Kerio Tech Firewall6 User Manual

23.6 Example of a more complex Kerio VPN configuration

359

5.

Create an active endpoint of the VPN tunnel which will connect to the headquarters server

(newyork.company.com). Use the fingerprint of the VPN server of the headquarters as a

specification of the fingerprint of the remote SSL certificate.

Figure 23.60

The Paris filial office — definition of VPN tunnel for the headquarters

On the Advanced tab, select the Use custom routes only option and set routes to headquar-

ters’ local networks.

At this point, connection should be established (i.e. the tunnel should be created). If

connected successfully, the Connected status will be reported in the Adapter info column

for both ends of the tunnel. If the connection cannot be established, we recommend you

to check the configuration of the traffic rules and test availability of the remote server —

in our example, the ping gw-sanfrancisco.company.com command can be used at the