Kerio Tech Firewall6 User Manual

23.5 Example of Kerio VPN configuration: company with a filial office

329

•

Set the IP address of this interface (10.1.1.1) as a primary DNS server for the

WinRoute host’s interface connected to the LAN 1 local network. It is not necessary

to set DNS server at the interface connected to LAN 2 — DNS configuration is

applied globally to the entire operating system.

Figure 23.18

Headquarter — TCP/IP configuration at

a firewall’s interface connected to the local network

•

Set the IP address 10.1.1.1 as a primary DNS server also for the other hosts.

Note: For proper functionality of DNS, the DNS database must include records for hosts

in a corresponding local network. To achieve this, save DNS names and IP addresses of

local hosts into the hosts file (if they use IP addresses) or enable cooperation of the DNS

Forwarder with the DHCP server (in case that IP addresses are assigned dynamically to

these hosts). For details, see chapter

8.1

.

4.

Enable the VPN server and configure its SSL certificate (create a self-signed certificate if no

certificate provided by a certification authority is available).

Note: The VPN network and Mask entries now include an automatically selected free sub-

net.