Overview

While trying to set up a Kerio VPN tunnel between two Kerio Control VMs, the tunnel can't be established. The firewalls are connected to each other with an ethernet cable.

The network diagram is below.

While setting up an Active-Passive tunnel connection, the state is Connecting with Operation timeout 145 error.

The article provides details on proper Kerio Control configuration for such a scenario.

Information

In this case, both Kerio Control servers are located in the same physical location and they are connected with each other using virtualized network adapters.

In such a particular scenario, it's recommended to use Static Routes instead of Kerio VPN tunnel configuration. The VPN connection should be established between remote locations, situated on different premises.

Usage of VPN in such deployment may result in VPN tunnel error "The same network is used on both sides".

Note: 10.10.5.1 is the IP address of the O&M Kerio machine.

The Statis Routes should be enabled on both firewalls. In this environment, the static routes were set to the following values:

O&M Kerio

Network: 10.10.197.0

Mask: 255.255.255.0

Interface: Port 5

Gateway: 10.10.197.1

---

North Sub Kerio

Network: 10.10.5.0

Mask: 255.255.255.0

Interface: Port 5

Gateway: 10.10.5.1

Testing

Once static routes are configured on both sides, verify the successful connection using IP tools ping.