Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Access local LAN from remote PC using Kerio VPN
  •  
brauner

Messages: 89
Karma: -20
Send a private message to this user
Hello,

This is a simple question.

In my office, I have Kerio Control Server (9.2.2) installed in VMWARE appliance.
The Kerio appliance, as other office resources, is connected to my office router (192.168.1.x), therefore, Kerio appliance DHCP is off.
Kerio appliance ip is 192.168.1.107, and Kerio VPN server is enabled (192.168.2.x)

I managed to connect from my home to the Kerio VPN server using the kerio client (open port 4090 routing in the router), my home pc get an ip from the Kerio VPN server 192.168.2.2.

From this point, how do I get access to other office resources (192.168.1.x) from home?

See diagram.

-Roei

  •  
link611

Messages: 106
Karma: 0
Send a private message to this user
okay, simple question, why are you using a seperate router and the Kerio as a client - instead of using Kerio Control as your main gateway?

Do the following:

Router IP 192.168.3.1 (for example)
Kerio WAN IP 192.168.3.2 (for example), Gateway 192.168.3.1, DNS 192.168.3.1
Kerio LAN IP 192.168.1.1

Your clients should use Kerio as it's Gateway, then the VPN will work. Open ports on Router to Kerio.

in this setting, you should set your Router as a modem or open all ports to kerio, so kerio can do the firewall stuff.
Or you change the router with a normal modem.
  •  
brauner

Messages: 89
Karma: -20
Send a private message to this user
Hello link611

Thank you for your answer.

The reason for using a separate router and a Kerio Control Server instead of using Kerio Control as main gateway, is licensing!

I have 50 users in my office; I use a checkpoint router with unlimited users/nodes.
But - I have only 10 users that need vpn access from out of the office.
In order to use Kerio Control as main gateway, I have to buy 50 users license (1,800$) and pay yearly subscription (600$), that why I thought using Kerio Control as VPN server for 10 users only.

If my clients (clients = users outside the office) will use Kerio as there Gateway, I assume that every internet traffic will pass through my office, that is something I don't think I want.

-Roei
  •  
link611

Messages: 106
Karma: 0
Send a private message to this user
Ah okay, and your checkpoint router does not offer any vpn method?

okay then let's try this:

- give your control on the lan interface a second ip/network or create a new NIC on your appliance (for example 192.168.3.1)
- give your servers/clients which you want to reach over vpn a second ip in that network and use a second gateway (192.168.3.1), that should also work and you will not exceed the limitation.


or simply use just for the servers you want to reach the control as gateway.


the problem here is, that your clients come over kerio in your network, but your servers want to answer over your router.
maybe you can do some freaky routing stuff on your servers site to resolve this, which is probably the same as give them a second ip.

[Updated on: Thu, 03 August 2017 12:18]

  •  
link611

Messages: 106
Karma: 0
Send a private message to this user
after thinking about it, maybe it will work, if you add to your router a route for 192.168.2.0 over 192.168.1.107

so if you server wants to answer to your vpn client, the router routes that package to kerio.

[Updated on: Thu, 03 August 2017 13:08]

Previous Topic: Kerio Control VPN to Lancom Router
Next Topic: IPS slowing down download
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Oct 23 11:58:52 CEST 2017

Total time taken to generate the page: 0.00491 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.