Research On Remote Access VPN System On Mobile Wireless Scenario

While wireless access technology has experienced a rapid growth in recently years, a number of security concerns have been raised for wireless networks in general. TCP is originally designed only for wired network and assumes that any loss is due to congestion. However, it is different in wireless situation in that wireless errors are more likely to occur than congestion. Such non-congestion packet loss, when dealt with invoking a congestion control algorithm, resulting in degrade end-to-end performance. At the same time, many exist approach can not work when the encryption is used in the communication. So the security mechanism and TCP improving mechanism compatibility also is taken into considering of our works. But in the large-scale application of VPN system, face the different software in NDIS(Network Device Interface System) kernel frame conflict, simultaneously the kernel module development, the transplant, maintains question so difficulty.This paper deeply analyses the popular architecture and implement technology based on Windows VPN system structure, simultaneously aims at embed terminal characteristic, proposed one kind new based on virtual Network card technology. The produced system has realized this technical system structure in WinCE VPN, could fundamentally solve the above problem.Aiming at the performance problem of wireless VPN apply , this paper proposed a new end-to-end TCP performance improving mechanism, by using the interval movement cumulated of the packets received time on receiver, which can estimate the wireless link condition. Then it marks the ELN(Explicit Loss Notification)bit to notify the sender。The sender checks the ACK ELN mark of the received packet and saves it into a global variable. After the third DupAck received or a RTO event occurring, the sender uses the mark to decide whether to halve or not the congest window. As a result, loss of packet and link error become transparence to the sender and TCP could be modified so as to refrain from going into congestion avoidance. Comparing the TCP Reno and the modified TCP ,by simulations using NS2,the results show it achieves great improvement on mobile wireless networks and can work together with current security mechanism.