Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » VPN , please need help ......
  •  
bubblefish

Messages: 33
Karma: 0
Send a private message to this user
<_at_>all
( sorry for my bad english )

NEED help by kerio vpn

I am running on my win 2000 the kerio kwf 6.0.10 with kerio mailserver + ftp server + apache with 6 virtuall hosts.
ALL work fine , perfect

but , now i need to make a connection to my office with vpn

1: ) I anabled VPN on the winroute machine - OK
2: ) My VPN Lan is on IP 10.189.0.1 Mask 255.255.255.0
3: ) All users allow to connect with VPN
4: ) Make a rule for incoming service ..
service VPN --- source ADSL , LAN - Extern .... destination firewall ......service kerio vpn..
5: ) Make a rule for vpn clients .. vpn client d:vpn client serv: all
5: ) Install kerio clients on the PC#s

I can connect with the kerio vpn client my winroute server
( if a connect i get a IP from the server looks like 10.189.0.1 and the next user 10.189.0.2 etc ... OK ) via dos..
I can ping this IP#s and also i can ping all PC#s of my office lan - ( 192.168.0.1 + 192.168.0.2 etc ) perfekt. via dos..
I see in kwf the connect via port 4090

But i cannot connect the pc and i find no free folders in my nethwork.... ( but the folders are free for the users in lan )

many hours and no succsess , please help

bubblefish ( A U S T R I A )




  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
connect to a network share using the ip address of the server like this (dos): net use <drive letter:> \\<ip address>\<share name>
  •  
bubblefish

Messages: 33
Karma: 0
Send a private message to this user
Hi , thanks for the answer

The problem is ..
I cannot connect the server , I only can ping the server.

If I connect via VPN , I see the connect on the Winroute server and the Server IP , and I can ping all Computers in the
Winroute LAN !!
If my VPN PC connect the server he get a new dynamic IP from the Winroute server . The servers IP = 10.189.35.1 and the client have IP = 10.189.35.4 , if I seek the computer ( my VPN Pc )
I find it , and I can open my free shares.
The Server VPn PC was not founnd !!

thats all ???

Is it possible that my problem came from "pptp" , I use ADSL ??

thx
bubblefish
  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
Check if you have the following traffic rules:

This rule allows you to connect to the firewall using the VPN client
name: VPN service
source: internet
dest: firewall
service: Kerio VPN
action: allow
translation: none
protocol inspector: default

Once the connection is in place you need to allow traffic to flow from the VPN client to the firewall and/or lan pc's.

This rule allows traffic from the VPN client to the firewall
name: VPN clients to firewall
source: VPN clients
dest: firewall
service: any (or specify the services you want to allow)
action: allow
translation: none
protocol inspector: default

This rule allows traffic from the VPN client to pc's in the lan
name: VPN clients to LAN
source: VPN clients
dest: LAN
service: any (or specify the services you want to allow)
action: allow
translation: none
protocol inspector: default

You can enable packet logging to see how the traffic flows.
  •  
bubblefish

Messages: 33
Karma: 0
Send a private message to this user
Hallo feite - thanks for your help

I have this tree service in my rules...

MY Server IP Local LAN = 192.168.0.2 static
MY Server IP Extern LAN = 192.168.1.1 static
My Server VPN LAN = 192.168.3.0 , then my Server = 192.168.3.1

The VPN get the IP with DHCP - First PC 192.168.3.2
Sec PC 192.168.3.3 etc.etc..

At first :
When I connect my Server in the local LAN with a client PC ( static IP = 192.168.0.3 )

From another PC ( not in the local LAN ) Static IP 192.168.0.100
I make a VPN connection to my VPN SERVER...
and get a VPN IP = 192.168.3.5

In the winroute log I see the connection , and in the log dat
i can read PERMIT ... :4090 xxxxx:4090
Port 4090 is open - Kerio VPN Service

Next:
I ping my own PC 192.168.3.5 --- ping OK
I ping my VPN Server IP 192.168.3.1 -- ping OK
I ping my connect Server with his Lan IP = 192.168.0.2 --- Ping OK !
I ping my LAN PC ( in the local LAN by the Winroute server ) IP: 192.168.0.2 --- ping OK !
I ping all my LAN PC ( in the local LAN by the Winroute server ) IP: 192.168.0.6 and 192.168.0.7 etc . etc ... ping OK !

Trouble:
if i want to go to the Server via \\192.168.0.2 or with \\192.168.3.1
nothing nothing nothing nothing ... no error in the logs -- nothing nothing

I work now 20 hours , 50 coffes , 100 cigarettes ....

nothing....

many thanks for help
bubblefish ( A U S T R I A )


PS: is it possible

A: ) my provider ADSL is blocking the vpn connection
b: ) my connection is ADSL via PPTP an there is a conflict
c: ) my workgroup name is not " workgroupe " it is "MYLAN"
d: ) I AM TO STUPID ??? for VPN

thanks





  •  
bubblefish

Messages: 33
Karma: 0
Send a private message to this user
to all

witch ports are used for vpn

4090 is open tcp/udp

1723 pptp ?????

thx
bubblefish
  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
KerioVPN uses 4090 only (TCP and UDP).
  •  
feite

Messages: 523
Karma: 0
Send a private message to this user
You test from a pc which ip address (192.168.0.100) belongs to the same subnet range as the lan. Make sure these ranges are not the same. Change one of them.
  •  
bubblefish

Messages: 33
Karma: 0
Send a private message to this user
hi feite

thanks for the tip , i have change the lan ip's last friday

my server lan ( local lan ) = 192.168.0.2 and the clients are in the same subnet 192.168.0.X

my VPN lan ( on Winroute server ) = 192.168.3.0 , I think that know the Servers IP = 192.168.3.1 and the clients are dyn at 192..168.3.X

my Office LAN ( outside ) = 192.168.2.0 and my connect VPN clients IP's = 192.168.2.7 and 192.168.2.8 etc.etc.

But I see the connect on my Server Winroute and the client get a dhcp IP like 192.168.3.3

But thats all

If open the nethwork STATUS connect card , on the client I only see
Pakete:
Gesendet ( sendig Pakets ) = 0
and Empfangen ( received pakets) = 4989

The port is open 4090

so much hours for nothing .........
thx
leopold


  •  
bubblefish

Messages: 33
Karma: 0
Send a private message to this user
Hello to all

Thanks for help

IT WORK's

I change my static IP#s , reboot all ps#s , server and lan and office lan...

now it works , i can connect the winroute server
and I'am happy

Only my local LAN ( by the winroute server ) there is no access , i can ping it all , but thats all
I think the roules for lan traffic are not correct

thanks
bubblefish
Previous Topic: Is Kerio WinRoute Firewall what i need?
Next Topic: What the optimal MTU settings
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Nov 24 14:20:38 CET 2017

Total time taken to generate the page: 0.00978 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.