[go: up one dir, main page]

CN118523981B - A VPN networking method and system for redirecting external network access data - Google Patents

A VPN networking method and system for redirecting external network access data Download PDF

Info

Publication number
CN118523981B
CN118523981B CN202410791651.0A CN202410791651A CN118523981B CN 118523981 B CN118523981 B CN 118523981B CN 202410791651 A CN202410791651 A CN 202410791651A CN 118523981 B CN118523981 B CN 118523981B
Authority
CN
China
Prior art keywords
vpn
networking
network
terminal device
router
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202410791651.0A
Other languages
Chinese (zh)
Other versions
CN118523981A (en
Inventor
刘天一
乔荣生
张小峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHANGHAI BEIRUI INFORMATION TECHNOLOGY CO LTD
Original Assignee
SHANGHAI BEIRUI INFORMATION TECHNOLOGY CO LTD
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHANGHAI BEIRUI INFORMATION TECHNOLOGY CO LTD filed Critical SHANGHAI BEIRUI INFORMATION TECHNOLOGY CO LTD
Priority to CN202410791651.0A priority Critical patent/CN118523981B/en
Publication of CN118523981A publication Critical patent/CN118523981A/en
Application granted granted Critical
Publication of CN118523981B publication Critical patent/CN118523981B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4641Virtual LANs, VLANs, e.g. virtual private networks [VPN]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/28Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
    • H04L12/46Interconnection of networks
    • H04L12/4633Interconnection of networks using encapsulation techniques, e.g. tunneling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/76Routing in software-defined topologies, e.g. routing between virtual machines
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/80Ingress point selection by the source endpoint, e.g. selection of ISP or POP
    • H04L45/85Selection among different networks
    • H04L45/851Dynamic network selection or re-selection, e.g. after degradation of quality

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Quality & Reliability (AREA)
  • Computer Security & Cryptography (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

一种重定向外网访问数据的VPN组网方法及系统,包括如下步骤:建立组网环境:在组网控制端,通过VPN技术将不在同一网络的至少一台支持网络转发功能的VPN路由器和至少一台终端设备加入到同一个VPN组网中;开启统一网络出口功能:在组网控制端将终端设备的网络出口设置为VPN路由器后,重启VPN组网程序,VPN组网程序根据配置信息,接收终端设备上所有的网络数据流量,并根据这些流量的流向在组网内流转或通过VPN组网程序转发至设置的VPN路由器上,再由VPN路由器进行转发。本发明可重定向所有外部网络访问数据到VPN组网,支持组网内成员设备完整地使用该组网功能,同时可方便地统计组网内成员的数据流量使用情况。

A VPN networking method and system for redirecting external network access data includes the following steps: establishing a networking environment: at a networking control end, at least one VPN router supporting a network forwarding function and at least one terminal device that are not in the same network are added to the same VPN networking through VPN technology; enabling a unified network exit function: after setting the network exit of the terminal device to the VPN router at the networking control end, restarting the VPN networking program, the VPN networking program receives all network data traffic on the terminal device according to the configuration information, and circulates within the network according to the flow direction of the traffic or forwards it to the set VPN router through the VPN networking program, and then forwarded by the VPN router. The present invention can redirect all external network access data to the VPN networking, support member devices within the networking to fully use the networking function, and conveniently count the data traffic usage of members within the networking.

