23.6 Example of a more complex Kerio VPN configuration
311
The
headquarters
uses
the
DNS
domain
company.com
,
filials
use
subdomains
santaclara.company.com
and
newyork.company.com
.
Configuration of individual
local networks and the IP addresses used are shown in the figure.
Figure 23.30
Example of a VPN configuration — a company with two filials
Common method
The following actions must be taken in all local networks (i.e. in the main office and both
filials):
1.
WinRoute
in version
6.1.0
or higher must be installed at the default gateway. Older
versions do not allow setting of routing for VPN tunnels. Therefore, they cannot be used
for this VPN configuration (see figure
Note:
For
each
installation of
WinRoute
, a separate license for corresponding number of
users is required! For details see chapter
2.
Configure and test connection of the local network to the Internet. Hosts in the local net-
work must use the
WinRoute
host’s IP address as the default gateway and as the primary
DNS server.
If it is a new (clean)
WinRoute
installation, it is possible to use the traffic rule wizard (refer
to chapter
).
For detailed description of basic configuration of
WinRoute
and of the local network, refer
to the
Kerio WinRoute Firewall — Step By Step
document.
3.
In configuration of the
DNS
module, set DNS forwarding rules for domains of the other
filials. This enables to access hosts in the remote networks by using their DNS names
(otherwise, it is necessary to specify remote hosts by IP addresses).
Summary of Contents for KERIO WINROUTE FIREWALL 6
Page 1: ...Kerio WinRoute Firewall 6 Administrator s Guide Kerio Technologies s r o...
Page 157: ...12 3 Content Rating System Kerio Web Filter 157 Figure 12 7 Kerio Web Filter rule...
Page 247: ...19 4 Alerts 247 Figure 19 14 Details of a selected event...
Page 330: ...Chapter 23 Kerio VPN 330 Figure 23 55 The Paris filial office VPN server configuration...
Page 368: ...368...