Kerio Tech Firewall6 User Manual

23.6 Example of a more complex Kerio VPN configuration

349

Configuration of the London filial

1.

Install WinRoute (version 6.1.0 or higher) at the default gateway of the filial’s network.

2.

Use Network Rules Wizard (see chapter

7.1

) to configure the basic traffic policy in WinRoute.

To keep the example as simple as possible, it is supposed that the access from the local

network to the Internet is not restricted, i.e. that access to all services is allowed in step 4.

In step 5 of the wizard, select the Create rules for Kerio VPN server option (setting of the

Create rules for Kerio Clientless SSL-VPN option is not regarded here).

Figure 23.44

The London filial — no restrictions are applied to accessing the Internet from the LAN

Figure 23.45

The London filial office — creating default traffic rules for Kerio VPN

This step will create rules for connection of the VPN server as well as for communication

of VPN clients with the local network (through the firewall).

3.

Customize DNS configuration as follows:

•

In configuration of the DNS Forwarder in WinRoute, specify DNS servers to which

DNS queries which are not addressed to the company.com domain will be for-