Manualshelf

User`s guide

ManualsBrandsKerio ManualsSoftwareWeb Filter EDU, 100 user add-on
12345678910
Chapter 2 Headquarters configuration
8
Set the following parameters using the Wizard:
Internet connection types (page 2) select persistent connection with a single Internet
line.
Internet interface (page 3) — select an interface connected to the Internet.
Rules used for outgoing traffic (page 4) these rules enable access to Internet ser-
vices.
Rules for VPN (page 5) — leave both options enabled: Create rules for Kerio VPN (this
creates key traffic rules for interconnection of headquarters and filial networks and
for connection of remote clients — see chapter
4) and Create rules for Kerio Clientless
SSL-VPN (remote access to shared folders and files in the network via browser).
Note: It is meaningless to create rules for Kerio VPN at the filial’s firewall and for
incoming traffic (the server uses a dynamic IP address and clients cannot connect to
it). For this reason it is now necessary to disable creating of rules for Clientless SSL-
VPN.
Rules for incoming traffic (Step 6) — add mapping of SMTP service on the firewall.
Note: In this step you can also define mapping for other hosted services such as an
FTP server. This will be better understood through the second method — custom rule
definition. For details, see chapter 2.13.
2.5 DHCP Server Configuration
Go to the Configuration DHCP server section in Kerio Administration Console. Open the
Scopes tab to create an IP scope for hosts to which addresses will be assigned dynamically (the
Add Scope option). The following parameters must be specified to define address scopes:
Address rsnge select 192.168.1.10 to 192.168.1.254 (addresses from
192.168.1.1 to 192.168.1.9 will be reserved for servers and printing machines),
Network mask 255.255.255.0
Default gateway IP address of the firewall interface that is connected to the local
network (192.168.1.1).
DNS server IP address of the firewall interface that is connected to the local network
(192.168.1.1 the same as the default gateway). The WinRoute’s DNS forwarder will
be used as the primary DNS server. The forwarder will procure correct forwarding of
requests between the company’s offices and to the Internet.
Now add a reservation for the network printer. The address you reserve need not necessarily
belong to the scope described above, however, it must belong to the specified network (in