Description

VPN networking method and system for redirecting access data of external network
Technical Field
The invention relates to the technical field of VPN networking, in particular to a VPN networking method and a VPN networking system for redirecting access data of an external network.
Background
VPN utilizes public network to set up private network, user's data is transmitted through ISP established logical Tunnel (Tunnel) in public network (Internet), i.e. point-to-point virtual private line, and the safety transmission of user's internal network data on public network is ensured by means of correspondent encryption and authentication technique, so that the proprietary of network data can be truly implemented. The VPN can simulate a point-to-point special connection mode to send data between two computers through a shared or public network, and can help users to realize remote access and establish a point-to-point reliable connection.
At present, the VPN networking is realized by opening the VPN networking function, and routes of other members in the networking are added into the routing tables of the VPN of the equipment in the networking opening process, so that data traffic on the equipment where the networking members are located only in the routing tables can be walked in the networking environment, and as for data traffic in other non-routing tables, the networking environment cannot be walked, and therefore, the problem that the networking members cannot use the complete networking function is caused, and the problem that an administrator cannot count all data traffic of the equipment where the networking members are located is caused. In addition, in the android system, when the VPN program intercepts external network access data, if no corresponding forwarding server exists, the data cannot be sent out, and the whole equipment cannot access the internet.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide a VPN networking method for redirecting the access data of an external network, which can change the direct access of the access data of the network outside the VPN networking on terminal equipment such as a mobile phone and the like into the access of the access data of the network outside the VPN networking through a communication channel in the networking, and the access after forwarding by a router, thereby enabling members in the networking to fully use the networking function and conveniently counting all data traffic of the members. The invention also provides a VPN networking system for realizing the method.
The invention is realized by the following technical scheme:
a VPN networking method for redirecting access data of an external network, comprising the steps of:
S1, establishing a networking environment, namely adding at least one VPN router supporting a network forwarding function and at least one terminal device into the same VPN network through a VPN server by utilizing a VPN technology at a networking control end, wherein a VPN networking program is installed on the terminal device, and the VPN router is embedded with a corresponding VPN networking program. The terminal device and the VPN router may be in the same network or in different networks.
S2, starting a unified network outlet function, namely after a network outlet of the terminal equipment is set as one of the VPN routers at a networking control end, restarting a VPN networking program on the terminal equipment, receiving all network data traffic on the terminal equipment by adding an open route mode according to configuration information by the VPN networking program, and transferring the network data traffic in the networking according to the flow direction of the traffic or forwarding the network data traffic to the set VPN router by the VPN networking program, and forwarding the network data traffic by the VPN router to complete the unified network outlet function so as to be convenient for counting the traffic of each terminal equipment.
Further, when the VPN networking program in the step S2 receives all network data traffic on the terminal equipment, the method further comprises the steps of establishing mqtt long connection, monitoring the change of network outlet configuration information in real time through the mqtt long connection, if the network outlet configuration information is detected to be changed, disconnecting the VPN connection, restarting the VPN networking program, adding an open route according to the changed network outlet configuration information, receiving all network data traffic on the terminal equipment, and forwarding the traffic to a newly configured VPN router through the VPN networking program.
In the step S2, the flow flows in the networking or are forwarded to the VPN router through a VPN networking program according to the flow directions of the flow flows, and then the VPN router forwards the flow; if the traffic is the traffic outside the networking, the members in the VPN networking are screened, the information of the members of the VPN router set as the network outlet is screened, the data is forwarded to the members of the VPN router through the communication channel in the VPN networking, and then the data is forwarded by the data forwarding function of the members of the VPN router.
Further, the method comprises the step of verifying whether the network outlet setting is effective, wherein the method comprises the steps of carrying out packet grabbing on the bound VPN router to check whether the network outlet setting of the terminal equipment is effective, or judging whether the network outlet setting is effective by inquiring the ip address of the terminal equipment, and if the ip address is consistent with the bound VPN router, evaluating that the network outlet setting is effective.
Further, querying the ip address of the terminal device may be performed on a browser of the terminal device.
Further, the step S1 comprises the steps of firstly determining members needing networking, and then adding each networking member at a networking control end according to the SN/UID/SID of the networking member, if the networking member is not in a member list, adding the networking member in a member adding mode.
In step S2, the device terminal logs in to the VPN networking program through the account password, and after logging, actively queries configuration information of its network outlet.
Further, the VPN router is bound with an account number and a password.
Further, the terminal equipment is an android mobile phone or an android tablet.
A VPN networking system for redirecting external network access data adopts the VPN networking method for redirecting external network access data, and comprises a networking control program, a VPN server, at least one VPN router and at least one terminal device, wherein each terminal device is used for networking through the VPN server and the networking control program, each terminal device is provided with the VPN networking program, the networking control program can be installed on a PC, the VPN router is connected with the networking control program, the VPN router is embedded with the corresponding VPN networking program and has a network forwarding function, and the network outlet of the terminal device is set as one of the VPN routers on the networking control program.
