US 9,813,380 B2
Method, apparatus, and network system for terminal to traverse private network to communicate with server in IMS core network
Aiping Chen, Hangzhou (CN); Chengjiao Nie, Hangzhou (CN); and Zhanbing Zhang, Cairo (EG)
Assigned to HUAWEI TECHNOLOGIES CO., LTD., Shenzhen (CN)
Filed by HUAWEI TECHNOLOGIES CO., LTD., Shenzhen, Guangdong (CN)
Filed on Aug. 17, 2015, as Appl. No. 14/827,644.
Application 14/827,644 is a division of application No. 13/770,014, filed on Feb. 19, 2013, granted, now 9,172,559.
Application 13/770,014 is a continuation of application No. PCT/CN2011/071659, filed on Mar. 10, 2011.
Claims priority of application No. 2010 1 0264191 (CN), filed on Aug. 20, 2010.
Prior Publication US 2015/0358281 A1, Dec. 10, 2015
Int. Cl. H04L 29/06 (2006.01); H04L 12/66 (2006.01); H04L 12/46 (2006.01)
CPC H04L 63/029 (2013.01) [H04L 12/4633 (2013.01); H04L 12/4641 (2013.01); H04L 12/66 (2013.01); H04L 63/0272 (2013.01); H04L 65/1016 (2013.01); H04L 63/0281 (2013.01); H04L 63/0428 (2013.01); H04L 63/166 (2013.01)] 22 Claims
OG exemplary drawing
 
1. A method performed by a terminal in a private network to communicate with a network server in an internet protocol multimedia subsystem (IMS) network, comprising:
constructing a first service packet, including:
setting a source address of the first service packet as a virtual IP address allocated by the IMS network to the terminal; and
setting a destination address of the first service packet as an address of the network server in the IMS network, wherein the first service packet contains service data to be sent to the network server;
encapsulating the first service packet into a first tunnel packet, wherein a source IP address of the first tunnel packet is a real IP address of the terminal, and a destination IP address of the first tunnel packet is an IP address of a security tunnel gateway located at an edge of the IMS network;
sending the first tunnel packet to the security tunnel gateway over a virtual private network (VPN) tunnel between the terminal and the security tunnel gateway, for the security tunnel gateway to deliver the first service packet to the network server;
sending a configuration information request packet over the VPN tunnel to the security tunnel gateway after the VPN tunnel is set up successfully; and
receiving configuration information returned by the security tunnel gateway, wherein the configuration information includes the address of the network server, a first mask of the network server, the virtual IP address allocated by the IMS network to the terminal, and a second mask allocated by the security tunnel gateway to the terminal.