支撑模块和管理模块组成。虚拟专网路由模块直接工作在硬件平台上。硬件平台启动后,虚拟专网路由模块在核心板提供的空间上自动运行实现虚拟专网路由功能,同时通过输出控制信号给接口板管理无线广域网接入。虚拟专网路由模块通过支撑模块实现虚拟专网路由,管理模块通过WEB界面对硬件平台和支撑模块进行配置和管理。The present invention is realized through the following technical solutions, and the present invention includes: a hardware platform and a virtual private network routing module. The hardware platform adopts an embedded design, and is composed of a core board and an interface board, and the core board and the interface board are connected through a dual vertical plug connector. The virtual private network routing module is composed of a support module and a management module. The virtual private network routing module directly works on the hardware platform. After the hardware platform is started, the virtual private network routing module automatically runs on the space provided by the core board to realize the virtual private network routing function, and at the same time outputs control signals to the interface board to manage wireless wide area network access. The virtual private network routing module implements virtual private network routing through the support module, and the management module configures and manages the hardware platform and the support module through the WEB interface.
所述的核心板,包括核心板电源模块、中央处理模块、外部晶体、复位模块、看门狗模块、闪存模块、同步动态存储模块。核心板电源模块与中央处理模块、外部晶体、复位模块、看门狗模块、闪存模块、同步动态存储模块直接相连,给整个核心板供电。以中央处理模块为中心,外部晶体、复位模块、看门狗模块直接与中央处理模块连接。外部晶体提供片外振源,复位模块提供必要可靠的上电复位,看门狗模块用来保证硬件的稳定运行。闪存模块通过32位总线与中央处理器连接,同步动态存储模块通过32位总线与中央处理器连接,同时闪存模块与同步动态存储模块也是通过32位总线连接。闪存模块实现数据和程序的存储,而同步动态存储模块提供程序运行的空间,保证程序的运行。The core board includes a core board power supply module, a central processing module, an external crystal, a reset module, a watchdog module, a flash memory module, and a synchronous dynamic storage module. The core board power supply module is directly connected with the central processing module, external crystal, reset module, watchdog module, flash memory module, and synchronous dynamic storage module to supply power to the entire core board. Taking the central processing module as the center, the external crystal, the reset module and the watchdog module are directly connected with the central processing module. The external crystal provides an off-chip oscillator, the reset module provides necessary and reliable power-on reset, and the watchdog module is used to ensure the stable operation of the hardware. The flash memory module is connected to the central processing unit through a 32-bit bus, the synchronous dynamic storage module is connected to the central processing unit through a 32-bit bus, and the flash memory module and the synchronous dynamic storage module are also connected through a 32-bit bus. The flash memory module realizes the storage of data and programs, and the synchronous dynamic storage module provides the space for program operation to ensure the operation of the program.
所述的接口板包括接口板电源模块、网络模块、串口模块、无线模块,接口板电源模块直接与网络模块、串口模块、无线模块连接,为整个接口板供电。其中网络模块、串口模块、无线模块均通过双立直插连接器直接和核心板连接。网络模块提供10/100M网络接口,串口模块实现串口电平转换功能。无线模块实现GPRS/CDMA1x无线数据传输的功能。The interface board includes an interface board power module, a network module, a serial port module, and a wireless module. The interface board power module is directly connected with the network module, the serial port module, and the wireless module to supply power for the entire interface board. Among them, the network module, the serial port module and the wireless module are all directly connected to the core board through the dual vertical in-line connector. The network module provides a 10/100M network interface, and the serial port module realizes the serial port level conversion function. The wireless module realizes the function of GPRS/CDMA1x wireless data transmission.
所述的虚拟专网路由模块包括:支撑模块和管理模块。其中支撑模块采用嵌入式Linux,以满足本发明设备硬件部件资源少的限制。同时该模块能直接提供TCP/IP支持,而不必外挂TCP/IP协议包,从基础上保证了系统的稳定性。本发明中,支撑模块采用Openswan(自由天鹅,一种开放源代码的Linux程序)来实现Ipsec(IP安全)协议,该协议作用于TCP/IP层,从而实现虚拟专网路由功能。管理模块内置Web服务器,通过在IE浏览器内键入192.168.10.1,就可以通过Web界面管理配置本发明设备。管理模块管理内容包括对硬件的管理和虚拟专网路由功能的管理。支撑模块是管理模块的基础,管理模块通过Web界面给用户方便的管理手段。The virtual private network routing module includes: a support module and a management module. Wherein the supporting module adopts embedded Linux to meet the limitation of few resources of the equipment hardware components of the present invention. At the same time, the module can directly provide TCP/IP support without external TCP/IP protocol package, which basically guarantees the stability of the system. In the present invention, the supporting module adopts Openswan (free swan, a kind of open source Linux program) to realize the Ipsec (IP security) protocol, which acts on the TCP/IP layer, thereby realizing the virtual private network routing function. The management module has a built-in web server, and by typing 192.168.10.1 in the IE browser, the device of the present invention can be managed and configured through the web interface. The management content of the management module includes the management of the hardware and the management of the virtual private network routing function. The support module is the basis of the management module, and the management module provides users with convenient management methods through the Web interface.
