Manualshelf

User`s guide

ManualsBrandsKerio ManualsSoftwareControl 7, 100 user add-on, GOV
12345678910
Headquarters configuration
10
Set the following parameters using the Wizard:
Internet connection types (the wizard, page 2) select persistent connection with
a single Internet line.
Internet interface (the wizard, page 3) — select an interface connected to the Internet.
Rules used for outgoing traffic (the wizard, page 4) these rules enable access to
Internet services.
Rules for VPN (the wizard, page 5) leave both options enabled: Create rules for
Kerio VPN (this creates key traffic rules for interconnection of headquarters and filial
networks and for connection of remote clients see chapter 4) and Create rules for
Kerio Clientless SSL-VPN (remote access to shared folders and files in the network via
browser).
Note: There is no reason to create rules for Kerio Clientless SSL-VPN on the firewall of
the branch office (Active Directory domain is not used on the side of the branch office).
Rules for incoming traffic (the wizard, page 6) — add mapping of SMTP service on the
firewall.
Note: In this step you can also define mapping for other hosted services such as an
FTP server. This will be better understood through the second method — custom rule
definition. For details, see chapter 2.14.
2.5 Intrusion Prevention System
In Configuration Traffic Policy Intrusion Prevention, enable detection of known types of
network intrusions coming from the Internet and from known intruders. The default setting
is optimized and it is usually not necessary to change it. Howeever, it is recommended to
check Security regularly and evaluate possible false alarms. For details, see Kerio Control
Administrator’s Guide (
http://www.kerio.com/firewall/manual).
2.6 DHCP Server Configuration
Go to the Configuration DHCP server section in Kerio Administration Console. Open the
Scopes tab to create an IP scope for hosts to which addresses will be assigned dynamically (the
Add Scope option). The following parameters must be specified to define address scopes:
Address rsnge select 192.168.1.10 to 192.168.1.254 (addresses from
192.168.1.1 to 192.168.1.9 will be reserved for servers and printing machines),
Network mask 255.255.255.0
Default gateway IP address of the firewall interface that is connected to the local
network (192.168.1.1).