Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » VPN Routing Problem!!!
  •  
dblt

Messages: 6
Karma: 0
Send a private message to this user
I have seen similar posts but with no resolution. Hopefully with some help I can get to the bottom of this.
Client connects to VPN server. Client can ping VPN server but cannot ping any other computer on the remote LAN. All the standard rules are setup and configured ok to allow VPN traffic. The remote LAN is 192.168.0.x and the VPN Clients are configured to use 10.0.0.x addresses.
The VPN clients MUST be able to connect to the clients on the remote LAN. Can anyone help with this problem once and for all.

Thanks.
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Are you trying to ping the host names ("ping <host name>") or to ping the IP address ("ping x.x.x.x")? The first will not work, because you're on a different subnet. The latter should work just fine.
  •  
dblt

Messages: 6
Karma: 0
Send a private message to this user
No just by ip address. I cannot figure out what this is not working. I have setup VPN Clients with Kerio before with no problems. I cannot figure out why it is not routing to clients on the remote lan.
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
I don't know if you want full connectivity between the LAN, firewall and VPN, but if so, do you have the appropriate Traffic Policy?

Quote:

source: LAN, firewall, VPN
destination: LAN, firewall, VPN
service: any
action: allow
translation: <none>

And is this rule being applied? (Is it 'high up enough' in the list of rules?)
  •  
dblt

Messages: 6
Karma: 0
Send a private message to this user
Yes have that in place.
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Isn't another firewall (perhaps the client PC's own) interfering?
  •  
dblt

Messages: 6
Karma: 0
Send a private message to this user
No already checked that. All firewalls are disabled on the client side both at the VPN client and the remote clients. The local server on the remote LAN can ping the clients no problem.
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
That is weird. A secondary firewall active on the server itself? And note that nowadays anti-virus programs often also install firewalls and call it 'anti-worm protection' or whatever...
  •  
dblt

Messages: 6
Karma: 0
Send a private message to this user
No, there is only Kerio acting as the firewall. All Windows firewalls have being disabled.
I have finally found the problem. The issue was that the clients receive DHCP IP's. The were not configured with any gateway address as this is not needed. However, if I iniated a ping from the VPN client, the remote client would receive the request but not have any way to route the reply back to me.
The same applied to the piece of software that we are trying to get working. It needed a response back from the remote client.
Once I setup the gateway address as the IP of the Kerio firewall server, all was well.
Thanks for the help and hopefully this article will help in the future.
Previous Topic: Kerio vpn client for Linux or turnaround
Next Topic: Traffic rules with Kerio
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Nov 22 06:38:45 CET 2017

Total time taken to generate the page: 0.00451 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.