Hello, i'm new using KWF, but i have a little problem.
Mi configuration is as follows:
Windows 2k Pro PC with 2 ethernet interfaces
eth 1 = private LAN
eth 2 = WAN
I made all the configuration to the KWF following the manual(NAT function active), the clients have no limitations, i stoped all the services that could make any conflict with the KWF, even i used the proxy, but the clients can't get to the internet, the trafic just stay in the LAN, can you tell me what's wrong.
First of all, if you use PPPoE dial-up on your firewall host to connect to the Internet, you need to use the dial-up interface and not the WAN network card interface as your outgoing interface in your NAT traffic policy rule.
The traffic rule should look as follows:
- make sure the check-box is checked so that it's enabled
- source: your LAN interface (or the IP addresses of your LAN clients if you prefer)
- destination: your outgoing network interface
- service: any (or whatever services you wish to allow)
- action: permit
- translation: source NAT -> translate to IP address of outgoing interface, destination NAT -> no translation
Another thing you need to keep in mind is DNS. You need to do one of four things: Either
a) set up KWF as DHCP server and let LAN clients automatically take their IP settings from it, or
b) enable DNS forwarding in and set all LAN clients to use the KWF host as their DNS server, or
c) set all clients to use an external DNS server, or
d) if you have another DNS server running on your LAN, then use that
I have a similar setup as you (KWF host with two ethernet cards) and this has got it working for me.
I hope it helps.
Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of