Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » VPN Configuration
  •  
RoLLCaGe

Messages: 3
Karma: 0
Send a private message to this user
I am planning to establish a small VPN for our company, based on a Win2K Server with Remote Access Services.

I can set up the VPN part, but I am not familiar with the configuration I have to have on the firewall.

Here are the configurations.

Firewall host has two interfaces:

LAN: 12.12.12.12
WAN: 200.200.200.200

VPN Server has one interface:

LAN: 12.12.12.13

I have the following configuration on the firewall now but Im not able to establish connection yet.

Source: any
Destination: 200.200.200.200
Service: IPSec, IKE
Translation: MAP 12.12.12.13

I have tried connecting with the IPsec pass though enabled and disabled but I had no luck with either of them.

If anyone here nows what I'm doing wrong please help me out.
  •  
roadrun777

Messages: 12
Karma: 0
Send a private message to this user
RoLLCaGe wrote on Fri, 14 May 2004 19:54


Here are the configurations.

Firewall host has two interfaces:

LAN: 12.12.12.12
WAN: 200.200.200.200

VPN Server has one interface:

LAN: 12.12.12.13

I have the following configuration on the firewall now but Im not able to establish connection yet.

Source: any
Destination: 200.200.200.200
Service: IPSec, IKE
Translation: MAP 12.12.12.13



If it were me, I would change the Destination to "Firewall"
For some strange reason, I have found that if I put the IP of the internet interface in for destination (instead of Firewall), it doesn't work. It seems that it considers the "firewall" as the first destination of all incoming traffic. Once it gets passed the firewall then that rule would come into play, but it is probably being filtered out.

You can always enable logging on the last rule "drop everything" and see what it is filtering out. I recommend only enabling that for a few minutes, as the log file will get quite huge if you have alot of traffic.

Also make sure your incoming connections are using the same ports that are in the Definitions section. I have found sometimes that its not set to all possible ports for a service, only the most common.

Twisted Evil
Previous Topic: HTTPS does not work "KWF 5.1.10 with McAfee AW"
Next Topic: overnet and pure NAT
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Tue Nov 21 11:22:12 CET 2017

Total time taken to generate the page: 0.00337 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.