I need advice concerning a VPN Tunneling in Kerio WinRoute Firewall. The tunnel does work but no good comes of it, or so it seems.
I have two offices, each with public ip address, and I want to create VPN connection between them. Since I already use Kerio WinRoute on both servers (in the main and in the branch office), I want to use Kerio for it.
Now I have made the tunnel on both servers, made one in the main office passive, and one in the branch office active. I started VPN Servers at both sides of the tunnel. I managed to detect the remote certificate at the active end of the tunnel. The tunnel become connected. In the traffic policy of both servers I added the following rules:
1) Allow Remote Host --> Firewall Host (Service Kerio VPN)
2) Allow Firewall Host --> Remote Host (Service Kerio VPN)
3) Allow Local --> Tunnel to Remote Host (Any)
4) Allow Tunnel to Remote Host --> Local (Any)
Now how do I establish a connection based on this tunnel, that I don't get. In the Network Places there is no sign of any remote servers and I can't address one by ip address. Ping works but apparently thanks to other network rules. In the properties of the Kerio VPN adapter connection a few thousand packets received and none sent. And that on each side of the tunnel!
Could anybody help me? I am afraid that this is some idiot error, and I just forgot to do something... but I can't figure out what! Please, help me out!
You have to make sure your main office and branch office use different local IP segments and then you need to inform KWF about the routes to take to which IP segment. For example if main office is 192.168.0.* and branch office is 192.168.1.* you have to tell KWF at the branch office that traffic to 192.168.0.* needs to be sent to KWF at the main office. And vice versa.
Did you even look into routeing tables etc.?
Hope this helps a bit...
Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of