Kerio Tech Firewall6 User Manual

Chapter 23

Kerio VPN

340

7.

Allow traffic between the local and the remote networks. To allow any traffic, just add the

created VPN tunnels to the Source and Destination items in the Local traffic rule. Access

restrictions options within VPN are described by the example in chapter

23.5

.

8.

Test reachability of remote hosts in both remote networks. To perform the test, use the

ping

and tracert system commands. Test availability of remote hosts both through IP

addresses and DNS names.

If a remote host is tested through IP address and it does not respond, check configuration

of the traffic rules or/and find out whether the subnets do not collide (i.e. whether the

same subnet is not used at both ends of the tunnel).

If an IP address is tested successfully and an error is reported (Unknown host) when a cor-

responding DNS name is tested, then check configuration of the DNS.

The following sections provide detailed description of the Kerio VPN configuration both for

the headquarter and the filial offices.

Headquarters configuration

1.

Install WinRoute (version 6.1.0 or higher) at the default gateway of the headquarters

network.

2.

Use Network Rules Wizard (see chapter

7.1

) to configure the basic traffic policy in WinRoute.

To keep the example as simple as possible, it is supposed that the access from the local

network to the Internet is not restricted, i.e. that access to all services is allowed in step 4.

Figure 23.32

Headquarters — no restrictions are applied to accessing the Internet from the LAN