Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » VPN clients not routed to local network
  •  
banners

Messages: 2
Karma: 0
Send a private message to this user
Hi All

Compared to all other forum entries, I believe I have a rather unique configuration as I'm only using Kerio as a VPN Server.

Kerio installed on a machine with single LAN adapter. Primary firewall is port forwarding to Kerio machine.

Remote clients connect OK and they get an IP address allocated by Kerio (private range 10.0.0.0 - NOTE: Kerio is not a DHCP server). Routing is setup where remote users should be binding to local network, however, none of the client machines can see the rest of the network, only Kerio machine. There are no rules configured to block access to any interfaces.

Hope someone out there has come across (and hopefully resolved) this issue.
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Can they ping LAN users directly (using the IP address)?
  •  
banners

Messages: 2
Karma: 0
Send a private message to this user
remote clients can only ping the VPN server (kerio) and none of the other clients on the attached LAN. EG. VPN network is 10.0.0.x and LAN is 192.168.0.x. These two can't see each other, though the VPN server has a 192.168.0.x address and LAN connected clients can ping it.

Its curious coz this arragement used to work when my Kerio machine was managing DHCP. Move DHCP services to another box (bigger server) and it doesn't work anymore
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
That is strange indeed. You wouldn't think it dependant upon KWF being the DHCP server.

Sorry, I can't help you further.
  •  
frankxs

Messages: 85
Karma: 0
Send a private message to this user
Make sure your Kerop VPN server is assigning the same dns server IPs that your local lan cleints are using. When you do an incponfig /all on the cleit during a VPN session, you should see the same *internal* dns servers that you always use on your LAN.

-Frank
Previous Topic: Basic working architecture
Next Topic: Block AD user group
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Nov 24 12:01:39 CET 2017

Total time taken to generate the page: 0.00405 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.