The invention sets VPN router for transmitting data in networking, and sets the network outlet of terminal equipment such as mobile phone as the VPN router, so that all flow data of terminal equipment flows through the VPN router, concretely, the data in networking flows in networking directly, the data outside networking is transmitted through the outlet router, thus realizing redirecting all external network access data outside VPN networking to VPN networking, supporting the complete use of networking function by member equipment in networking, for example, ensuring the safety of data, enjoying alarming strategy in networking, monitoring large screen, accelerating and limiting speed limit, limiting operation of access of internal network and external network, and simultaneously counting the data flow of all members in networking.
Drawings
Fig. 1 is a schematic diagram of a networking environment according to the present invention.
Fig. 2 is a schematic diagram of another networking environment of the present invention.
Fig. 3 is a schematic diagram of VPN networking redirection of the present invention to external network access data.
Fig. 4 is a schematic diagram of monitoring network egress configuration information according to the present invention.
Fig. 5 is an illustration of the operation of networking in an embodiment of the present invention.
Fig. 6 is an operation explanatory diagram of the network egress configuration in the embodiment of the present invention.
Fig. 7 is another operation explanatory diagram of the network egress configuration in the embodiment of the present invention.
Fig. 8 is a schematic structural diagram of the VPN networking system according to the present invention.
Fig. 9 is a schematic diagram of another configuration of the VPN networking system according to the present invention.
Fig. 10 is a schematic diagram of still another configuration of the VPN networking system according to the present invention.
Detailed Description
A VPN networking method for redirecting access data of an external network, comprising the steps of:
S1, establishing a networking environment, namely adding at least one VPN router supporting a network forwarding function and at least one terminal device into the same VPN network by using a VPN technology through a VPN server at a networking control end, so that the networking environment is established.
As shown in FIG. 1, a VPN network comprises a VPN server, at least one VPN router and a terminal device, wherein the VPN router is used for network forwarding, a corresponding VPN networking program is embedded in the router, the VPN router can be used as a networking member to be added into a VPN networking environment, the terminal device can be a mobile phone, a tablet and the like, the VPN router and the terminal device can be in the same network or not in the same network, and interconnection and intercommunication among the devices can be realized through VPN. The networking members can be set according to the actual situation, as shown in fig. 2, a plurality of mobile phones, PCs and other terminal devices are arranged, and can mutually access through VPN networking, and can also remotely access a resource server and an intranet. And the terminal equipment is provided with a VPN networking program.
The networking method comprises the specific steps of determining members needing networking, and adding networking members according to SN/UID/SID of the networking members at a networking control end, wherein if the networking members are not in a member list, the networking members are added in a member adding mode.
The VPN router is bound with an account, a networking control end can be logged in through the account, and the router can be searched on the networking control end through the account. The terminal equipment is also registered and allocated with an account number and password, the VPN networking program can be logged in through the account number and password, after the VPN networking program is started, a virtual ip address in a network is allocated, and the communication of the members in the network can be carried out through the virtual ip, so that the operations of resource access, sharing and the like can be realized in the network.
S2, starting a unified network outlet function, namely carrying out networking configuration at a networking control end, setting a network outlet of terminal equipment as one of the VPN routers, restarting a VPN networking program on the terminal equipment after the configuration is completed, logging in the VPN networking program by an account number password, actively inquiring configuration information of the network outlet after logging in, receiving all network data traffic on the terminal equipment according to the configuration information by adding an open route mode, and transferring the network data traffic in the networking according to the flow direction of the traffic or forwarding the network data traffic to the set VPN router by the VPN networking program, wherein the VPN router is used for forwarding, and compared with the general networking, the VPN router only can count traffic data in the networking and cannot count data outside the networking.
If there is a plurality of VPN routers in the network, the network outlet of each terminal device in the network can be set as any one of the VPN routers according to the situation. If the network where the terminal equipment is located is already connected with a router, then the network outlet of the terminal equipment is set as another VPN router, the network flow of the terminal equipment firstly passes through the router of the network where the terminal equipment is located, then flows to the VPN router set as the network outlet, and finally the data is forwarded.
When the VPN networking program in the S2 step receives all network data traffic on the terminal equipment, as shown in fig. 4, the method further comprises the steps of establishing mqtt long connection, monitoring the change condition of the network outlet configuration information of the terminal equipment in real time through the mqtt long connection, disconnecting the VPN connection if the network outlet configuration information is detected to be changed, restarting the VPN networking program, adding open routes according to the changed network outlet configuration information, receiving all network data traffic on the terminal equipment, and forwarding the traffic to a newly configured VPN router through the VPN networking program. If not, the VPN networking state is continuously maintained.
The method for transferring the data flow comprises the steps that a VPN networking program detects whether the forwarded flow is the flow in the networking, if the forwarded flow is the flow in the networking, the flow is forwarded in the networking through a VPN server, the process is the same as the flow of data in the networking when the conventional VPN is networking, if the forwarded flow is the flow outside the networking, members in the VPN networking are screened, member information set as a network outlet is screened, the data is forwarded to the members through a communication channel in the VPN networking, and then the data is forwarded through a data forwarding function on the members.
