Chapter 6 Traffic Policy

Allow access to the following services only

Only selected services will be available from the local network.

Note: In this dialog, only basic services are listed (it does not depend on what ser- vices were defined in WinRoute — see chapter 12.3). Other services can be allowed by definition of separate traffic policy rules— see chapter 6.3.

Step 5 — enabling Kerio VPN traffic

To use WinRoute’s proprietary VPN solution in order to connect remote clients or to create tunnels between remote networks, keep the Create rules for Kerio VPN server selected. Specific services and address groups for Kerio VPN will be added. For detailed information on the proprietary VPN solution, refer to chapter 21.

If you intend not to use the solution or to use a third-party solution (e.g. Microsoft PPTP, Nortel IPSec, etc.), disable the Create rules for Kerio VPN option.

To enable remote access to shared items in the local network via a web browser, keep the Create rules for Kerio Clientless SSL-VPNoption enabled. This interface is independent from Kerio VPN and it can be used along with a third-party VPN solution. For detailed information, see chapter 22.

Figure 6.6 Network Policy Wizard — Kerio VPN

Step 6 — specification of servers that will be available within the local network

If any service (e.g. WWW server, FTP server, etc. which is intended be available from the Internet) is running on the WinRoute host or another host within the local network, define it in this dialog.

Note: If creating of rules for Kerio VPN was required in the previous step, the Kerio VPN and HTTPS firewall services will be automatically added to the list of local servers. If these services are removed or their parameters are modified, VPN services will not be available via the Internet!

90

Page 90
Image 90
Kerio Tech Firewall6 manual Allow access to the following services only, Enabling Kerio VPN traffic