21.5Example of Kerio VPN configuration: company with a filial office
21.5Example of Kerio VPN configuration: company with a filial office
This chapter provides a detailed exemplary description on how to create an encrypted tunnel connecting two private networks using the Kerio VPN .
This example can be easily customized. The method described can be used in cases where no redundant routes arise by creating VPN tunnels (i.e. multiple routes between individual private networks). Configuration of VPN with redundant routes (typically in case of a company with two or more filials) is described in chapter 21.6.
Note: This example describes a more complicated pattern of VPN with access restrictions for individual local networks and VPN clients. An example of basic VPN configuration is provided in the Kerio WinRoute Firewall — Step By Step Configuration document.
Specification
Supposing a company has its headquarters in New York and a branch office in London. We intend to interconnect local networks of the headquarters by a VPN tunnel using the Kerio VPN . VPN clients will be allowed to connect to the headquarters network.
The server (default gateway) of the headquarters uses the public IP address 63.55.21.12 (DNS name is newyork.company.com), the server of the branch office uses a dynamic IP address assigned by DHCP.
The local network of the headquarters consists of two subnets, LAN 1 and LAN 2. The headquarters uses the company.com DNS domain.
The network of the branch office consists of one subnet only (LAN). The branch office filial.company.com.