After the network egress setup, it may also be verified whether the network egress setup is valid by (1) performing a packet-grabbing on the bound VPN router to see if the network egress setup of the terminal device is valid. (2) Judging whether the network outlet setting is effective or not by inquiring the ip address of the terminal equipment, if the ip address is consistent with the VPN router bound with the terminal equipment, evaluating the network outlet setting to be effective, and inquiring the ip address of the terminal equipment can be carried out on a browser of the terminal equipment.
The following illustrates specific setup and operation steps of the networking control end of the present invention, and specific embodiments of the present invention.
1. Networking, as shown in fig. 5, a "remote networking" menu is set on the networking control terminal platform interface, a "network member" option is set under the networking control terminal platform interface, a member list is displayed in the "network member" card, and the SN/UID/SID number, intranet IP, virtual IP and the like of the member can be checked from the member list. When the member is not in the list, the member can be added through the function box of 'add member' on the interface, the member comprises 'hardware member' and 'software member', the hardware member refers to a router which can be used for forwarding data, at least one hardware member, namely a VPN router, needs to exist in one VPN network, and the software member is terminal equipment, such as a mobile phone, a tablet and the like. And adding the hardware and the software into the same networking to complete the networking.
The networking control end platform is only required to be installed on a PC capable of networking, the hardware member VPN router is bound with an account, and networking can be completed on the platform through the account and the login networking control end platform. The software member terminal equipment is provided with a corresponding VPN networking program, and after registering the account number and the password, the user can log in the VPN networking program to finish subsequent operation.
2. Setting a software member network outlet, specifically, as shown in fig. 6 and fig. 7, selecting a corresponding software member at a networking control end platform, selecting more- > network outlet options in a member operation column, selecting a corresponding VPN router in a popup window, wherein the VPN router is also a hardware member in the networking, and changing the state into an open state. The terminal device does not need to be connected with the network of the router, and a 5G network or wifi capable of connecting with other networks can be used.
3. Taking a mobile phone as an example, a software member logs in the software member through an account password on a VPN networking program installed on the mobile phone, and after logging in successfully, configuration information of a network outlet can be actively inquired.
4. The mobile phone end opens the VPN networking program again, in the networking process, the mobile phone end can check the network outlet configuration information, if the configured network outlet function is detected, the VPN networking program can additionally increase an open route for receiving all network data traffic (i.e. traffic generated by all software on the mobile phone) on the mobile phone equipment when the VPN is created, and meanwhile, the VPN networking program can monitor the change of the network outlet configuration information in real time through the established mqtt long connection. If the VPN is changed, the VPN is disconnected, and then the network is re-established according to the changed information, and if the VPN is not changed, the networking state of the VPN is maintained.
5. When the mobile phone terminal sends data, the VPN networking program can detect whether the data are the flow in the networking, if the data are the flow in the networking, the flow still can be transmitted in the networking through the VPN server, if the data are the flow outside the networking, the VPN member can be screened for one time, a router which is set as an outlet is screened, the data are forwarded to the router member through a communication channel (a forwarding channel and a p2p channel) in the networking, and then the data are forwarded by a data forwarding function on the member, so that the specific sending flow is shown in the figure. In this way, the flow data used on the mobile phone can be unified to the router in the networking and sent out under any network, and the network access data outside the VPN networking on the mobile phone is changed from direct access to access after passing through a communication channel in the networking once and is accessed after being forwarded by the router.
A VPN networking system for redirecting external network access data adopts the VPN networking method for redirecting external network access data, and comprises a VPN router, terminal equipment, networking control programs and a VPN server, wherein at least one of the VPN router and the terminal equipment can be as shown in fig. 8, and also can comprise a plurality of VPN routers and a plurality of terminal equipment as shown in fig. 2, 9 and 10, each terminal equipment carries out networking through the VPN server and the networking control programs, each terminal equipment is provided with the VPN networking program, the networking control programs are arranged at the networking control end, the networking control programs can be arranged on a PC, the VPN router is connected with the networking control programs, the VPN router is embedded with corresponding VPN networking programs and has a network forwarding function, and the network outlet of the terminal equipment is set as one of the VPN routers on the networking control programs. The VPN router and the terminal device may be in the same network or in different networks, and only need to be in environments with networks. The VPN server side is used for providing networking control function and can comprise a server, wherein the VPN server side distributes virtual IP to each member accessing to the networking through a networking control program so as to realize networking function and realize external network access data redirection through the method.
Taking fig. 2 as an example, terminal devices (mobile phones and PCs) in the networking are networked through a VPN server, the networking further comprises an internal corporate network, and a resource server connected in the networking through a VPN router, the resource server can provide data resources, after a network outlet of the terminal devices is set as the VPN router in the networking, the terminal devices (mobile phones and PCs) can share the resources provided by the resource server, can access the internal network and can also access the external network, and data forwarding is performed between the terminal devices and the external network through the set VPN router, namely, the data traffic of the external network is also in the VPN networking, the traffic of the terminal devices can be easily counted, and meanwhile, the terminal devices can also enjoy complete networking functions, such as ensuring the safety of data, high data flow rate and the like, because the internal and external data are all in the networking.
The foregoing detailed description is directed to embodiments of the invention which are not intended to limit the scope of the invention, but rather to cover all modifications and variations within the scope of the invention.

