Kerio Tech Firewall6 User Manual
Page 349
23.6 Example of a more complex Kerio VPN configuration
349
Configuration of the London filial
1.
Install WinRoute (version 6.1.0 or higher) at the default gateway of the filial’s network.
2.
Use Network Rules Wizard (see chapter
) to configure the basic traffic policy in WinRoute.
To keep the example as simple as possible, it is supposed that the access from the local
network to the Internet is not restricted, i.e. that access to all services is allowed in step 4.
In step 5 of the wizard, select the Create rules for Kerio VPN server option (setting of the
Create rules for Kerio Clientless SSL-VPN option is not regarded here).
Figure 23.44
The London filial — no restrictions are applied to accessing the Internet from the LAN
Figure 23.45
The London filial office — creating default traffic rules for Kerio VPN
This step will create rules for connection of the VPN server as well as for communication
of VPN clients with the local network (through the firewall).
3.
Customize DNS configuration as follows:
•
In configuration of the DNS Forwarder in WinRoute, specify DNS servers to which
DNS queries which are not addressed to the company.com domain will be for-