A method for transmitting a subscription profile from an MNO to a secure element pre-provisioned with a temporary profile comprising a unique identifier, MCC and MNC, includes: —Transmitting from the MNO the unique identifier to a SM-DP; —Creating the subscription profile at the SM-DP; —Provisioning in a D-HSS server having the first MCC/MNC the unique identifier and a temporary IMSI comprising a second MCC, a second MNC; —Provisioning in the MNO the temporary IMSI and an ephemeral key; —At the first attempt of the secure element to connect to the D-HSS server, exchanging data in signaling messages for provisioning the secure element with the temporary IMSI; —At the next attempt of the secure element to connect to the MNO network with the temporary IMSI, open an APN and send from the SM-DP to the secure element the subscription profile.

A method for transmitting a subscription profile from an MNO to a secure element pre-provisioned with a temporary profile comprising a unique identifier, MCC and MNC, includes: —Transmitting from the MNO the unique identifier to a SM-DP; —Creating the subscription profile at the SM-DP; —Provisioning in a D-HSS server having the first MCC/MNC the unique identifier and a temporary IMSI comprising a second MCC, a second MNC; —Provisioning in the MNO the temporary IMSI and an ephemeral key; —At the first attempt of the secure element to connect to the D-HSS server, exchanging data in signaling messages for provisioning the secure element with the temporary IMSI; —At the next attempt of the secure element to connect to the MNO network with the temporary IMSI, open an APN and send from the SM-DP to the secure element the subscription profile.

The present application describes the generation and use of micro-pools that are assigned to various DHCP servers by an agent. In examples, each micro-pool includes a set number of IP addresses. The agent tracks which DHCP servers are assigned which micro-pools. As the IP addresses of a micro-pool are assigned to requesting computing devices, the agent may subsequently assign an additional micro-pool to a particular DHCP server.

The present application describes the generation and use of micro-pools that are assigned to various DHCP servers by an agent. In examples, each micro-pool includes a set number of IP addresses. The agent tracks which DHCP servers are assigned which micro-pools. As the IP addresses of a micro-pool are assigned to requesting computing devices, the agent may subsequently assign an additional micro-pool to a particular DHCP server.

A method is disclosed for providing IP access across packet data network gateways (PGWs), comprising: receiving, from a UE, at a coordinating node, an attach request; sending a request to create a first new session to a first PGW; sending a request to create a second new session to a second PGW; receiving, from the first PGW and at the coordinating node, a first request for policies for the UE; receiving, from the second PGW and at the coordinating node, a second request for policies for the UE; opening a first data tunnel from the coordinating node to the first PGW; opening a second data tunnel from the coordinating node to the second PGW without closing the first data tunnel; and opening a data tunnel between the UE and the coordinating node for providing IP access to both the first PGW and the second PGW.

According to certain embodiments, a system comprises one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components of the system to perform operations. The operations comprise receiving a packet comprising a source address; selecting an uplink for the packet, the uplink selected from a plurality of uplinks based on an uplink selection policy; determining whether the source address is valid on the selected uplink; determining whether to keep or re-write the source address based on whether the source address is valid on the selected uplink; keeping the source address when the source address is valid on the selected uplink or re-writing the source address when the source address is not valid on the selected uplink; and sending the packet to the selected uplink.

According to certain embodiments, a system comprises one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components of the system to perform operations. The operations comprise receiving a packet comprising a source address; selecting an uplink for the packet, the uplink selected from a plurality of uplinks based on an uplink selection policy; determining whether the source address is valid on the selected uplink; determining whether to keep or re-write the source address based on whether the source address is valid on the selected uplink; keeping the source address when the source address is valid on the selected uplink or re-writing the source address when the source address is not valid on the selected uplink; and sending the packet to the selected uplink.

Virtual private network (VPN) service provider infrastructure (SPI) receives a request to access a VPN from a client device. The VPN SPI selects an Internet Protocol (IP) address for access to the VPN by the client device from a pool of IP addresses. The VPN SPI provides access to the VPN for the client device via the IP address. The VPN SPI receives one or more handshake notifications from the client device. The VPN SPI determines that a threshold time period has passed since a latest-in-time handshake notification of the one or more handshake notifications. The VPN SPI disconnects the client device from the VPN in response to determining that the threshold time period has passed. The VPN SPI adds the IP address to the pool of IP addresses in response to disconnecting the client device from the VPN.

Virtual private network (VPN) service provider infrastructure (SPI) receives a request to access a VPN from a client device. The VPN SPI selects an Internet Protocol (IP) address for access to the VPN by the client device from a pool of IP addresses. The VPN SPI provides access to the VPN for the client device via the IP address. The VPN SPI receives one or more handshake notifications from the client device. The VPN SPI determines that a threshold time period has passed since a latest-in-time handshake notification of the one or more handshake notifications. The VPN SPI disconnects the client device from the VPN in response to determining that the threshold time period has passed. The VPN SPI adds the IP address to the pool of IP addresses in response to disconnecting the client device from the VPN.

The invention concerns a method for transmitting a subscription profile from a MNO to a secure element cooperating with a terminal, the secure element being pre-provisioned with a temporary profile comprising a unique identifier, a first MCC and a first MNC, the method comprising: Transmitting from a POS of the MNO the unique identifier of the secure element to a SM-DP; Creating or reserving the subscription profile at the SM-DP; Provisioning in a D-HSS server having the first MCC/MNC the unique identifier and a temporary IMSI comprising a second MCC, a second MNC; Provisioning in the HSS of the MNO the temporary IMSI and an ephemeral Ki; At the first attempt of the secure element to connect to the D-HSS server with its temporary profile, exchanging data in signaling messages between the secure element and the D-HSS for provisioning the secure element with the temporary IMSI; At the next attempt of the secure element to connect to the MNO network with the temporary IMSI, open an APN and send from the SM-DP to the secure element the subscription profile.