Manualshelf

User`s guide

ManualsBrandsKerio ManualsSoftwareControl 7, 100 user add-on, GOV
11121314151617181920
2.15 Secured access of remote clients to LAN
17
Name Source Destination Service Action Translation Valid in
Access to email Group Access
to email
Firewall IMAP
IMAPS
POP3
POP3S
Allow Working hours
Table 2.3 Enabling access to the firewall’s mailserver services
Notes:
1. This rule enables access to IMAP and POP3 services in both encrypted and
unencrypted versions — client can select which service they will use.
2. Based on this example, the SMTP service was mapped by the traffic rules Wizard
(refer to chapter 2.4) — the appropriate rule already exists.
3. Access to the SMTP service must not be limited to certain IP addresses only as
anyone is allowed to send an email to the local domain.
2.15 Secured access of remote clients to LAN
Enable the VPN server for secured access of remote clients (“VPN clients”) to LAN under Con-
figuration Interfaces (for details, see chapter 4.1). No additional settings are required.
Communication of VPN clients is already allowed by the traffic policy created by the wizard —
refer to chapter 2.4.
Kerio VPN Client
Kerio VPN Client must be installed at each remote host to enable their connection to the
VPN server in Kerio Control. This application is available for Windows, Mac OS X and Linux.
Installation files can be downloaded from http://www.kerio.com/firewall/download.
Clients will connect to the server at the headquarters (i.e. to 85.17.210.230) or to the server
name server.company.com and they will be authenticated through their domain usernames
and passwords (see chapter
2.9).
For help details, see Kerio VPN Client — User’s Guide (http://www.kerio.com/firewall/manual).
2.16 LAN Hosts Configuration
TCP/IP parameters for the hosts that are used as the domain server and as the FTP server
must be configured manually (its IP address must not be changed):
IP address — we will use the 192.168.1.2 address (refer to chapter 2.6),
Default gateway use IP address of the appropriate firewall interface (192.168.1.1),
DNS server since Microsoft DNS is running on the host, the system sets the local
loopback address (loopback 127.0.0.1) as the primary DNS server.