Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual

23.5 Example of Kerio VPN configuration: company with a filial office

301

In step 5, select Create rules for Kerio VPN server. Status of the Create rules for Kerio

Clientless SSL-VPN option is irrelevant (this example does not include Clientless SSL-VPN

interface’s issues).

Figure 23.15

Headquarter — creating default traffic rules for Kerio VPN

This step will create rules for connection of the VPN server as well as for communication

of VPN clients with the local network (through the firewall).

Figure 23.16

Headquarter — default traffic rules for Kerio VPN

When the VPN tunnel is created, customize these rules according to the restriction re-

quirements (see item 6).

Note: To keep the example as simple and transparent as possible, only traffic rules relevant

for the Kerio VPN configuration are mentioned.

3.

Customize DNS configuration as follows:

•

In the WinRoute’s DNS module configuration, enable DNS forwarder (forwarding

of DNS requests to other servers).

•

Enable the Use custom forwarding option and define rules for names in the

filial.company.com

domain. Specify the server for DNS forwarding by the IP

address of the remote firewall host’s interface (i.e. interface connected to the

local network at the other end of the tunnel).