Overview

While trying to connect Kerio Phone to Kerio Control firewall, the specific configuration should be performed. In this particular scenario, Kerio Phone is accessed through Kerio VPN client from an external endpoint and Kerio Operator is connected to Kerio Control via LAN.

Screen_Shot_2020-12-17_at_2.35.26_PM.png

The web access for Kerio Phone local users simply times out and cannot be reached.

This article provides information on how to configure both Kerio Control and Kerio Operator settings to resolve such problems.

Solution

Kerio Operator is connected both to the ISP router (marked as yellow) and Kerio Control firewall. The exact network diagram is the following:

Screen_Shot_2020-12-17_at_3.05.18_PM.png

Kerio Operator Network configuration is using advanced Gateway settings.

Screen_Shot_2020-12-17_at_2.41.00_PM.png

Important: Kerio Operator has NAT enabled (Operator is behind a firewall) checkbox. For more information, please refer to Configuring NAT in Kerio Operator.

In this case, the gateway on the Operator side is matching Kerio Control Ethernet interface IP.

Screen_Shot_2020-12-17_at_2.42.59_PM.png

Kerio Operator Routing Table should propagate 2 network interfaces/routes (Ethernet and VoIP).

Screen_Shot_2020-12-17_at_2.51.11_PM.png

Kerio Control Traffic Rules should have Kerio Operator services allowing access to the Internet.

  Source: Ethernet

  Destination: <Public_router_IP>

  Services: Kerio Operator services

  Action: Allow

  Translation: MAP <Kerio_Operator_local_IP>

Screen_Shot_2020-12-17_at_3.13.09_PM.png

VPN access is possible using standard pre-configured Traffic Rules.

Screen_Shot_2020-12-17_at_3.19.15_PM.png

Kerio Control DNS hosts table has a custom entry configured for the Kerio Operator server.

Screen_Shot_2020-12-17_at_2.48.10_PM.png

Articles in this section

Connecting Kerio Operator Softphone over Kerio Control VPN

Overview

Solution

Articles in this section

Overview

Solution

Related articles