本发明设备硬件平台实现无线广域网接入,虚拟专网路由模块通过支撑模块实现虚拟专网路由功能,本发明创新地通过虚拟专网路由模块中的管理模块将硬件平台和支撑模块连续起来。从而使得硬件和虚拟专网路由模块成为一个有机的整体,整体实现无线广域网虚拟专网路由器。The device hardware platform of the present invention realizes wireless wide area network access, and the virtual private network routing module realizes the virtual private network routing function through the supporting module. The present invention innovatively connects the hardware platform and the supporting module through the management module in the virtual private network routing module. Therefore, the hardware and the virtual private network routing module become an organic whole, and the wireless wide area network virtual private network router is realized as a whole.
本发明的有益效果是,在无线虚拟专网网络应用环境中,本发明用一个设备代替现有的两个设备,不但能大大减低设备成本,而且能减少故障点,提供稳定的无线安全网络接入。The beneficial effect of the present invention is that, in the application environment of the wireless virtual private network, the present invention replaces the existing two devices with one device, which can not only greatly reduce the cost of the device, but also reduce the points of failure and provide a stable wireless security network access. enter.
附图说明 Description of drawings
图1是本发明总体框图。Fig. 1 is the overall block diagram of the present invention.
图2是本发明硬件平台的结构框图。Fig. 2 is a structural block diagram of the hardware platform of the present invention.
图3是本发明部分配置管理界面图。Fig. 3 is a partial configuration management interface diagram of the present invention.
图4是本发明实施例工作流程图。Fig. 4 is a working flowchart of the embodiment of the present invention.
具体实施方式 Detailed ways
图1给出了整个无线虚拟专网路由器的框架总图,其中硬件平台是基础,虚拟专网路由模块工作在硬件平台上,该模块包括支撑模块和管理模块。其中支撑模块采用嵌入式Linux,包括驱动层、文件系统、协议层和应用层。驱动层包括网络驱动、串口驱动。协议层包括PPP(点对点)协议、TCP/IP协议。文件系统包括Ramdisk(内存磁盘文件系统)、JFFS2(闪存文件系统)。应用层包括Telnet(远程登录),网页管理,Socket(管道)通信,串口通信以及Openswan。虚拟专网路由模块通过支撑模块实现虚拟专网路由,管理模块通过WEB界面对硬件平台和支撑模块进行配置和管理。Figure 1 shows the general frame diagram of the entire wireless VPN router, in which the hardware platform is the foundation, and the VPN routing module works on the hardware platform, which includes a support module and a management module. The support module adopts embedded Linux, including driver layer, file system, protocol layer and application layer. The driver layer includes network driver and serial port driver. The protocol layer includes PPP (point-to-point) protocol and TCP/IP protocol. The file system includes Ramdisk (memory disk file system), JFFS2 (flash file system). The application layer includes Telnet (remote login), web page management, Socket (pipeline) communication, serial port communication and Openswan. The virtual private network routing module implements virtual private network routing through the support module, and the management module configures and manages the hardware platform and the support module through the WEB interface.
