Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » FAQ About WinRoute  () 2 Votes
  •  
Kerio_jthomas

Messages: 511
Karma: 1
Send a private message to this user
Here are answers to a few questions that I sometimes see about WinRoute Firewall, and cause confusion:

Can I use WinRoute on a server with only one network interface?

No. WinRoute is designed to route packets via multiple interfaces, and will not behave properly with only one network interfaces. Do not attempt to use it as a stand-alone DHCP server, VPN Server, etc. It will not work properly, and we will not support it.


Say I have a VPN user and a user on my local network. Can the local user access shares and services on the VPN user's system?


No. The VPN client provides access for client to other networks; connections from networks to the VPN user may or may not work correctly. We've seen some situations where it happened to work for the users - but this configuration is not supported by Kerio.

I have three WinRoute servers at three locations - A, B and C. Each have a VPN tunnel to each other: A to B, A to C, and B to C. When a VPN user connects to A, and tries to contact B, the packets go through C! What's up?

WinRoute currently does not have metrics for VPN routing, and therefore it can not determine optimal routes in a multi-VPN server setup. This is a feature we hope to eventually introduce.

To make such a VPN work correctly, you have to setup the VPN routes manually. For detailed information on this, please see the "More complex VPN scenario" example in the KWF Administrator's Guide (http://www.kerio.com/manual/kwf/en/sect-vpnexample2).

Cheers,
Joshua Thomas

[Updated on: Thu, 03 March 2011 14:08] by Moderator


Joshua Thomas
Technical Support Manager
2350 Mission College Blvd, Suite 400
Santa Clara, CA 95054
Phone: (408) 496-4500
Fax: (408) 496-6902
http://www.kerio.com/support.html

  •  
gizmoz

Messages: 1
Karma: 0
Send a private message to this user
When will Winroute firewall support vlan?

It would be nice if it were possible to connect Winroute to a trunk port and handel vlans in winroute (routing between vlans, Vlan dmz, ect.)If this is to be used in a coperate network is't almost a must to be able to handel vlans

is it somting you have planned?



Regards

Gizmoz
  •  
denchikd

Messages: 4
Karma: 1
Send a private message to this user
We use kerio at many sites that all have Layer3 vlans. We set the Default gateway of our layer3 routers/switches to go to kerio. Then in kerio we create address groups to define the vlans. This gives us a lot of control and allows the admins at each site to administer their network via the simple UI of Kerio.

  •  
bruggles

Messages: 125
Karma: 1
Send a private message to this user
I 2 would like to see Kerio Add this Feature!!
  •  
bareare

Messages: 28
Karma: 0
Send a private message to this user
denchikd wrote on Tue, 17 April 2007 01:04
We use kerio at many sites that all have Layer3 vlans. We set the Default gateway of our layer3 routers/switches to go to kerio. Then in kerio we create address groups to define the vlans. This gives us a lot of control and allows the admins at each site to administer their network via the simple UI of Kerio.


Hi

I'm running a small network with servers. All my servers are given a public internet IP-address. Will this VLAN setup in Kerio ensure that one server can't listen to network traffic to/from other servers? With the current firewall, this is a nightmare to setup.

My second concern is speed: I'm using Fortigate hardware firewall today. Will Kerio or similar software based firewalls be slower? I'm thinking that since you can have pretty powerfull machines, it should outperform hardware firewalls?
  •  
bareare

Messages: 28
Karma: 0
Send a private message to this user
Since this hasn't been answered, I have purchased more of hardware firewalls and standardized on FortiNet and abandoned this solution from Kerio. I would really wish that sale-support would be more present, I'm sure that would have generated a lot more sale. For me, it's to late now, but I might revisit in some years when our firewall-hardware is up for renewal again.
Previous Topic: 2 Multiple websites behind firewall
Next Topic: KWF and guests acounting software
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Oct 22 13:43:24 CEST 2017

Total time taken to generate the page: 0.00480 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.