Kerio Tech Firewall6 Manuale Utente Scaricare il pdf (Pagina 322)

100

101

Chapter 21 Kerio VPN

322

Figure 21.21 Headquarter — ﬁnal traﬃc rules

• Create the Branch oﬃce rule which will allow connections to services in LAN 1.

• Add the Company headquarters rule allowing connections from both headquar-

ters subnets to the branch oﬃce network..

Rules deﬁned this way meet all the restriction requirements. Traﬃc which will not

match any of these rules will be blocked by the default rule (see chapter 6.3).

Conﬁguration of a ﬁlial oﬃce

1. Install WinRoute (version 6.0.0 or later) at the default gateway of the branch oﬃce

(“server”).

2. Use Network Rules Wizard (see chapter 6.1) to conﬁgure the basic traﬃc policy in

WinRoute. To keep the example as simple as possible, it is supposed that the access

from the local network to the Internet is not restricted, i.e. that access to all services

is allowed in step 4.

In this case, it would be meaningless to create rules for the Kerio VPN server and/or

the Kerio Clientless SSL-VPN , since the server uses a dynamic public IP address).

Therefore, leave these options disabled in step 5.

This step will create rules for connection of the VPN server as well as for communi-

cation of VPN clients with the local network (through the ﬁrewall).

1 2 ... 317 318 319 320 321 322 323 324 325 326 327 ... 397 398

Commenti su questo manuale

Nessun commento

Kerio Tech Firewall6 Manuale Utente Pagina 322

Commenti su questo manuale