Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Kerio Control porting issues & Other questions!!!
  •  
Joshua Meade

Messages: 3
Karma: 0
Send a private message to this user
Hello my name is Joshua Meade and I have installed Kerio Control 8.0.1 build 609 on my server using the OS Copy and We have 2 nic cards both with an IP Address that is from with in the network. We have been trying to get this setup so that my staff can VPN from outside my crop network and every time we try this it fails and We tried using DMZ with in our router even that is not working. I will be proving 1 image attached below of a screen shot showing a little on how we have our system setup.

If anyone can help with this that would be great. If you thank you may know the issue or can help let me know...

  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
No sense blocking out the last octet of a private IP address.

What are your masks on those interfaces? If it is 255.255.255.0, then you will have some problems.

More information will be needed to find root cause, though.
  •  
Joshua Meade

Messages: 3
Karma: 0
Send a private message to this user
This has been fixed as of Today. All is good so far
  •  
silars

Messages: 429
Karma: 59
Send a private message to this user
For folks who might have problems in the future, are you willing to share the fix?
  •  
Joshua Meade

Messages: 3
Karma: 0
Send a private message to this user
The fix I will be sharing came from Tech support and I will be copying it below.

Part 1 on what the issue is in the color purple
Hi Joshua,

This setup won't work correctly. The Internet and Trusted/Local interfaces can't be in the same IP subnet. The VPN server won't assign the proper routes to the VPN clients that connect to it. It won't assign routes for the IP address range used by the network card that has a gateway assigned to it.

I also recommend using a different IP subnet. The IP subnet 192.168.1.x is very common and is used in a lot of home networks. If someone connecting to Kerio Control use 192.168.1.x in their home network then traffic won't get routed over the tunnel. Windows will always end up preferring their local network.

It looks like you want the users to access the Internet through Kerio Control. If so then in Configuration -> Interfaces -> VPN Server, enable the option 'VPN clients access the Internet through the VPN' on the Kerio VPN tab.


Part 2 on how to fix the issue is in the color Dark Red.....
Hi Joshua,

Double-check the settings on the router. Normally you can modify the IP address it uses on the LAN facing interface. You might try setting up a DMZ if the router does not give you the option to change the IP address it uses. I would try 192.168.100.1.

Have Kerio Control's Internet interface use 192.168.100.2 with a gateway of 192.168.100.1.

Assign the Trusted/Local interface, in Kerio Control, an IP in a different subnet like, for example, 172.16.100.1. Have any client machines behind Kerio Control use IP addresses in that subnet (e.g. 172.16.100.x).

Those IP addresses are not typically used in home networks so the routing with the VPN client should work correctly.


I do hope this help's out. If you have any other question's feel free to ask
Previous Topic: How can I Separate between browsing and download ?
Next Topic: Problem in the speed of the user's specialty ??
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Sep 24 16:01:12 CEST 2017

Total time taken to generate the page: 0.00386 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.