Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » VPN & NAT
  •  
MrT

Messages: 2
Karma: 0
Send a private message to this user
I've connectec a client to my VPN-server but it doesn't see internet through kerio vpn. How can I transfer my server's vpn internet to my client through kerio vpn?

  • Attachment: 2.png
    (Size: 20.36KB, Downloaded 1213 times)
  •  
MrT

Messages: 2
Karma: 0
Send a private message to this user
2nd

  • Attachment: 1.jpg
    (Size: 81.62KB, Downloaded 1298 times)
  •  
amin1356

Messages: 19
Karma: 0
Send a private message to this user
MrT wrote on Tue, 10 August 2010 18:31
I've connectec a client to my VPN-server but it doesn't see internet through kerio vpn. How can I transfer my server's vpn internet to my client through kerio vpn?

Dear All,
I have the same problem (I want to share the internet for my Kerio VPN Clients). Is anybody know how is it possible to do that?
Thanks
  •  
Stinger

Messages: 9

Karma: 0
Send a private message to this user
You'll need to create the following traffic rule

Source: All VPN Clients
Destintation: Internet interface
Service: (all needed services)
Action: Allow
Translation: NAT(name of the internet interface)


Feel free to contact with me by skype finca.am_helpdesk

P.S. I can explain it in russian

[Updated on: Tue, 07 September 2010 08:24]

  •  
amin1356

Messages: 19
Karma: 0
Send a private message to this user
Stinger wrote on Tue, 07 September 2010 08:24
You'll need to create the following traffic rule

Source: All VPN Clients
Destintation: Internet interface
Service: (all needed services)
Action: Allow
Translation: NAT(name of the internet interface)


Feel free to contact with me by skype finca.am_helpdesk

P.S. I can explain it in russian

Dear Stinger,
Thanks for you reply,
have you test this traffic rule yourself? I tested this rule before but it doesn't work and still my Kerio VPN clients don't have internet. I think it is because the Kerio VPN server doesn't assign default gateway to the VPN clients. I test windows VPN on winroute server (Dial in)and the PPTP clients could connect to internet without any problem because Windows VPN assign default gateway to their VPN clients.
Thanks
  •  
Stinger

Messages: 9

Karma: 0
Send a private message to this user
Dear Amin

Sorry for late reply.
At this moment I can't give exact answer why your clients can't access to the Internet and what to do, because I can't imitate this in my office right now.

But I can give advice where you can seek the cause if the problem.
The problem is in routing. When client conects to your server it gets routes from VPN server.

Right now we tried with my friend the following

We have network 192.168.0.0 where kerio server has IP 192.168.0.111
VPN client server has following IP 10.111.1.1
Laptop connects trough the WI-FI Router and gain IP 192.168.1.111

So in normally Laptop will follow these routes 192.168.1.1 -> 192.168.0.111-> etc

But when I connected to VPN server Laptop also got the IP 10.111.1.2

When I checked route table of laptop I saw the following picture

Network Gateway
0.0.0.0 192.168.1.1
192.168.0.0 10.111.1.1
192.168.1.0 192.168.1.1

So the 2-nd route was wrong. In my case My network rules deny internet connection for VPN clients. I fixed routing table manually on client machine and after that there was everything OK.

So I don't know exactly your situation but surely can say that your problem is similar.

I'm always available by Skype feel free to contact me so we can think how to solve your problem
  •  
amin1356

Messages: 19
Karma: 0
Send a private message to this user
Dear Stinger,
Thanks again for you reply and help.
I solved my problem in this way:
Instead of Kerio VPN service I run windows 2003 RRAS on my Kerio server and my clients use windows PPTP VPN to coonect to Kerio server and can use internet without any problem.
Thanks

[Updated on: Thu, 16 September 2010 18:54]

  •  
Jafar Saleh

Messages: 1
Karma: 0
Send a private message to this user
Dear Amin
Hello
Can i ask you kindly to describe more what you had done . I am in same trouble. Please let me know. Thanks.
  •  
ICT and Me

Messages: 940

Karma: 53
Send a private message to this user
Have you all tried to use Proxy! Use the firewall IP address internal as Proxy.
Then your users are using internet thru the VPN.
Because when you don't use proxy your browser goes the fastest way. And that's to direct internet. Not thru the VPN

[Updated on: Thu, 07 July 2011 10:50]


ICT and Me
Carlo Turk
The Netherlands
www.ictandme.nl
  •  
jabd

Messages: 1
Karma: 0
Send a private message to this user
Hi,

I have this problem too. I read the manual where says

"For access to the Internet, VPN clients use their current internet connections. VPN clients are not allowed to connect to the Internet via Kerio Control (configuration of default gateway of clients cannot be defined)."

Any comments why Kerio has this behavior and how we can avoid it?

Thanks
  •  
James Bobby

Messages: 35
Karma: -1
Send a private message to this user
Really old thread, but there is a way to solve it, at least partially.

In the VPN Server under Interfaces, Advanced tab add the following custom routes.

Network: 0.0.0.0
Mask: 128.0.0.0

and

Network 128.0.0.0
Mask: 128.0.0.0

This will route all networks that the VPN user doesn't already have routes for over the VPN connection.

Also make sure you have added the traffic rule mentioned by Stinger.

(Note that trying to route the entire network in one route do not work, 0.0.0.0/0.0.0.0, but adding the two routes work)

/jb

[Updated on: Fri, 07 October 2011 14:01]

  •  
amin1356

Messages: 19
Karma: 0
Send a private message to this user
No Message Body

[Updated on: Sat, 15 October 2011 20:20]

Previous Topic: VPN & Internet sharing
Next Topic: Load balancing download slow
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Nov 17 20:41:11 CET 2017

Total time taken to generate the page: 0.00535 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.