Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » VPN Problem
  •  
comsup

Messages: 1
Karma: 0
Send a private message to this user
I see a lot of problems in this forum about setting up VPN clients which work up to the firewall but then you can't access the Intranet behind. I have just installed KWF6 and have the same problem. Can someone please post a clear description of how this problem was solved?
Thanks, Stu
  •  
BootsMan

Messages: 32
Karma: 0
Send a private message to this user
I have the same question.
Will be glad to see some respond.
  •  
waltspar

Messages: 19
Karma: 0
Send a private message to this user
Ditto - have tried multipel times and rules - I can connect to the server, authenticate and then I cannot get to my local network.
  •  
perbauer

Messages: 55
Karma: 0
Send a private message to this user
In my case I had forgotten to set the correct gateway IP on the LAN computer I was trying to reach, the IP of course being that of the LAN NIC of the firewall
  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
To setup VPN to connect from the internet to pc's in the LAN do the following:

name: VPN
source: internet
dest: Firewall
service: Kerio VPN

name: VPN to firewall
source: VPN clients
dest: Firewall
service: any (*)

name: VPN to LAN
source: VPN clients
dest: LAN
service: any (*)

(*) instead of selecting all services it is better for security to allow only specific services.

When specifying an ip address for an user you can create more user specific rules for certain users. To allow an administrator access to the firewall and to disallow other users access to the firewall computer itself you can specify an ip number for the administrator (from the VPN range). Change the source of the rule 'VPN to firewall' to the ip number of the administrator and your done.

The VPN client needs to connect to the external (published) ip number of the firewall.

[Updated on: Thu, 28 October 2004 20:51]

  •  
Henry

Messages: 1
Karma: 0
Send a private message to this user
Still with your Explanation of filter rules a don´t got a ceonnection to my server behind the firewall, but the log shows no dropped packets.

Curious is, that ping (direct/recursive) is still working to all machine.

A network connection to the firewalls shares is possiblen, but not to the servers shares.

The Firewall is working on Windows 2003 Server, the other servers are Win NT 4.0.

Do anyone has an idea?

Henry
  •  
frdy

Messages: 2
Karma: 0
Send a private message to this user
I have the same problem as Henry:
Clients can "establish" a VPN connection to the server (one can see that they are logged in at the admin.console (hosts/users)).
But NO DATA is transferred.
I added exactly the rules of feite, wich seem to be logical and obviously right to me, but they unfortunatelly don't work at my KWF 6.0 Firewall/server Sad

  •  
ArDa

Messages: 1
Karma: 0
Send a private message to this user
I had to enable NAT in the third rule, posted by feite, to make this thing work. So that rule should look like this:

name: VPN to LAN
source: VPN clients
dest: LAN
service: any (*)

translation: NAT with LAN interface as a destination

Don't know if this right, but this works for me.

wbr

[Updated on: Wed, 05 January 2005 02:36]

  •  
javier_arboleda

Messages: 3

Karma: 0
Send a private message to this user
Hi, i've already do this change, but it still don't work, this is my configuration:

Inside Lan 192.168.2.0
Inside NIC UserPC 192.168.2.6
Inside NIC Firewall 192.168.2.10
Outside (Firewall<->Router) 192.168.1.0
Vpn Server Range 192.168.3.0
Connected VPN Client 192.168.3.10

Now....

192.168.3.10 can Ping 192.168.2.10 and 192.168.2.6
192.168.2.10 and 192.168.2.6 can Ping 192.168.3.10

But ping died in 1 minute aprox... and :

192.168.3.10 can't make a \\192.168.2.10 connection.
and 192.168.2.10 can't make a \\192.168.3.10 connection.

All ports are opened between VPN Client and LAN and Firewall...

What is wrong ???....
Previous Topic: Two Default Gateway
Next Topic: SiP and/or VoiP - Configuration of firewall
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Nov 20 18:33:34 CET 2017

Total time taken to generate the page: 0.00443 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.