图2给出硬件平台的方框图。所述的硬件平台采用嵌入式设计,由核心板和接口板组成,其中核心板以中央处理模块为中心,外部晶体提供片外振源,闪存模块实现数据和程序的存储,而同步动态存储模块提供程序运行的空间,保证程序的运行,其中闪存模块以及同步动态存储模块通过32位总线连接。核心板电源模块给整个核心板提供电源。复位模块直接与中央处理模块连接,提供必要可靠的上电复位。看门狗模块直接与中央处理模块连接,用来保证硬件的稳定运行。接口板中的网络模块提供10/100M网络接口,串口模块实现串口电平的转换。接口板电源模块提供整个接口板电源。无线模块实现GPRS/CDMA1x无线数据传输的功能。核心板和接口板通过DIP(双列直插)连接器相连,通过双列直插连接器把核心板和接口板的信号连接起来。Figure 2 shows the block diagram of the hardware platform. The hardware platform adopts an embedded design and consists of a core board and an interface board. The core board is centered on the central processing module, the external crystal provides an off-chip vibration source, the flash memory module realizes the storage of data and programs, and the synchronous dynamic storage module Provide the space for the program to run and ensure the running of the program, in which the flash memory module and the synchronous dynamic memory module are connected through a 32-bit bus. The core board power supply module provides power for the entire core board. The reset module is directly connected with the central processing module to provide necessary and reliable power-on reset. The watchdog module is directly connected with the central processing module to ensure the stable operation of the hardware. The network module in the interface board provides a 10/100M network interface, and the serial port module implements serial port level conversion. The interface board power module provides the power for the entire interface board. The wireless module realizes the function of GPRS/CDMA1x wireless data transmission. The core board and the interface board are connected through a DIP (dual-in-line) connector, and the signals of the core board and the interface board are connected through the dual-in-line connector.
所述的中央处理模块,可以采用三星半导体公司的S3C2410芯片,该芯片具有实点运算处理功能,其主要技术参数为:32位数据和地址接口,最高运行频率为203Mhz。在本发明中实行协调处理程序的功能。The central processing module can adopt the S3C2410 chip of Samsung Semiconductor Company, which has a real-point arithmetic processing function, and its main technical parameters are: 32-bit data and address interface, and the highest operating frequency is 203Mhz. In the present invention, the function of the coordinating handler is implemented.
所述的闪存模块,可采用英特尔半导体公司的E28F128芯片,该芯片具有存储数据的功能,其主要技术参数包括大小为16Mbit(比特),工作电压为3.3V,实现程序和数据的储存单元。Described flash memory module, can adopt the E28F128 chip of Intel Semiconductor Corporation, and this chip has the function of storing data, and its main technical parameter comprises that size is 16Mbit (bit), and operating voltage is 3.3V, realizes the storage unit of program and data.
所述的同步动态存储模块,可采用现代半导体公司的K4S561632,2片设计,该芯片具有动态存储数据的功能,其技术参数为32Mbits,工作电压为3.3V,在本发明中作为程序的运行单元,实现程序运行,存储零时数据的功能。Described synchronous dynamic memory module, can adopt the K4S561632 of modern semiconductor company, 2 chip design, this chip has the function of dynamic storage data, and its technical parameter is 32Mbits, and working voltage is 3.3V, in the present invention as the running unit of program , to realize the function of running the program and storing zero-time data.
所述的外部晶体,采用进亚电子公司的无源晶振,该芯片具有无电源起振的功能,其技术参数为振动频率为12Mhz,在本发明中作为振源,为中央处理模块提供片外振源。Described external crystal adopts the passive crystal oscillator of Jinya Electronics Co., Ltd., and this chip has the function of starting without power supply. Its technical parameter is that the vibration frequency is 12Mhz. In the present invention, as the source of vibration, it provides the off-chip source of vibration.
所述的核心板电源模块,采用欧森美半导体公司的ON1117-1.8芯片,该芯片具有提供稳定1.8V电压的功能,其主要技术参数为稳压纹波系数为5%,稳压电压为1.8V,在本发明中实现为核心板提供1.8V稳定电源的功能。The core board power supply module adopts the ON1117-1.8 chip of Ou Senmei Semiconductor Company. This chip has the function of providing a stable 1.8V voltage. Its main technical parameters are that the voltage regulation ripple coefficient is 5%, and the voltage regulation voltage is 1.8 V realizes the function of providing 1.8V stable power supply for the core board in the present invention.
所述的复位模块,采用水晶半导体公司的cat809,该芯片具有上电自动复位功能,主要技术参数为复位电压为2.93V。在本发明中实现为中央处理模块提供稳定可靠的上电复位功能。The reset module adopts the cat809 of Crystal Semiconductor Company. The chip has an automatic reset function after power-on, and the main technical parameter is that the reset voltage is 2.93V. In the present invention, a stable and reliable power-on reset function is provided for the central processing module.
所述的看门狗模块,采用艾克公司的X25045芯片,该芯片具有电压监控的功能,其技术参数表现为门闩电压是2.93V。在本发明中实现电压监控,保证中央处理模块稳定运行的功能。The watchdog module adopts the X25045 chip of Ike Company, which has the function of voltage monitoring, and its technical parameters are as follows: the latch voltage is 2.93V. In the present invention, voltage monitoring is realized to ensure the stable operation of the central processing module.
