Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Need help with VPN
  •  
vyto

Messages: 1

Karma: 0
Send a private message to this user
I've 2 different LANs.

First is the workgroup (Filial with net 192.168.10.0, server IP 192.168.10.1).
Other is the domain (Office with 192.168.1.0, server IP 192.168.1.1).

They're connected via two PCI-modems and KWFs with VPN.

Filial's modem IP 192.168.2.78.
Offices modem IP 192.168.2.77.

Filial uses as the gateway Office's KWF. The default gateway for Filial is IP 192.168.2.77. For all other hosts I installed DHCP server with default gateway 192.168.10.1 and DNS server 192.168.10.1;provider DNS.

On both KWF VPN server installed and enabled (Filial server uses net 172.26.72.0, Office - 172.26.73.0).

On the Office's KWF VPN Tunnel installed as the server (passive mode).
On the Filial KWF VPN is the client (active mode, connect to 192.168.2.77).

Certificates installed correctly.

DNS forwarding is tuned as it was described in the manual. But I didn't set Custom forwarding on both KWFs. If I set it (for net 192.168.10.0 forward to 192.168.10.1) KWF start to use all CPU (I don;t know why).

In the traffic policy of the Filial and Office I set up rules as it was described in the manual. Local traffic includes in the source and destination Firewall, Lan, Net->office, VPN clients, VPN tunnel; permit; no NAT. Permit for VPN services from office.
For Office. Local traffic. Source and destination: Firewall, Lan, Net->Filial, VPN clients, VPN tunnel; permit; no NAT. Permitn for VPN services from Filial.

Tunnel is connected.

As result on the Filial KWF doesn't use tunnel. Moreover I can't ping from Filial none IP in the Office. I don't see from Filial any hosts in the Office. But I can use http, pop, smtp, etc. via NAT rule.
If I use VPN Client on the host in the Filial I can ping all hosts, use all services (http, ftp, pop, etc) but I don't see host in the office and can't use sharning resources.

What can be reason of this trouble? And how I can solve it?
Previous Topic: Scope in DHCP
Next Topic: wradmin shows not enough entrys in his dial menu
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Nov 19 17:21:25 CET 2017

Total time taken to generate the page: 0.00438 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.