Answer the question
In order to leave comments, you need to log in
How to add a route to the routing table with the VPN server interface in Kerio?
Continuation of the previous question...
On the kerio control server (10.1.57.1) there is a server in the kerio VPN/IPSec interfaces section with VPN clients connected to it (client network 10.1.50.0/24). I'm trying to connect Asus rt-ac66u (firmware tomato VPN) as an l2tp client to the server using 3G Internet (l2tp connection is selected on the WAN interface). The connection is established, the internal IP is assigned: 10.1.58.228.
From hosts connected to asus and asus itself, the server and subnets behind the server are pinged.
Windows kerio VPN clients connected to this server ping in both directions. The rules are the same for them!
Added rules on the server allowing pings in any direction!
Network 10.1.58.228 is pinged. NAT is disabled on the client side. From the side of Kerio, in the anti-spoofing logs, I saw a subnet blocking, which is behind the client. Disabled anti-spoofing.
Now I saw a problem, in the Kerio routing table I did not find a function that adds a VPN connection interface to the routes!
Here I stopped. How to force Kerio to go to subnets behind L2TP interfaces - VPN clients?
How to add a route to the routing table with the "VPN server" interface in Kerio? if this is not in the list, there are only physical interfaces.
Answer the question
In order to leave comments, you need to log in
No way.
In your case, a client-to-network connection is created, and a network-to-network connection is required. Therefore, in one direction (towards Kerio and the networks behind it) any connection, back only to the client IP (the native Kerio client is an exception).
Almost the same problem. For 200 km Asus RT-N66U with Merlin firmware and a working L2TP channel to us at Kerio as a client. It is required to access the internal network for Asus RT-N66U. The http protocol would be enough, but Merlin does not hold a proxy, does not open SSH on the L2TP interface, etc.
And even if Kerio made it possible to create a route using the VPN interface, nothing would have happened: checked by replacing Kerio with Ms RRAS server.
But it's easier for us, where the Asus RT N66U is also Mikrotik. We are trying to get to it in order to implement an IPSec network-network between it and Kerio.
as far as I remember there were vpn clients. If it's not a secret, why did you choose the l2tp vpn server? there is a more practical solution for joining two networks (OpenVPN)
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question