Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Two way Separate Networks
  •  
PangOS

Messages: 4
Karma: 0
Send a private message to this user
Hi all. Testing Winroute Firewall to use with my Home/Office LAN and running into one simple problem which seems to be a config issue.

I love the features of KWF and I plan to use as it seems to be working well and running smoothly except:

I have my DSL Router (192.168.1.1) attached to a switch with 1 Workstation connected (192.168.1.2) and the Winroute PC connected as well (192.168.1.10).

The Winroute PC's second NIC (192.168.2.1) connected to another switch, I'm using NAT to allow 5 other PCs to access the internet and the LAN.

The PC that is not passing through KWF (192.168.1.2) cannot ping or see any of the other PCs on the LAN (192.168.2.*) however these PCs can see,ping,access the PC (192.168.1.2).

I have tried many times to set up the traffic policy as far as I can understand it but still it doesn't work.

What am I doing wrong?
  •  
Jan Jezek (Kerio)

Messages: 103
Karma: 0
Send a private message to this user
This is what you need to do:

1. Add a permitting rule in WinRoute with source 192.168.1.2 and destination 192.168.2.0 / 255.255.255.0.

2. Add a static route on the workstation:
route add -p 192.168.2.0 mask 255.255.255.0 192.168.1.10

Optionally, you could add a similar static route on the DSL router (if it allows you to do that) and turn off NAT in WinRoute.

Jan Jezek
Product Development Manager - Kerio Control
Kerio Technologies
  •  
PangOS

Messages: 4
Karma: 0
Send a private message to this user
Thanks 4 ur reply.

Tried ur solution, But I'm still stuck.

Let me verify...


'1. Add a permitting rule in WinRoute with source 192.168.1.2 and destination 192.168.2.0 / 255.255.255.0'

Did this in Winroute.

'2. Add a static route on the workstation:
route add -p 192.168.2.0 mask 255.255.255.0 192.168.1.10'

By this u mean to apply this command on the Workstation that is not passing thru the firewall (192.168.1.2)?

Thanks for all ur help.

[Updated on: Tue, 02 June 2009 09:16]

  •  
PangOS

Messages: 4
Karma: 0
Send a private message to this user
Crying or Very Sad

[Updated on: Tue, 02 June 2009 11:47]

  •  
Jan Jezek (Kerio)

Messages: 103
Karma: 0
Send a private message to this user
Those commands alone couldn't have done anything wrong except making your workstation at 192.168.1.2 be able to talk to the machines behind WinRoute Firewall.

Jan Jezek
Product Development Manager - Kerio Control
Kerio Technologies
  •  
PangOS

Messages: 4
Karma: 0
Send a private message to this user
Sorry, After lots of reviewing I realized that I entered the command for the static route on the firewall machine.

route -f set things back to normal.

Although I still can't access the machines behind the firewall from 192.168.1.2

Thanks for ur help and patience.

(Edit) Did over the config, assigning the static route on the workstation in front of the firewall.

Yipee!! it works now. Very Happy

I can ping all the machines <_a.t_> 192.168.2.*, access network shares and servers, but yet another hitch. I have to use the IP addresses instead of being able to use NetBIOS names. Any solution to this one?

Thanks again. Very Happy

[Updated on: Tue, 02 June 2009 12:24]

Previous Topic: NAT for VPN clients
Next Topic: Windows 7+Kerio Winroute+VPN PPTP
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Sep 20 23:58:37 CEST 2017

Total time taken to generate the page: 0.00381 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.