Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual

Page 48

Advertising
background image

Chapter 5

Network interfaces

48

change of a network adapter etc., there is no need to edit traffic rules — simple adding of the

new interface in the correct group will do.

In WinRoute, the following groups of interfaces are defined:

Internet interfaces — interfaces which can be used for Internet connection (network

cards, wireless adapters, dial-ups, etc.),

Trusted / Local interfaces

interfaces connected to local private networks protected

by the firewall (typically Ethernet or WiFi cards),

VPN interfaces — virtual network interfaces used by the Kerio VPN proprietary solution

(VPN server and created VPN tunnels — for details, refer to chapter

23

),

Other interfaces — interfaces which do not belong to any of the groups listed above

(i.e. a network card for

DMZ

, idle dial-up, etc.).

Groups of interfaces cannot be removed and it is not possible to create new ones (it would not

be of any help).

During the initial firewall configuration by Traffic rules wizard (see chapter

7.1

), interfaces

will be sorted in correct groups automatically. This classification can be later changed (with

certain limits — e.g. VPN server and VPN tunnels cannot be moved from the VPN interfaces

group).

To move an interface to another group, drag it by mouse to the desired destination group or

select the group in properties of the particular interface — see below.

Note: If the initial configuration is not performed by the wizard, all interfaces (except VPN

interfaces) are set as Other interfaces. Before you start creating traffic rules, it is recommended

to define correctly interfaces for Internet connection as well as interfaces for the local network

— this simplifies definitions of the rules significantly.

Special interfaces

Interfaces include also the following special items:

VPN server

This

interface

is

used

as

a

server

for

connection

of

the

proprietary

VPN

client (Kerio VPN Client — this solution can be downloaded for free from

http://www.kerio.com/firewall/download

).

VPN servers are always sorted in

the VPN interfaces group.

Double-click on this interface or click on Edit to edit settings and parameters of the VPN

server. The VPN server interface cannot be removed.

For detailed information on the proprietary solution Kerio VPN, refer to chapter

23

.

Dial-In (on Windows only)

This interface represents the server of the RAS service (dial-up connection to the net-

work) on the WinRoute host. This interface can be used for definition of traffic rules (see

chapter

7

) for RAS clients which are connecting to this server.

Dial-In interfaces are considered as trustworthy (clients connected via this interface use

it to access the local network). This interface cannot be either configured or removed. If

Advertising
Popular Brands
Popular manuals