Kerio Tech KERIO WINROUTE FIREWALL 6 User Manual

Chapter 7

Traffic Policy

76

Figure 7.7

Traffic Policy generated by the wizard

FTP Service and HTTP Service

These rules map all HTTP and HTTPS services running at the host with the 192.168.1.10

IP address (step 6). These services will be available at IP addresses of the “outbound”

interface of the firewall (i.e. the interface connected to the Internet — page 3).

Note: Since WinRoute 6.4.0, mapped services can be accessed also from local networks

— it is therefore not necessary to use another (private) IP address for connections from

local clients. Therefore, the Source value is set to Any. For details, see chapter

7.3

.

Kerio VPN Service and HTTPS Service

The Kerio VPN service rule enables connection to the WinRoute’s VPN server (establish-

ment of control connection between a VPN client and the server or creation of a VPN

tunnel — for details, see chapter

23

).

The HTTPS Service rule allows connection via the Clientless SSL-VPN interface (access to

shared network items via a web browser — for details, see chapter

24

).

These rules are not created unless the option allowing access to a particular service is

enabled in step 5.

Note: In these rules, value for Source is also set to Any. The main reason for this is to

keep consistent with rules for mapped services (all these rules are defined in page 6 of the

wizard). Access to firewall services from the local network is, under normal conditions,

allowed by the Firewall traffic rule but this is not always true.