Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Need help with VPN

Messages: 1

Karma: 0
Send a private message to this user
I've 2 different LANs.

First is the workgroup (Filial with net, server IP
Other is the domain (Office with, server IP

They're connected via two PCI-modems and KWFs with VPN.

Filial's modem IP
Offices modem IP

Filial uses as the gateway Office's KWF. The default gateway for Filial is IP For all other hosts I installed DHCP server with default gateway and DNS server;provider DNS.

On both KWF VPN server installed and enabled (Filial server uses net, Office -

On the Office's KWF VPN Tunnel installed as the server (passive mode).
On the Filial KWF VPN is the client (active mode, connect to

Certificates installed correctly.

DNS forwarding is tuned as it was described in the manual. But I didn't set Custom forwarding on both KWFs. If I set it (for net forward to KWF start to use all CPU (I don;t know why).

In the traffic policy of the Filial and Office I set up rules as it was described in the manual. Local traffic includes in the source and destination Firewall, Lan, Net->office, VPN clients, VPN tunnel; permit; no NAT. Permit for VPN services from office.
For Office. Local traffic. Source and destination: Firewall, Lan, Net->Filial, VPN clients, VPN tunnel; permit; no NAT. Permitn for VPN services from Filial.

Tunnel is connected.

As result on the Filial KWF doesn't use tunnel. Moreover I can't ping from Filial none IP in the Office. I don't see from Filial any hosts in the Office. But I can use http, pop, smtp, etc. via NAT rule.
If I use VPN Client on the host in the Filial I can ping all hosts, use all services (http, ftp, pop, etc) but I don't see host in the office and can't use sharning resources.

What can be reason of this trouble? And how I can solve it?
Previous Topic: Scope in DHCP
Next Topic: wradmin shows not enough entrys in his dial menu
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Nov 19 17:21:25 CET 2017

Total time taken to generate the page: 0.00438 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.