Kerio Tech Firewall6 User Manual
Page 361
23.6 Example of a more complex Kerio VPN configuration
361
6.
Create
an
active
endpoint
of
the
tunnel
connected
to
London
(server
gw-london.company.com
).
Use the fingerprint of the VPN server of the London
filial office as a specification of the fingerprint of the remote SSL certificate.
Figure 23.62
The Paris filial office — definition of VPN tunnel for the London filial office
On the Advanced tab, select the Use custom routes only option and set routes to London’s
local networks.
Like in the previous step, check whether the tunnel has been established successfully, and
check reachability of remote private networks (i.e. of local networks in the London filial).
7.
Add the new VPN tunnels into the Local Traffic rule. It is also possible to remove the
Dial-In interface and the VPN clients group from this rule (VPN clients are not allowed to