Home » Kerio User Forums » Kerio Control » Configure a second Kerio VPN server?
  •  
Think Fixed

Messages: 495

Karma: 0
Send a private message to this user
I'm working with a client who has multiple tenants behind a Kerio Control Box. We just setup a separate IP subnet routed through a dedicated LAN port plugged into the tenant's dedicated switch. Now we would like to be able to allow this tenant to use Kerio VPN to access systems on their private LAN hosted by the Control Box, but not have access to any systems that are on the other LAN. Can a second Kerio VPN server be setup to do this, and route connections into the secondary LAN? I don't see an option to do this. I cannot reach GFI support to ask them about this. I end up rotting on hold until I hang up out of frustration.

Howie Isaacks
Systems Engineer | Apple Solutions Consultant
Think Fixed LLC, Dallas and Fort Worth

www.thinkfixed.com
  •  
Shaunie

Messages: 15
Karma: 0
Send a private message to this user
Are you looking for a dedicated tunnel or just a user account?
  •  
Think Fixed

Messages: 495

Karma: 0
Send a private message to this user
I'm sorry. Maybe I described this in an odd way. There are multiple tenants behind this Control Box. We want for one tenant to be able to connect to VPN, but only have access to the the systems that are on the separate LAN that we created for them. Yesterday, I setup one of the LAN ports on the Control Box to use a different IP subnet, and different DHCP server. The tenant has their own switch connected to this port, separating them from everyone else. Kerio VPN appears to only route to the default LAN, and there doesn't appear to be a way to setup a second Kerio VPN server that is dedicated for use with this second LAN. That's what I'm trying to setup. If it's possible, I haven't figured it out yet.

Howie Isaacks
Systems Engineer | Apple Solutions Consultant
Think Fixed LLC, Dallas and Fort Worth

www.thinkfixed.com
  •  
Shaunie

Messages: 15
Karma: 0
Send a private message to this user
Assuming you have address groups set up as you now have this one users network on a separate vlan.

Try creating a new group for this one user. Place their VPN account in that group.
Using Traffic rules create rule to permit that group access to his network and a second rule to block access to other networks.

Not sure if this is the cleanest way of doing things but it might help or work.

Though I think Kerio could implement something when creating user accounts we could say what networks they should be allowed to access.
Previous Topic: IKE ciphers issue
Next Topic: sending alert messages
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Jan 16 09:10:43 CET 2019

Total time taken to generate the page: 0.73798 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.