Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Incoming/Outgoing traffic
  •  
frox

Messages: 1
Karma: 0
Send a private message to this user
Hi, I'm an old winroute pro user, and I've started testing winroute firewall 6.1.2 to exchange it with. One thing I haven't figured out yet is how do I define rules (packet filter) for incoming and outgoing, for instance allow all outgoing and set some filters on incoming etc.

BTW I've recently noticed that winroute pro constantly (every 2 seconds) tries to create the mail/spool directory even if it already exists and I don't use the mail feature. (I've checked it with Filemon)

Thanks.
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
frox wrote on Mon, 19 September 2005 15:48

One thing I haven't figured out yet is how do I define rules (packet filter) for incoming and outgoing, for instance allow all outgoing and set some filters on incoming etc.

This is done in Traffic Policy. You can there define 'allow' and 'deny' rules for different services (ports), from/to certain users, networks, etc.
  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
In 4.2 you had to define both outgoing and incomming rules. If you wanted to browse te internet there was an outgoing rule for traffic from any port to port 80 (outgoing) and another rule for traffic incomming on port 80. In KWF 6 the rule for reply packets is automatically created on the fly. To browse internet you create the following rule:

name: HTTP
source: network interface LAN
dest: network interface internet
service: HTTP, HTTPS
action: allow
translation: NAT default outgoing

When a user browses to a site the outgoing packet is allowed. Only reply packets from the website are accepted and allowed in. The reply packets are automatically forwarded to the client pc.

If you want your users to browse the internet using the proxy server of KWF you need different rules:

name: HTTP proxy
source: network interface LAN
dest: firewall
service: HTTP proxy
action: allow
translation: none

name: HTTP
source: firewall
dest: network interface internet
service: HTTP, HTTPS
action: allow
translation: NAT default outgoing

The first rule allows access from the lan to the firewall (where the proxy is) on the port of the proxy server. The second rule allows the firewall to access the internet.
Previous Topic: Speed limit and user restriction ?
Next Topic: Kerio WinRoute Firewall 6.1.2 and Kerio VPN Client 1.1.2 released!
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Nov 19 17:21:42 CET 2017

Total time taken to generate the page: 0.00428 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.