	US 12,463,935 B2
	Controller-based distributed remote access with static public IP avoidance
Amjad Inamdar, Bengaluru (IN); Syed Arslan Ahmed, Karnataka (IN); and Anoop V A, Bengaluru (IN)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Jan. 12, 2023, as Appl. No. 18/153,930.
Prior Publication US 2024/0244029 A1, Jul. 18, 2024
Int. Cl. H04L 61/2567 (2022.01); H04L 9/40 (2022.01); H04L 61/256 (2022.01)

CPC H04L 61/2567 (2013.01) [H04L 61/2564 (2013.01); H04L 63/061 (2013.01); H04L 63/0876 (2013.01)]

20 Claims

1. A method of implementing controller-based distributed remote access, comprising:

connecting a plurality of edge devices to a controller via a network, the plurality of edge devices performing hole punching to traverse a network address translation (NAT) gateway to create a NAT hole and detecting an auto discovery request from the plurality of edge devices via SaaS-based secure-onboarding;

connecting a client device to the controller comprising:

pre-provisioning the client device with identification information of the controller; and

authenticating the client device using an identity provider;

receiving, at the controller and from the client device, a request to connect to an edge device of the plurality of edge devices;

determining, by the controller and based on the request, at least one of a first attribute of the client device or a second attribute of the edge device; and

based at least in part on the at least one of the first attribute or the second attribute, directly connecting the client device to the edge device via the NAT hole in the network.