Overview
Kerio VPN Server offers clients a secure way to connect to the network using devices such as desktops, notebooks, and mobile devices.
You must enable communication through a VPN in Traffic Rules before you start configuring the Kerio VPN Server.
Solution
- In the Administration interface, go to Configuration -> Interfaces.
- Double-click on VPN Server.
- In the VPN Server Properties dialog, check Enable Kerio VPN Server.
- Select the Kerio VPN tab and select a valid certificate.
- Port 4090 is set as default. Both TCP and UDP protocols are used.
- To specify a VPN route manually, refer to Configuring VPN server routing.
- Kerio VPN Server directs the traffic from VPN clients in two ways:
- Only traffic that ends in the Kerio Control network goes through the firewall — default mode. This type of connection is called split tunneling.
- All traffic goes through the firewall — select VPN clients access the Internet through the VPN.
- Verify that your default Internet access (NAT) rule includes the VPN client site.
- Save the settings.
Note: Do not switch to another port without a proper reason. If it is not possible to run the VPN Server on the specified port, the error is reported in the error log. If you change the port, notify all the users of the VPN Client to suffix the port number to the server name / IP address with a colon (like 'server1:4091').
Confirmation
Once the settings are saved, the Kerio VPN is set up with a server interface and is ready to connect to a secure network. The VPN clients can establish a secure connection to the Kerio Control VPN server.