Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Help in VPN Connection ( Help VPN Configuration)
  •  
spampy

Messages: 10

Karma: 0
Send a private message to this user
Hi,

Any tips would help

Below are the configuration that I have defined in Kerio.

1. Interfaces

VPN Interface
i. IP address assignment
IP AD 192.168.4.0
Mask 255.255.255.0

ii. DNS
Primary 192.168.3.1 (domain IP)
Secondary 192.168.3.2 (Firewall IP)-Kerio Local IP

iii. WINS
Primary 192.168.3.1
Secondary 192.168.3.2

iv. Listen on port 4090
Custom Route 192.168.3.0
NOTE: Status of VPN Interface is UP

2. Traffic Policy

1st Policy
Name: Service Kerio VPN
Soure: Internet
Dest: Firewall
Service: Kerio VPN (4090)
Action: Allow

2nd Policy
Name: Local Traffic
Source: Firewall
All VPN Clients
All VPN Tunnel
Dest: Trusted/Local
Service: Any
Action: Allow

I followed some instruction on how to configure the VPN. So now I'm testing it using internet from the outside. So i can connect to the local network.

I typed in the browser using other ISP
https: / /(ip ad of my kerio internet):4090.
And the kerio log in page would suppose to display but unfortunately nothing happened. I always receive "The connection is reset"

Is there any configuration that i missed or is there something that is not right? Any help would be appreciated.

Thank you.
  •  
ICT and Me

Messages: 936

Karma: 53
Send a private message to this user
Port 4090 is the VPN port of the Tunnel or Client.
That's not the webbased version.
Are you looking for the Clientless SSL VPN?
Then you must have a rule with HTTPS to the firewall active.
And try https://{ipnumber} Without the portnumber.
Which version you use. Windows or the Aplliance?
Windows version has Clientless SSL VPN.
Linux (Applaince) hasn't.

ICT and Me
Carlo Turk
The Netherlands
www.ictandme.nl
  •  
spampy

Messages: 10

Karma: 0
Send a private message to this user
Version: Windows
Installed it on a desktop using firebird server
Is there a specific port for HTTPS? is it 443? Where do i have to put it in?

I'm expecting clientless ssl-vpn log in page would appear.
  •  
ICT and Me

Messages: 936

Karma: 53
Send a private message to this user
Do you have a rule to allow HTTPS traffic from internet to firewall?
Name: Service HTTPS
Source: Internet
Destinastion: Firewall
Service: HTTPS
Action: Allow

Check Configuration->Advanced Options -> TAB SSL-VPN
There must it be enabled. Port will be 443 (HTTPS)

ICT and Me
Carlo Turk
The Netherlands
www.ictandme.nl
  •  
spampy

Messages: 10

Karma: 0
Send a private message to this user
I just configured just for now a service with any any for the source port and destination port.

In the advance options there is no tab for ssl-vpn.
  •  
ICT and Me

Messages: 936

Karma: 53
Send a private message to this user
This is place where it should be.
use Kerio Admin Console not the WebConsole

index.php?t=getfile&id=2077&private=0

[Updated on: Thu, 04 November 2010 10:29]


ICT and Me
Carlo Turk
The Netherlands
www.ictandme.nl
  •  
spampy

Messages: 10

Karma: 0
Send a private message to this user
I think we have a different version.. I have a 6.7.1 patch 2index.php?t=getfile&id=2080&private=0

  • Attachment: Kerio.JPG
    (Size: 77.61KB, Downloaded 4954 times)
  •  
ICT and Me

Messages: 936

Karma: 53
Send a private message to this user
Why aren't you to the latest version?
The are more features then with your version.

ICT and Me
Carlo Turk
The Netherlands
www.ictandme.nl
  •  
spampy

Messages: 10

Karma: 0
Send a private message to this user
I'm only new to kerio.. it was turned over to me by the previous administrator with no training or even turn over manuals or procedure. I'm still getting used to it.. but before he can use it but when i tried it won't work. My only problem is the VPN.. others settings are working.

index.php?t=getfile&id=2085&private=0

  • Attachment: VPN.PNG
    (Size: 34.39KB, Downloaded 4702 times)
  •  
ICT and Me

Messages: 936

Karma: 53
Send a private message to this user
I found out that your version must have the Clientless SSL VPN.
But what i think is that with the installation this option was not enabled.

There are manuals to find on the Kerio site
http://www.kerio.com/control/manuals

It isn't hard to do, when you know how to think on infrastructure level.
The best way to create rules is to make drawing of your network.

But about your VPN.
What's the problem exactly?
Losing connection after a certain time?
Or no Web VPN option?

ICT and Me
Carlo Turk
The Netherlands
www.ictandme.nl
  •  
spampy

Messages: 10

Karma: 0
Send a private message to this user
Thank you for the input and on the link. I had done all the rules and policy that fit on my company's requirements,
and gladly to say that it is all working fine.

The one problem left is the connection through VPN, which is the clientless ssl-vpn as you said that suppose to show up on the browser
when i typed in the internet ip address of our company. i can't actually connect yet through VPN. i cannot dial in on the ip address
that i have configured.

Thank you.
  •  
ICT and Me

Messages: 936

Karma: 53
Send a private message to this user
Spampy, my advise is make a fresh installation on a new system. To learn and to check if you get the Clientless SSL VPN.
If Clientless SSL VPN is there, then you can consider to replace your active Control with the new one.
So you learn how to handle Control and find the problems or not that got now.

ICT and Me
Carlo Turk
The Netherlands
www.ictandme.nl
  •  
spampy

Messages: 10

Karma: 0
Send a private message to this user
Ok thanks.. I'll do that first. I'll try to install it with a GUI.
Thanks for the help.
Previous Topic: Don't show users on Kerio Star
Next Topic: VPN DNS server
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Sep 20 11:25:03 CEST 2017

Total time taken to generate the page: 0.00537 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.