Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Control behind firewalls with VPN (How to see computers behind Kerio Control from remote network over firewalls with VPN?)
  •  
Aleksandr

Messages: 5
Karma: 0
Send a private message to this user
Our Kerio Control was connected directly to the Internet. Now we connected it through hardware firewall with VPN channel to second hardware firewall.

Clients of remote network behind a second firewall can ping second firewall, first firewall and Kerio Control external IP (interface from Kerio to first hardware firewall marked as "External/Internet" in Control). But clients cant ping or see computers in our main network behind Kerio Control.

How to configure Kerio so that remote clients can see computers on the network behind Kerio? Add routes? Mark external Kerio Control interface as "Internal"? Looks like both methods are not safe. If we allow any connections from first hardware firewall to network behind Control - its a security risk?

Now Kerio Control in the main acts as proxy, access restricting and traffic accounting device.
  •  
ksnyder

Messages: 557
Karma: 36
Send a private message to this user
  •  
Aleksandr

Messages: 5
Karma: 0
Send a private message to this user
I'll try this, but it did not help.

Maybe the problem is that Service Discovery forwarding works only with Kerio VPN, but our VPN between hardware firewalls is IPsec VPN? We dont use Kerio VPN to connect from remote station to internal network (now - only to network behind first hardware firewall).

I may establish Kerio VPN connection from remote station to Kerio Control over VPN connection from one hardware firewall to another. But this is workaround, not solution. I want to make a connection from remote station to local network without Kerio VPN, using only VPN between hardware firewalls.
Previous Topic: Multiple User Login Problem
Next Topic: Virtio Support for Proxmox etc.
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Jun 24 02:07:27 CEST 2017

Total time taken to generate the page: 0.00373 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.