Claims (6)

1.一种重定向外网访问数据的VPN组网方法,其特征在于,包括如下步骤:1. A VPN networking method for redirecting external network access data, characterized in that it includes the following steps: S1、建立组网环境:在组网控制端,利用VPN技术通过VPN服务端将至少一台支持网络转发功能的VPN路由器和至少一台终端设备加入到同一个VPN组网中,所述终端设备上安装有VPN组网程序,所述VPN路由器内嵌有相应的VPN组网程序;S1. Establishing a networking environment: At the networking control end, using VPN technology through the VPN server to add at least one VPN router supporting network forwarding function and at least one terminal device to the same VPN networking, wherein the terminal device is installed with a VPN networking program, and the VPN router is embedded with a corresponding VPN networking program; S2、开启统一网络出口功能:在组网控制端将终端设备的网络出口设置为其中一个所述VPN路由器后,终端设备重启其上的VPN组网程序,VPN组网程序根据配置信息,通过添加开放路由的方式,接收终端设备上所有的网络数据流量,并根据这些流量的流向在组网内流转或通过VPN组网程序转发至设置的所述VPN路由器上,再由VPN路由器进行转发,完成统一网络出口功能,以便于统计各终端设备的流量;所述终端设备通过账号密码登录VPN组网程序,登录后会主动查询其网络出口的配置信息;所述VPN路由器绑定有账号,通过该账号可登陆组网控制端;S2. Enable the unified network egress function: After the network egress of the terminal device is set to one of the VPN routers at the networking control end, the terminal device restarts the VPN networking program thereon. The VPN networking program receives all network data traffic on the terminal device by adding an open route according to the configuration information, and circulates the traffic within the network or forwards it to the set VPN router through the VPN networking program according to the flow direction of the traffic, and then forwards it by the VPN router to complete the unified network egress function, so as to facilitate the statistics of the traffic of each terminal device; the terminal device logs in to the VPN networking program with an account and password, and after logging in, it will actively query the configuration information of its network egress; the VPN router is bound to an account, and the networking control end can be logged in through the account; S2步骤中VPN组网程序接收终端设备上所有的网络数据流量时,还包括:建立mqtt长连接,并通过所述mqtt长连接实时监听网络出口配置信息的改动,如检测到网络出口配置信息有改动,则断开VPN连接,重启VPN组网程序,根据改动的网络出口配置信息添加开放路由,接收终端设备上所有的网络数据流量,并将这些流量通过VPN组网程序转发至新配置的VPN路由器上;When the VPN networking program receives all network data traffic on the terminal device in step S2, it also includes: establishing an MQTT persistent connection, and monitoring changes in network exit configuration information in real time through the MQTT persistent connection, if changes in the network exit configuration information are detected, disconnecting the VPN connection, restarting the VPN networking program, adding an open route according to the changed network exit configuration information, receiving all network data traffic on the terminal device, and forwarding the traffic to the newly configured VPN router through the VPN networking program; S2步骤中根据这些流量的流向在组网内流转或通过VPN组网程序转发至设置的所述VPN路由器上,再由VPN路由器进行转发,其方法为:VPN组网程序检测转发的流量是否是组网内的流量,如为组网内的流量,则通过VPN服务端在组网内转发该流量;如为组网外的流量,则对VPN组网内的成员进行筛选,筛选出被设置为网络出口的VPN路由器成员信息,再通过VPN组网内的通信通道将数据转发到该VPN路由器成员上,之后再由该VPN路由器成员的数据转发功能将数据转发出去。In step S2, the traffic flows in the network or is forwarded to the VPN router through the VPN networking program according to the flow direction of the traffic, and then forwarded by the VPN router. The method is as follows: the VPN networking program detects whether the forwarded traffic is the traffic within the network. If it is the traffic within the network, the traffic is forwarded within the network through the VPN server; if it is the traffic outside the network, the members within the VPN network are screened, and the VPN router member information set as the network exit is screened out, and then the data is forwarded to the VPN router member through the communication channel within the VPN network, and then the data forwarding function of the VPN router member forwards the data out. 2.