所述的无线模块,采用华为公司的GTM900/CM320,其中GTM900芯片具有支持GPRS(通用无线分组服务)数据传输的功能,其主要技术参数为能支持三频850/900/1800MHz,在本发明中实现GPRS无线数据传输的功能。CM320芯片具有支持CDMA1x(码分多址,联通的一项数据业务)数据传输的功能,其主要技术参数为提供CDMA 2000接口,支持最高达153Kbps的全双工无线传输数据。在本发明中实现CDMA1x无线数据传输的功能。由于GTM900/CM320在上网的瞬间需要大电流,在此本发明采用米克尔公司的大电流低压降电源芯片MIC29302BT,该芯片具有价格便宜,输出电压可调节的功能,其主要技术参数为瞬间电流最大能支持到3A,用此芯片能保证GTM900/CM320拨号时稳定工作。Described wireless module adopts the GTM900/CM320 of Huawei, wherein the GTM900 chip has the function of supporting GPRS (General Packet Radio Service) data transmission, and its main technical parameter is to support triple frequency 850/900/1800MHz, in the present invention Realize the function of GPRS wireless data transmission. The CM320 chip has the function of supporting CDMA1x (Code Division Multiple Access, a data service of China Unicom) data transmission. Its main technical parameters are to provide CDMA 2000 interface and support full-duplex wireless transmission data up to 153Kbps. In the present invention, the function of CDMA1x wireless data transmission is realized. Since the GTM900/CM320 needs a large current at the moment of surfing the Internet, the present invention uses the high-current low-drop power chip MIC29302BT of Mikel Company, which has the function of low price and adjustable output voltage, and its main technical parameter is the instantaneous current It can support up to 3A, and this chip can ensure stable operation of GTM900/CM320 when dialing.
所述的网络模块,采用戴维康公司的DM9000E芯片,该芯片具有10/100M网络连接的功能,其技术参数为电压为3.3V,网络连接速度最高达100M。在本发明中实现网络连接,提供配置网口的功能。The network module adopts the DM9000E chip of Daweikang Company, which has the function of 10/100M network connection, and its technical parameters are that the voltage is 3.3V, and the network connection speed is up to 100M. In the present invention, the network connection is realized, and the function of configuring the network port is provided.
所述的接口板电源模块,采用欧森美公司的ON1117-3.3芯片,该芯片具有提供稳定3.3V电压的功能,其主要技术参数为稳压纹波系数为5%。稳压电压为3.3V。在本发明中实现为接口板提供3.3V稳定电压的功能。The interface board power supply module adopts the ON1117-3.3 chip of OSEMI, which has the function of providing a stable 3.3V voltage, and its main technical parameter is that the ripple coefficient of the voltage regulation is 5%. The regulated voltage is 3.3V. In the present invention, the function of providing 3.3V stable voltage for the interface board is realized.
所述的串口模块,采用美信半导体公司的MAX232芯片,该芯片具有电平转化的功能,其主要技术参数为工作电压为3.3V,最高速度为115Kbps(比特/秒),在本发明中该芯片完成串口电平转化的功能。Described serial port module adopts the MAX232 chip of Maxim Semiconductor Corporation, and this chip has the function of level conversion, and its main technical parameter is that working voltage is 3.3V, and maximum speed is 115Kbps (bit/second), and this chip in the present invention Complete the function of serial port level conversion.
在本发明中,核心板电路板为6层设计,接口板电路板为2层板设计。In the present invention, the circuit board of the core board is designed with 6 layers, and the circuit board of the interface board is designed with 2 layers.
图3给出了部分配置管理界面图,Web页面上允许的配置项根据功能划分为以下几个模块,每个模块对应一个页面,由面板上部的导航条选择进入:Figure 3 shows part of the configuration management interface diagram. The configuration items allowed on the web page are divided into the following modules according to their functions. Each module corresponds to a page, which can be accessed through the navigation bar on the upper part of the panel:
●MENU LIST:显示所有可用项目及简介。●MENU LIST: Display all available items and brief introduction.
●DEVICE STATUS:显示系统基本状态和配置情况。●DEVICE STATUS: Display the basic status and configuration of the system.
●BASIC SETTINGT:配置系统基本参数。●BASIC SETTINGT: configure the basic parameters of the system.
●SERIAL MODE SETTING:对远程中心服务器的连接设置。●SERIAL MODE SETTING: Connection settings to the remote central server.
