Firewall Traffic

Problem Users can not connect to WinRoute, using the VPN Client. The decision to work properly VPN client several steps: 1. VPN Server interface WinRoute Administration Console must be enabled. This setting can be found in the Configuration / Interfaces. If it is not enabled, select the device and click Edit. Then select Enable VPN Server.

2. VPN Server interface must be configured to assign an appropriate range of IP-addresses for clients. This is set by selecting the device by pressing Edit, then add a range and a mask for the IP-address assignment. This range should be a class of private IP-addresses (eg and should not be a range, which is already used in the network. 3.

DHCP Server in WinRoute must be enabled. DHCP Server assigns IP-addresses to VPN clients. To enable the DHCP Server, go to Configuration / DHCPServer and check the Enable DHCPServer. 4. Rules should be created traffic policy, which allowed VPN traffic Client’a through the firewall. This rule should look like this: * Source: Any (or specific IP addresses you wish to allow) * Destination: Firewall * Service: Kerio VPN * Action: Permit 5. Another rule traffic policy should be created to allow traffic from end users to the sources that you allow. This rule should be as follows: * Source: VPN Clients * Destination: LAN (or specific IPs / hosts) * Service: Any (or specific services) * Action: Permit Note: In addition to these settings, TCP and UDP traffic should be allowed from the client to the server WinRoute. This may be a problem if there are other firewalls between the client and WinRoute. We recommend you to disable personal firewalls on the client machine. When testing the settings are correct, you can connect via VPN-client. If you can not, please enable VPN logging on WinRoute: 1. Select the debug log section in the administration console. 2. Right-click inside the window debug magazine. Select Messages. 3. Check out all the options within a group of VPN. Once you have done all this, give the request for technical support Kerio.