Filter
Top Products
Chapter 21 Kerio VPN
310
VPN tunnels can be disabled by the Disable button. Both endpoints should be disabled
while the tunnel is being disabled.
Note: VPN tunnels keeps their connection (by sending special packets in regular time in-
tervals) even if no data is transmitted. This feature protects tunnels from disconnection
by other firewalls or network devices between ends of tunnels.
Traffic Policy Settings for VPN
Once the VPN tunnel is created, it is necessary to allow traffic between the LAN and the
network connected by the tunnel and to allow outgoing connection for the Kerio VPN
service (from the firewall to the Internet). If basic traffic rules are already created by
the wizard (refer to chapter
21.2), simply add a corresponding VPN tunnel into the Local
Traffic rule and the Kerio VPN service to the Firewall traffic. The resulting traffic rules
are shown at figure 21.10.
Figure 21.10 Traffic Policy Settings for VPN
Notes:
1. To keep examples in this guide as simple as possible, it is supposed that the Firewall
traffic rule allows to access any service at the firewall (see figure 21.11). Under these
conditions, it is not necessary to add the Kerio VPN service to the rule.
2. Traffic rules set by this method allow full IP communication between the local net-
work, remote network and all VPN clients. For access restrictions, define corre-
sponding traffic rules (for local traffic, VPN clients, VPN tunnel, etc.). Examples of
traffic rules are provided in chapter 21.5.