| US 7,613,826 B2 | ||
| Methods and apparatus for providing multiple policies for a virtual private network | ||
| James N. Guichard, Groton, Mass. (US); W. Scott Wainner, Potomac Falls, Va. (US); Brian E. Weis, San Jose, Calif. (US); and Mohamed Khalid, Cary, N.C. (US) | ||
| Assigned to Cisco Technology, Inc., San Jose, Calif. (US) | ||
| Filed on Feb. 09, 2006, as Appl. No. 11/350,991. | ||
| Prior Publication US 2007/0186009 A1, Aug. 09, 2007 | ||
| Int. Cl. G06F 15/16 (2006.01) | ||
| U.S. Cl. 709—238 [709/227; 713/153] | 18 Claims |
| 1. In a device, in a network, a method of providing policies to a first and second traffic partition in the network, the method
comprising:
providing a request for a first and second policy from a policy server;
receiving the first policy from the policy server, the first policy indicating processing to be applied to the first traffic
partition passing through the device and the first policy defining a first encryption key and first address range within the
network;
receiving the second policy from the policy server, the second policy indicating processing to be applied to the second traffic
partition passing through the device and the second policy defining a second address range within the network;
configuring, for the first traffic partition within the device, the first policy within a first routing structure associated
with the first traffic partition with the first address range;
configuring, for the second traffic partition within the device, the second policy within a second routing structure associated
with the second traffic partition with the second address range, the second address range overlapping the first address range;
routing a first stream of traffic for the first routing structure in accordance with the first policy for the first routing
structure; and
routing a second stream of traffic for the second routing structure in accordance with the second policy for the second routing
structure.
|