Kerio Tech Firewall6 Network Router User Manual


 
21.6 Example of a more complex Kerio VPN configuration
329
Specification
The network follows the pattern shown in figure 21.31.
Figure 21.31 Example of a VPN configuration a company with two filials
The server (default gateway) uses the fixed IP address 63.55.21.12 (DNS name is
gw-newyork.company.com). The server of one filial uses the IP address 115.95.27.55
(DNS name gw-london.company.com), the other filial’s server uses a dynamic IP address
assigned by the ISP.
The headquarters uses the DNS domain company.com, filials use subdomains
santaclara.company.com and newyork.company.com. Configuration of individual lo-
cal networks and the IP addresses used are shown in the figure.
Common method
The following actions must be taken in all local networks (i.e. in the main office and both
filials):
1. WinRoute in version 6.1.0 or higher must be installed at the default gateway. Older
versions do not allow setting of routing for VPN tunnels. Therefore, they cannot be
used for this VPN configuration (see figure 21.31).