Chapter 23 Kerio VPN
326
6. Create a passive endpoint of the VPN tunnel connected to the Paris filial. Use the finger-
print of the VPN server of the Paris filial office as a specification of the fingerprint of the
remote SSL certificate.
Figure23.49 TheLondon filial office — definition of VPN tunnel for the Paris filial office
On the Advanced tab, select the Use custom routes only option and set routes to Paris’
local networks.
7. Add the new VPN tunnels into the Local Traffic rule. It is also possible to remove the
Dial-In interface and the VPN clients group from this rule (supposing that all VPN clients
connect to the headquarters’ server).