Configuration of VPN clients

The following conditions must be met to enable connection of remote clients to local networks via encrypted channels:

  • The Kerio VPN Client must be installed at remote clients (for detailed description, refer to a stand-alone document, Kerio VPN Client User Guide).

  • Users whose accounts are used for authentication to Kerio VPN Client must possess rights enabling them connect to the VPN server in WinRoute (see chapter User Accounts).

  • Connection to the VPN server from the Internet as well as communication between VPN clients must be allowed by traffic rules.

Note: Remote VPN clients connecting toWinRoute are included toward the number of persons using the license (see chapters Registration and Licensing Policy and User counter). Be aware of this fact when deciding what license type should be bought (or whether an upgrade to a higher number of users should be bought).

Basic configuration of traffic rules for VPN clients

  • The first rule allows connection to the VPN server in WinRoute from the Internet.

    To restrict the number of IP addresses from which connection to the VPN server will be allowed, edit the Source entry.

    By default, the Kerio VPN service is defined for TCP and UDP protocols, port 4090. If the VPN server is running at another port, this service must be redefined.

  • The second rule allows communication between the firewall, local network and VPN clients.

If the rules are set like this, all VPN clients can access local networks and vice versa (all local hosts can communicate with all VPN clients). To restrict the type of network access available to VPN clients, special rules must be defined. Examples of traffic rules are provided in chapter Example of VPN tunnel configuration.

Notes:

  1. If the Network Rules Wizard is used to create traffic rules, the described rules can be generated automatically (including matching of VPN clients with the Source and Destination items). To generate the rules automatically, select Yes, I want to use Kerio VPN in Step 5. For details, see chapter Network Rules Wizard.

  2. For access to the Internet, VPN clients use their current Internet connections. VPN clients are not allowed to connect to the Internet via WinRoute (configuration of default gateway of clients cannot be defined).

  3. For detailed description on how to define traffic rules, refer to chapter Traffic Policy.

Additional Links

Search

Support

Documentation

Authorization

 
Forgot your password?
Register

Subscribe

Subscribe to company news