Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » W2K Server + RRAS + LAN Application
  •  
toxic

Messages: 5
Karma: 0
Send a private message to this user
I have Winroute Firewall running on a W2K Server box, and for testing purposes have the following rules configured (in essance disabling the firewall aspect -- but.....)

Rule #1
Source: LAN, Dialup Adapter
Destination: Internet
Service: Any
Action: Permit
Translation: (NAT) - Internet

Rule #2
Source: Any
Destination: Any
Action: Permit
Translation: None

Additionally, I have RRAS up and running on this same box. Client PCs can connect to the VPN and utilize resources without any issues. However, if they attempt to run a client application which utilizes the VPN LAN connection to communicate with a server application running and bound to 192.168.0.1 and communicating via TCPIP (same box as Kerio, Local LAN adaptor) it fails to work. If I however turn off (shutdown) WinRoute, this application works just fine.

What is WinRoute doing here to prevent this application from working? I know the application uses TCPIP to communicate. Any thoughts would be appreciated.
  •  
simon

Messages: 12
Karma: 0
Send a private message to this user
I have just had the same problem. You need to have a rule that allows access to that ip address from the vpn address range. Otherwise winroute doesn't see any rules that match the traffic over the vpn and blocks it all. Took me a week to figure out what i had done. Should look something like this:

Source: VPN Address Range
Destination: Local network address range/Ip address of server
Service: Any
Action: Permit
No translation.

Hope this helps
  •  
johnsan

Messages: 5
Karma: 0
Send a private message to this user
very interesting.
I have similar problems with a lot of applications, which finally forced me back to WR4.25 (and all was back to normal).

The rule#2 above should in my understanding avoid any blocking at all. So, why this extra rule for VPN/LAN mention before when the "bigger" rule (#2 any/any) is there?

Question to Kerio:
Source: Any Destination: Any Action: Permit Translation: None
obviously does NOT do what it should. Why?
  •  
toxic

Messages: 5
Karma: 0
Send a private message to this user
I attempted to add the Traffic Rule to KWF 5.0 and it didn't seem to make a bit of difference. Bumping down to 4.25 unfortuinately is not an option. What I don't understand is why things seeminly work find when KWF is stopped. Seems to me like the engine is doing something it shouldn't be.
  •  
miro

Messages: 25
Karma: 0
Send a private message to this user
hi,
RRAS service and KWF service could not run on one system.
situation is, that if you enable once RRAS service on windows 2000 server, you may have problem with KWF service, even if you disable RRAS.

low level driver of KWF have "problem" with RRAS service, sometimes are packets routed by KWF into system disappeared.

i try enable RRAS with KWF on many w2k servers, without sucess.
sometimes after disabling of RRAS service, KWF service stops response and i must reinstall whole system.
  •  
toxic

Messages: 5
Karma: 0
Send a private message to this user
I'm pretty sure that the Kerio Feature list for v5.x states that it supports RRAS. They even have a KB document about it -- if thats the case then why are packets being dropped? Clearly there must be some sort of an issue here.
  •  
Curiosity

Messages: 6
Karma: 0
Send a private message to this user
I have just had the same problem.
Has anyone slolved this problem??

[Updated on: Fri, 24 September 2004 13:22]

Previous Topic: on russian! íà ðóññêîì! Windows 2003 Server and RRAS!
Next Topic: Two networks on DHCP
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Nov 24 12:22:16 CET 2017

Total time taken to generate the page: 0.00443 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.