●SYSTEM TOOLS:对本地终端的高级设置●SYSTEM TOOLS: Advanced settings for local terminals
●APPLYALL:重启系统。●APPLYALL: Restart the system.
图4是本发明实施例工作流程图。该图清晰描述了本发明工作流程。接通电源,核心板电源模块为系统提供电压,复位模块上电复位,晶振起振,中央处理模块开始工作。中央处理模块从闪存模块读取程序并且把部分程序调到同步动态存储模块中。在接通电源的同时接口板上的电源模块提供3.3V电压。无线模块开始工作。串口模块完成电平转化。这时网络模块完成初始化等待软件的进一步协调使用。虚拟专网路由模块被调到同步动态存储器后支撑模块开始工作,首先完成网络驱动,串口驱动,使得硬件能与软件正常配合工作。然后调用文件系统,包括磁盘内存文件系统和闪存管理文件系统。磁盘内存文件系统能读能写,但是电后数据不能保存,用来保存程序运行时产生的临时数据。而闪存管理文件系统是能读能写,但掉电后数据能保存,用来存储配置文件和程序,虚拟专网路由模块从文件系统中调用并启动协议层程序,先点对点拨号,设备拨号成功后支撑模块从GPRS/CDMA1x网络运营商那里得到IP,此时支撑模块会协调运行TCP/IP,建立TCP/IP。支撑模块自动运行应用层程序,在TCP/IP基础上建立远处登陆,网页管理,管道通信等进程,在建立通信进程的同时支撑模块自动运行自由天鹅,建立虚拟专网。管理模块在支撑模块启动的同时也开始工作。当虚拟专网成功建立后管理模块全面接管,用户就可以通过管理模块来管理协调控制硬件平台和虚拟专网路由功能。Fig. 4 is a working flowchart of the embodiment of the present invention. This figure clearly describes the workflow of the present invention. Turn on the power supply, the core board power supply module provides voltage for the system, the reset module is powered on and resets, the crystal oscillator starts to oscillate, and the central processing module starts to work. The central processing module reads programs from the flash memory module and transfers part of the programs to the synchronous dynamic storage module. The power module on the interface board provides 3.3V voltage when the power is turned on. The wireless module starts working. The serial port module completes level conversion. At this time, the network module completes the initialization and waits for further coordinated use of the software. After the virtual private network routing module is transferred to the synchronous dynamic memory, the supporting module starts to work. Firstly, the network driver and serial port driver are completed, so that the hardware and software can work together normally. Then call the file system, including disk memory file system and flash memory management file system. The disk memory file system can be read and written, but the data cannot be saved after power-on. It is used to save the temporary data generated when the program is running. The flash memory management file system can be read and written, but the data can be saved after power failure to store configuration files and programs. The virtual private network routing module calls and starts the protocol layer program from the file system. First, point-to-point dial-up, and the device dials successfully Afterwards, the support module obtains IP from the GPRS/CDMA1x network operator. At this time, the support module will coordinate and run TCP/IP to establish TCP/IP. The support module automatically runs the application layer program, establishes processes such as remote login, web page management, and pipeline communication on the basis of TCP/IP. While establishing the communication process, the support module automatically runs FreeSwan to establish a virtual private network. The management module starts working at the same time as the support module starts. When the virtual private network is successfully established, the management module takes over in an all-round way, and users can manage, coordinate and control the hardware platform and virtual private network routing functions through the management module.