根据权利要求1所述的一种重定向外网访问数据的VPN组网方法,其特征在于,还包括验证网络出口设置是否生效的步骤,其方法为:在绑定的VPN路由器上进行抓包查看终端设备的网络出口设置是否生效;或者通过查询终端设备的ip地址来判断其网络出口设置是否生效,如ip地址与其绑定的VPN路由器一致,则评定网络出口设置生效。2. According to the VPN networking method for redirecting external network access data as described in claim 1, it is characterized in that it also includes the step of verifying whether the network exit setting is effective, and the method is: capturing packets on the bound VPN router to check whether the network exit setting of the terminal device is effective; or judging whether its network exit setting is effective by querying the IP address of the terminal device, if the IP address is consistent with the VPN router bound to it, then the network exit setting is evaluated to be effective. 3.根据权利要求2所述的一种重定向外网访问数据的VPN组网方法,其特征在于,查询终端设备的ip地址可在该终端设备的浏览器上进行。3. A VPN networking method for redirecting external network access data according to claim 2, characterized in that querying the IP address of the terminal device can be performed on the browser of the terminal device. 4.根据权利要求1所述的一种重定向外网访问数据的VPN组网方法,其特征在于,S1步骤包括:首先确定需要组网的成员;再在组网控制端,根据组网成员的SN/UID/SID添加各组网成员,如组网成员不在成员列表中,则通过添加成员的方式添加组网成员。4. According to a VPN networking method for redirecting external network access data as described in claim 1, it is characterized in that step S1 includes: first determining the members who need to be networked; then at the networking control end, adding each networking member according to the SN/UID/SID of the networking member. If the networking member is not in the member list, the networking member is added by adding members. 5.根据权利要求1所述的一种重定向外网访问数据的VPN组网方法,其特征在于,所述终端设备为安卓手机或安卓平板。5. A VPN networking method for redirecting external network access data according to claim 1, characterized in that the terminal device is an Android mobile phone or an Android tablet. 6.一种重定向外网访问数据的VPN组网系统,采用如权利要求1至5任一项所述的重定向外网访问数据的VPN组网方法,其特征在于,包括组网控制程序、VPN服务端、至少一台VPN路由器和至少一台终端设备,各所述终端设备通过所述VPN服务端和组网控制程序进行组网,各所述终端设备上均安装有VPN组网程序;所述VPN路由器与组网控制程序相连,VPN路由器内嵌有相应的VPN组网程序,其具有网络转发功能,在所述组网控制程序上将所述终端设备的网络出口设置为其中一个所述的VPN路由器。6. A VPN networking system for redirecting external network access data, using the VPN networking method for redirecting external network access data as described in any one of claims 1 to 5, characterized in that it includes a networking control program, a VPN server, at least one VPN router and at least one terminal device, each of the terminal devices is networked through the VPN server and the networking control program, and each of the terminal devices is installed with a VPN networking program; the VPN router is connected to the networking control program, and the VPN router is embedded with a corresponding VPN networking program, which has a network forwarding function, and the network exit of the terminal device is set to one of the VPN routers on the networking control program.
CN202410791651.0A 2024-06-19 2024-06-19 A VPN networking method and system for redirecting external network access data Active CN118523981B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410791651.0A CN118523981B (en) 2024-06-19 2024-06-19 A VPN networking method and system for redirecting external network access data

