1. Field of the Invention
The present invention relates to a Worldwide Interoperability for Microwave Access (WiMax) system having a private network. More particularly, the present invention relates to a method in which a mobile WiMax terminal accesses a private network using a mobile Internet Protocol (IP) address in a mobile WiMax network system having the private network.
2. Description of the Related Art
A conventional mobile WiMax network system having a private network is disclosed in Korean patent application No. 10-2007-0080867.
As illustrated in FIG. 1, the conventional mobile WiMax network system includes a private or an enterprise network 100 including a Web Content Management system (WCM) 110, a first firewall 120 having a Network Address Translation (NAT) function, a web Application Server (AS) 130, an Electronic-Multimedia Messaging Service (E-MMS) server 140, an IP Private Branch eXchange (PBX) 150, and a second firewall 121 connected to the Internet 1. A Public Switched Telephone Network (PSTN) 2, a wired phone and/or an IP phone may be connected to the IP PBX 150. The conventional WiMax network system further includes a Virtual Private Network (VPN) server 160, a private access control router 200, one or more Radio Access Stations (RASs) 30, and a core network 11 including an IP Multimedia Subsystem (IMS), an AS, an Authentication, Authorization, and Accounting (AAA) server, a Web Service Management (WSM) server, and a Domain Name System (DNS). In the conventional mobile WiMax network system, WiMax terminals 300-1, 300-2 and 300-3 may be in various states of connection and communication.
Even when the private network is configured through the public wireless Internet, the conventional mobile WiMax network system having the private network should be able to accommodate both general subscribers that use only the mobile WiMax network as well as local subscribers that use the private network. In the case of a private network associated with an enterprise in which internal security is important, a mobile WiMax network should classify local subscribers and general subscribers. Such classification is necessary to prohibit access by general subscribers to the private network through the mobile WiMax network and allow only the local subscribers to access the private network through the mobile WiMax network.
Of course, both the local subscribers and the general subscribers should be able to access the public Internet through the mobile WiMax network.
To meet the above requirement, Dynamic Host Configuration Protocol (DHCP) IP assignment is conventionally used.
The mobile WiMax terminal performs a DHCP request procedure to receive an IP address to be used when initially accessing the mobile WiMax network. Upon receipt of the request, a local mobile WiMax network system identifies the WiMax terminal as either a local or a general subscriber based on a Media Access Control (MAC) address of the WiMax terminal. The local mobile WiMax network system then assigns IP addresses in different IP subnet bands by classifying the local subscribers and the general subscribers.
After the mobile WiMax terminal receives an IP address and its associated IP subnet band, the terminal may attempt communication by transmission of IP packet data. Since every IP packet includes the IP address of the mobile WiMax terminal within an IP header, a firewall located at a boundary of the private network is able to detect the IP subnet associated with the IP address. Using the detected IP subnet band, the firewall, having previously been set to allow only corresponding bands to pass, determines if the WiMax terminal attempting access is assigned as a local subscriber. Therefore, the firewall allows only local subscribers to access the private network.
In the conventional mobile WiMax network system having the private network, the mobile WiMax terminal must perform the DHCP function to gain access to the private network.
However, a mobile WiMax terminal does not make a DHCP request when providing a mobile IP function (RFC 2002: IP Mobility Support). That is, a local subscriber's WiMax terminal supporting the mobile IP does not conventionally access the private network and only WiMax terminals using a simple IP address may receive a private network service.
When a mobile IP WiMax terminal 300-3 accesses the private network 100 in the conventional mobile WiMax network system, an operation as illustrated in FIG. 2 is performed.
Referring to FIG. 2, the home address of the WiMax terminal 300-3 supporting mobile IP is an IP address associated with a home agent 11-2 located in a core network 11. The WiMax terminal 300-3 is provided its home address from the home agent 11-2 regardless of whether the terminal is a local subscriber. The home agent 11-2 of the core network 11 is a server for managing locations of WiMax terminals supporting mobile IP.
It is assumed that the IP address of the WiMax terminal 300-3 supporting mobile IP is M9 and the IP address of the home agent 11-2 located in the core network 11 is M1.
Conventionally, the private access control router performs the DHCP server function. Accordingly, the private access control router assigns a simple IP address to the WiMax terminal, and assigns different IP subnets to the local subscribers and the general subscribers. Assuming that an IP subnet to be assigned to the local subscribers is a band A, access by the general subscribers to the private network is blocked by installing a firewall between the private network and the private access control router located in the mobile WiMax network.
When access to the private network is attempted by a mobile WiMax terminal, the firewall inspects an IP header of a packet received from the private access control router. The IP packet is discarded if a source IP address does not belong to a preset IP subnet of the local subscribers and is routed to the private network if the source IP address does belong to the preset IP subnet.
This is because the IP subnet of the local subscribers is the band A as illustrated in FIG. 2.
The private access control router 200 provides a foreign agent function for the mobile IP WiMax terminal 300-3 and generates a tunnel with the home agent 11-2 to enable the mobile IP WiMax terminal 300-3 to communicate with the core network 11.
Even when the WiMax terminal 300-3 moves between adjacent access control routers during mobile IP operation as illustrated in FIG. 1, for example from access control router 200 to access control router 20 in FIG. 1, a seamless service can be received without changing the IP address of the terminal.
When moving to the new access control router 20, the WiMax terminal 300-3 delivers its information to the home agent 11-2 (Mobile IP Registration) such that the home agent 11-2 can generate a tunnel with the new access control router 20 and detect a location change of the WiMax terminal 300-3.
While on the move, the WiMax terminal 300-3 can receive a seamless service by interworking with the access control router 20 and the home agent 11-2 without changing its IP address.
However, the WiMax terminal 300-3 does not change its IP address in the conventional mobile WiMax network system having the private network. Accordingly, when the WiMax terminal 300-3 attempts to send a packet to the private network 100, the private network 100 discards the packet when an IP subnet of a source IP address of the packet is not allowed. In this case, there is a problem in that any local subscriber may not access a private network (enterprise network).