Claims (5)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100274030A CN100394747C (en) | 2006-06-08 | 2006-06-08 | Wireless VPN Router |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006100274030A CN100394747C (en) | 2006-06-08 | 2006-06-08 | Wireless VPN Router |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1859341A CN1859341A (en) | 2006-11-08 |
| CN100394747C true CN100394747C (en) | 2008-06-11 |
Family
ID=37298204
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006100274030A Expired - Fee Related CN100394747C (en) | 2006-06-08 | 2006-06-08 | Wireless VPN Router |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100394747C (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101296145B (en) * | 2008-06-19 | 2010-12-08 | 上海交通大学 | Embedded wireless mesh network router |
| CN103002334A (en) * | 2012-12-17 | 2013-03-27 | 青岛海信宽带多媒体技术有限公司 | Wifi configuration method of digital television receiving terminal |
| CN104683251A (en) * | 2015-03-20 | 2015-06-03 | 北京瑞星信息技术有限公司 | Router |
| CN110445704A (en) * | 2019-08-09 | 2019-11-12 | 汪钢 | A kind of network system based on wireless private network router |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020069278A1 (en) * | 2000-12-05 | 2002-06-06 | Forsloew Jan | Network-based mobile workgroup system |
| CN1359215A (en) * | 2000-12-12 | 2002-07-17 | 阿尔卡塔尔公司 | Method for giving mobile terminal moveable property and radio interface equipment for executive said method |
| CN1467977A (en) * | 2002-07-08 | 2004-01-14 | 华为技术有限公司 | Method for enterprise wireless switchboard to access mobile virtual private network |
| CN1481081A (en) * | 2002-08-09 | 2004-03-10 | 富士通株式会社 | virtual private network system |
| US20050071681A1 (en) * | 2003-09-25 | 2005-03-31 | System Management Arts, Inc. | Model-based method and apparatus for determining virtual private network topologies |
| CN1677976A (en) * | 2004-03-19 | 2005-10-05 | 微软公司 | Viirtual private network structure reuse for mobile computing devices |
| WO2005109800A2 (en) * | 2004-04-26 | 2005-11-17 | Sprint Communications Company, L.P. | Integrated wireline and wireless end-to-end virtual private networking |
-
2006
- 2006-06-08 CN CNB2006100274030A patent/CN100394747C/en not_active Expired - Fee Related
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020069278A1 (en) * | 2000-12-05 | 2002-06-06 | Forsloew Jan | Network-based mobile workgroup system |
| CN1359215A (en) * | 2000-12-12 | 2002-07-17 | 阿尔卡塔尔公司 | Method for giving mobile terminal moveable property and radio interface equipment for executive said method |
| CN1467977A (en) * | 2002-07-08 | 2004-01-14 | 华为技术有限公司 | Method for enterprise wireless switchboard to access mobile virtual private network |
| CN1481081A (en) * | 2002-08-09 | 2004-03-10 | 富士通株式会社 | virtual private network system |
| US20050071681A1 (en) * | 2003-09-25 | 2005-03-31 | System Management Arts, Inc. | Model-based method and apparatus for determining virtual private network topologies |
| CN1677976A (en) * | 2004-03-19 | 2005-10-05 | 微软公司 | Viirtual private network structure reuse for mobile computing devices |
| WO2005109800A2 (en) * | 2004-04-26 | 2005-11-17 | Sprint Communications Company, L.P. | Integrated wireline and wireless end-to-end virtual private networking |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1859341A (en) | 2006-11-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101651743B (en) | Remote desktop access method for mobile phone terminal user | |
| CN102546477B (en) | A Multifunctional Gateway of Distributed Networked Embedded System | |
| CN103368809B (en) | Internet reverse penetration tunnel implementation method | |
| CN105159256B (en) | A kind of intelligent home control system based on Web service | |
| CN101854313A (en) | Remote access gateway surpassing NAT based on P2P-VPN technology | |
| CN111371880B (en) | Dial cloud server deployment method capable of dynamically switching IP | |
| CN104780054A (en) | Gateway used for controlling local area network to wake up or sleep | |
| CN100394747C (en) | Wireless VPN Router | |
| CN110519148B (en) | Method, system and storage medium for establishing VPN channel by multilink backup | |
| CN110838936A (en) | A distribution communication network management device and method | |
| CN114545860A (en) | A method of remote maintenance PLC based on IoT gateway | |
| CN115357308B (en) | Docker-based edge IoT agent device, system and application method | |
| CN100433645C (en) | Network device management method and network management system | |
| CN101719991B (en) | Video matrix protocol converter | |
| CN105553838A (en) | Embedded gateway for accessing Wi-Fi based on ARM-based PROFIBUS-DP and its communication method | |
| CN102984202B (en) | A kind of cross-over NAT equipment realizes the System and method for of Telnet webmaster | |
| CN104980356A (en) | Integrated smart home router and control method | |
| CN100407721C (en) | A Method for Supporting Multiple Instances of Network Server Based on Layer 2 Tunneling Protocol | |
| CN101764701A (en) | Network management system | |
| CN104683139A (en) | Remote operation and maintenance method of communication equipment | |
| CN103166994A (en) | Method and device of obtaining network data | |
| CN104935490A (en) | Mobile internet terminal accessing apparatus based on cloud virtual machine | |
| CN103312600B (en) | A kind of industrial bus gateway apparatus realizing the control of I/O rank based on wide area network application | |
| CN203261357U (en) | Novel universal Internet-of-things gateway | |
| CN102694792B (en) | Longitudinal encryption device for distribution network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20080611 Termination date: 20110608 |