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410791651.0A CN118523981B (en) 2024-06-19 2024-06-19 A VPN networking method and system for redirecting external network access data

Publications (2)

Publication Number Publication Date
CN118523981A CN118523981A (en) 2024-08-20
CN118523981B true CN118523981B (en) 2025-06-06

Family

ID=92274296

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410791651.0A Active CN118523981B (en) 2024-06-19 2024-06-19 A VPN networking method and system for redirecting external network access data

Country Status (1)

Country Link
CN (1) CN118523981B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113765765A (en) * 2021-08-11 2021-12-07 西安四叶草信息技术有限公司 Data transmission system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10212167B2 (en) * 2016-02-27 2019-02-19 Gryphon Online Safety, Inc. Method and system to enable controlled safe internet browsing
KR102207135B1 (en) * 2017-06-23 2021-01-25 주식회사 케이티 Method for transmitting data of terminal, the terminal and control method of data transmission
CN109120726A (en) * 2018-10-30 2019-01-01 全讯汇聚网络科技(北京)有限公司 A kind of multi-router VPN automatic network-building method and system based on collection medium-long range control
CN118118422A (en) * 2024-03-28 2024-05-31 中国电信股份有限公司 Traffic forwarding method and device and electronic equipment

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113765765A (en) * 2021-08-11 2021-12-07 西安四叶草信息技术有限公司 Data transmission system

Also Published As

Publication number Publication date
CN118523981A (en) 2024-08-20

Similar Documents

Publication Publication Date Title
US7673048B1 (en) Methods and apparatus for establishing a computerized device tunnel connection
CN107409079B (en) System and method for global virtual network
EP1437020B1 (en) System and method for enabling mobile edge services
US9197600B2 (en) Smart router
US9015855B2 (en) Secure tunneling platform system and method
CN101729543B (en) Method for improving performance of mobile SSL VPN by utilizing remote Socks5 technology
JP2018518862A (en) System and method for providing virtual interfaces and advanced smart routing in a global virtual network (GVN)
CN101212374A (en) Method and system for realizing remote access to campus network resources
US9253160B2 (en) Methods, systems, and media for secure connection management and automatic compression over metered data connections
CN1647451B (en) Apparatus, method and system for monitoring information in a network environment
CN101702717A (en) A method, system and equipment for Portal authentication
JP7398251B2 (en) How to remotely control video cameras and video surveillance systems
CN105871881A (en) Portal authentication method based on Openwrt router
CN103179104B (en) A kind of access method of remote service, system and equipment thereof
CN111194035A (en) Network connection method, device and storage medium
US10177973B2 (en) Communication apparatus, communication method, and communication system
CN102118313A (en) Method and device for detecting internet protocol (IP) address
CN118523981B (en) A VPN networking method and system for redirecting external network access data
CN102075588B (en) Method and system for realizing network address translation (NAT) transversing and equipment
CN106899635B (en) Method and device for realizing fixed communication port of file transfer protocol data link
CN106454817B (en) A kind of wlan authentication method and system, AP equipment
CN105991641A (en) Portal authentication method and portal authentication device
CN112769670B (en) VPN data security access control method and system
CN115883256B (en) Data transmission method, device and storage medium based on encryption tunnel
EP3882779B1 (en) Internet connection management system for information communication device, method therefor, and internet connection management program installed in information communication device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant