Hey all, after some serious time spent with trial and error, I've pretty much lost hope in the viability of KWF to manage my network, but maybe you could help me out =) Im just gonna list how I have things set up then explain my issues:
New server PC with windows xp pro sp3(clean install) (2 NICS)
AVG Pro version
UPSMon for UPS system
Hughes HX Satellite Modem
Netgear Prosafe 24 port switch
*All the services KWF asks to disable on install are still disabled.
Internet Source: Hughes HX Satellite Service
(following ips are fake but im showing how they are set up in succession)
Sat. modem IP: 126.96.36.199
Server (WAN Card)
Server (LAN Card)
cat 6 out from modem to wan card on server, then cat 6 out from lan card on server to switch, then cat 5 cables out to network computers.
KWF Relevant Settings:
DCHP Enabled. (with normal private network settings)
DNS Relay Enabled (with 188.8.131.52 identified as relay destination/cache enabled)
For this example lets just say everything is unblocked through the wizard...all sources and destinations are permitted to all...and Nat translation is properly configured from LAN to WAN.
OKAY! That covers most of the important shenanigans. Now here's the stuff thats blowing my mind:
All of these settings i said here...work. They worked for 24 hours. Granted i spent about 24 hours prior to that tinkering FOREVER to get them to work...but the settings worked. lan users were able to get online, and the server could load webpages. However, once there is a reboot of the system...it all goes to crap. My initial assessment is that a reboot of the server cause a conflicting service to start...which cause KWF to stop allowing access to internet.
After a reboot with the working settings...i was no longer able to get internet on lan or server while KWF was running. turn off kwf...and voila internet works on server machine...but obviously still not on lan. Turn on KWF...and no more interwebz...so i try pinging the modem...and good ping...then i try pinging yahoo and google...good pings too! So i know DNS is working...I know theres connectivity to the outside world...but KWF isnt letting those HTTP packets go through. So then i do the traffic policy wizard about a billion times just allowing anything to go through...and still no luck. So heres the fun part.
I reconfigure the network to use just a standalone router and take the server out of the loop. I set the server up to act like just a regular pc with a high speed firewall installed (dns and dhcp disabled). Everything works fine for the network and the server as long as KWF isnt turned on. Once i turn KWF the entire network comes to a halt and all traffic gets jumbled to shiznit.
What particularly frustrates me is that no matter what changes I employ...even if they are the exact changes that worked before...even if they are employed after a clean reinstall of KWF and starting all over again...I never get the same result twice so I can develop a baseline for deduction of the core problem.
I really need this software to work as I am maintaining a satellite network for over 30 soldiers here in Iraq while we are deployed...and obviously communication with home is pretty important...and I have run the same software on my last deployment with no issues at all...these problems are blowing me away because the utility is simple to use and I know how to make it successful...but something unknown is messing me up. Im hoping the gurus here can lead me in the right direction =)
Any help is GREATLY appreciated =)
- Jan Jezek (Kerio)
Your problem is in conflict with AVG. Both product try to filter HTTP traffic and as a result everything fails. Either you have to uninstall AVG or configure it so it does not tamper with networking.
Product Development Manager - Kerio Control
Thank you so much for your help. Honestly my original suspicion was with AVG, so i disabled its services and turned it off and I still had the problem so I was sure that wasnt the cause. I went ahead and uninstalled it as per your advice and sure enough you were right. works like a charm now. Thanks again so much =)
Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of