Перейти из форума на сайт.

НовостиФайловые архивы
ПоискАктивные темыТоп лист
ПравилаКто в on-line?
Вход Забыли пароль? Первый раз на этом сайте? Регистрация
Компьютерный форум Ru.Board » Компьютеры » Программы » Прошу помощи в настройке Kerio Control

Модерирует : gyra, Maz

articlebot (10-08-2013 00:24): Kerio Control (ex Kerio WinRoute Firewall)  Версия для печати • ПодписатьсяДобавить в закладки

   

Gnome69

Junior Member		Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
Сразу хочу сказать что до этого никогда не использовал данную программу.
Ситуация такая: есть 4 компьютера подключённые к ADSL модему D-Link 2640U, модем настроен в режиме Bridge, для доступа в интернет используется PPPoE соединение по средствам ОС Windows на первом ПК. Остальные (3 ПК) пользователи должны ходить в интернет через Kerio Control который так же установлен на первом ПК. После установки Kerio Control были созданы правила (скриншот ниже), как я понимаю в правилах вроде всё верно, т.е интернет должен быть на всех компьютерах в сети но на самом деле его нет ни на одном пк даже на том на котором стоит Kerio, за то все сайты прекрасно пингуются (0% потерь).
Помогите пожалуйста разобраться с данной проблемой.
 
   
 
Подключения к удалённому рабочему столу (RDP) как входящие так и исходящие тоже прекрасно работают.
Всего записей: 112 | Зарегистр. 25-05-2006 | Отправлено: 14:34 24-07-2011 | Исправлено: Gnome69, 15:11 24-07-2011
Aleks78



Platinum Member		Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
Сюда http://forum.ru-board.com/topic.cgi?forum=5&topic=3040&start=0#lt
Всего записей: 19197 | Зарегистр. 18-12-2004 | Отправлено: 15:21 24-07-2011
Gnome69

Junior Member		Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
Ничего не пойму
Вот что в логах:
 
warning.log
 
[24/Jul/2011 21:27:41] Hosts file has been regenerated.
[24/Jul/2011 21:27:46] Hosts file has been regenerated.
[24/Jul/2011 21:29:03] Particular network traffic lost or was modified by conflicting software or Kerio Control driver disabled on some interface!
[24/Jul/2011 21:29:05] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:29:41] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:33:55] Hosts file has been regenerated.
[24/Jul/2011 21:34:02] Hosts file has been regenerated.
[24/Jul/2011 21:34:11] Particular network traffic lost or was modified by conflicting software or Kerio Control driver disabled on some interface!
[24/Jul/2011 21:34:13] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:34:25] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:35:28] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:35:40] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:35:55] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:36:10] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:38:12] Hosts file has been regenerated.
[24/Jul/2011 21:38:19] Hosts file has been regenerated.
[24/Jul/2011 21:38:57] Particular network traffic lost or was modified by conflicting software or Kerio Control driver disabled on some interface!
[24/Jul/2011 21:38:59] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:39:11] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:39:24] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:39:36] Connection limit of 600 outbound connections reached for firewall host.
 
security.log
 
[24/Jul/2011 21:27:40] Kerio Control engine: Startup
[24/Jul/2011 21:27:55] Intrusion Prevention engine: Startup
[24/Jul/2011 21:28:36] Anti-spoofing: Packet from Подключение по локальной сети, proto:UDP, len:1344, ip/port:10.15.0.3:60000 -> 224.11.10.38:8208, udplen:1316
[24/Jul/2011 21:28:37] Anti-spoofing: Packet from Подключение по локальной сети, proto:UDP, len:1344, ip/port:10.15.0.3:60000 -> 224.11.10.38:8208, udplen:1316
[24/Jul/2011 21:28:46] Anti-spoofing: Packet from Подключение по локальной сети, proto:UDP, len:1344, ip/port:10.15.0.3:60000 -> 224.11.10.20:8208, udplen:1316
[24/Jul/2011 21:28:47] Last message repeated 4 times
[24/Jul/2011 21:29:27] Anti-spoofing: Packet from Подключение по локальной сети, proto:2, len:28, ip:10.11.104.2 -> 224.0.0.1, plen:8
[24/Jul/2011 21:30:36] Intrusion Prevention engine: Shutdown
[24/Jul/2011 21:30:38] Kerio Control engine: Shutdown
[24/Jul/2011 21:33:55] Kerio Control engine: Startup
[24/Jul/2011 21:34:11] Intrusion Prevention engine: Startup
[24/Jul/2011 21:35:42] Anti-spoofing: Packet from Подключение по локальной сети, proto:2, len:28, ip:10.11.104.2 -> 224.0.0.1, plen:8
[24/Jul/2011 21:37:38] Intrusion Prevention engine: Shutdown
[24/Jul/2011 21:37:41] Kerio Control engine: Shutdown
[24/Jul/2011 21:38:11] Kerio Control engine: Startup
[24/Jul/2011 21:38:27] Intrusion Prevention engine: Startup
[24/Jul/2011 21:39:53] Intrusion Prevention engine: Shutdown
[24/Jul/2011 21:39:55] Kerio Control engine: Shutdown
 
 
error.log
 
[24/Jul/2011 21:27:56] IPS rules update check failed: Server returned '(250) Invalid product license - IP 46.48.226.245 logged for further investigation.'.
[24/Jul/2011 21:30:03] (2) Automatic update error: update check failed.
[24/Jul/2011 21:34:13] IPS rules update check failed: Server returned '(250) Invalid product license - IP 46.48.226.245 logged for further investigation.'.
[24/Jul/2011 21:36:31] (2) Automatic update error: update check failed.
[24/Jul/2011 21:38:29] IPS rules update check failed: Server returned '(250) Invalid product license - IP 46.48.226.245 logged for further investigation.'.
 
 
debug.log
 
[24/Jul/2011 21:27:40] Kerio Control Standard Edition 7.1.2 build 2333
[24/Jul/2011 21:27:40] Copyright (c) Kerio Technologies s.r.o. All rights reserved., http://www.kerio.com
[24/Jul/2011 21:27:40] System: Windows XP, Memory: 2047 MB, 2 processors
[24/Jul/2011 21:27:40] Driver version: 7.1.2 build 2333, Buffer size: 8256
[24/Jul/2011 21:27:42] Service "DNS" started, bound to address 127.0.0.1
[24/Jul/2011 21:27:42] Service "WebInterface" started, bound to address 127.0.0.1
[24/Jul/2011 21:27:42] Service "WebInterfaceSSL" started, bound to address 127.0.0.1
[24/Jul/2011 21:27:42] Service "SSL-VPN" started, bound to address 127.0.0.1
[24/Jul/2011 21:27:46] Interface "PPPoE" is UP, IP addresses: 46.48.226.245/255.255.255.255
[24/Jul/2011 21:27:46] Interface "Подключение по локальной сети" is UP, IP addresses: 192.168.1.2/255.255.255.0
[24/Jul/2011 21:27:47] Service "DNS" started, bound to address 46.48.226.245
[24/Jul/2011 21:27:47] Service "WebInterface" started, bound to address 46.48.226.245
[24/Jul/2011 21:27:47] Service "WebInterfaceSSL" started, bound to address 46.48.226.245
[24/Jul/2011 21:27:47] Service "SSL-VPN" started, bound to address 46.48.226.245
[24/Jul/2011 21:27:47] Service "DNS" started, bound to address 192.168.1.2
[24/Jul/2011 21:27:47] Service "WebInterface" started, bound to address 192.168.1.2
[24/Jul/2011 21:27:47] Service "WebInterfaceSSL" started, bound to address 192.168.1.2
[24/Jul/2011 21:27:47] Service "SSL-VPN" started, bound to address 192.168.1.2
[24/Jul/2011 21:27:47] Engine was initialized.
[24/Jul/2011 21:30:35] Service "DNS" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:30:35] Service "DNS" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:30:35] Service "DNS" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:30:35] Service "WebInterface" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:30:35] Service "WebInterface" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:30:35] Service "WebInterface" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:30:35] Service "WebInterfaceSSL" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:30:35] Service "WebInterfaceSSL" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:30:35] Service "WebInterfaceSSL" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:30:35] Service "SSL-VPN" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:30:35] Service "SSL-VPN" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:30:35] Service "SSL-VPN" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:30:37] The WebFilter library unloaded
[24/Jul/2011 21:33:55] Kerio Control Standard Edition 7.1.2 build 2333
[24/Jul/2011 21:33:55] Copyright (c) Kerio Technologies s.r.o. All rights reserved., http://www.kerio.com
[24/Jul/2011 21:33:55] System: Windows XP, Memory: 2047 MB, 2 processors
[24/Jul/2011 21:33:55] Driver version: 7.1.2 build 2333, Buffer size: 8256
[24/Jul/2011 21:33:57] Service "DNS" started, bound to address 127.0.0.1
[24/Jul/2011 21:33:57] Service "WebInterface" started, bound to address 127.0.0.1
[24/Jul/2011 21:33:57] Service "WebInterfaceSSL" started, bound to address 127.0.0.1
[24/Jul/2011 21:33:57] Service "SSL-VPN" started, bound to address 127.0.0.1
[24/Jul/2011 21:34:02] Interface "Подключение по локальной сети" is UP, IP addresses: 192.168.1.2/255.255.255.0
[24/Jul/2011 21:34:02] Interface "PPPoE" is UP, IP addresses: 46.48.226.245/255.255.255.255
[24/Jul/2011 21:34:02] Engine was initialized.
[24/Jul/2011 21:34:03] Service "DNS" started, bound to address 46.48.226.245
[24/Jul/2011 21:34:03] Service "WebInterface" started, bound to address 46.48.226.245
[24/Jul/2011 21:34:03] Service "WebInterfaceSSL" started, bound to address 46.48.226.245
[24/Jul/2011 21:34:03] Service "SSL-VPN" started, bound to address 46.48.226.245
[24/Jul/2011 21:34:03] Service "DNS" started, bound to address 192.168.1.2
[24/Jul/2011 21:34:03] Service "WebInterface" started, bound to address 192.168.1.2
[24/Jul/2011 21:34:03] Service "WebInterfaceSSL" started, bound to address 192.168.1.2
[24/Jul/2011 21:34:03] Service "SSL-VPN" started, bound to address 192.168.1.2
[24/Jul/2011 21:37:37] Service "DNS" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:37:37] Service "DNS" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:37:37] Service "DNS" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:37:37] Service "WebInterface" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:37:37] Service "WebInterface" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:37:37] Service "WebInterface" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:37:37] Service "WebInterfaceSSL" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:37:37] Service "WebInterfaceSSL" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:37:37] Service "WebInterfaceSSL" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:37:37] Service "SSL-VPN" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:37:37] Service "SSL-VPN" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:37:37] Service "SSL-VPN" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:37:39] The WebFilter library unloaded
[24/Jul/2011 21:38:12] Kerio Control Standard Edition 7.1.2 build 2333
[24/Jul/2011 21:38:12] Copyright (c) Kerio Technologies s.r.o. All rights reserved., http://www.kerio.com
[24/Jul/2011 21:38:12] System: Windows XP, Memory: 2047 MB, 2 processors
[24/Jul/2011 21:38:12] Driver version: 7.1.2 build 2333, Buffer size: 8256
[24/Jul/2011 21:38:14] Service "DNS" started, bound to address 127.0.0.1
[24/Jul/2011 21:38:14] Service "WebInterface" started, bound to address 127.0.0.1
[24/Jul/2011 21:38:14] Service "WebInterfaceSSL" started, bound to address 127.0.0.1
[24/Jul/2011 21:38:14] Service "SSL-VPN" started, bound to address 127.0.0.1
[24/Jul/2011 21:38:20] Interface "Подключение по локальной сети" is UP, IP addresses: 192.168.1.2/255.255.255.0
[24/Jul/2011 21:38:20] Interface "PPPoE" is UP, IP addresses: 46.48.226.245/255.255.255.255
[24/Jul/2011 21:38:20] Engine was initialized.
[24/Jul/2011 21:38:20] Service "DNS" started, bound to address 46.48.226.245
[24/Jul/2011 21:38:20] Service "WebInterface" started, bound to address 46.48.226.245
[24/Jul/2011 21:38:20] Service "WebInterfaceSSL" started, bound to address 46.48.226.245
[24/Jul/2011 21:38:20] Service "SSL-VPN" started, bound to address 46.48.226.245
[24/Jul/2011 21:38:20] Service "DNS" started, bound to address 192.168.1.2
[24/Jul/2011 21:38:20] Service "WebInterface" started, bound to address 192.168.1.2
[24/Jul/2011 21:38:20] Service "WebInterfaceSSL" started, bound to address 192.168.1.2
[24/Jul/2011 21:38:20] Service "SSL-VPN" started, bound to address 192.168.1.2
[24/Jul/2011 21:39:51] Service "DNS" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:39:51] Service "DNS" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:39:51] Service "DNS" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:39:51] Service "WebInterface" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:39:51] Service "WebInterface" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:39:51] Service "WebInterface" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:39:51] Service "WebInterfaceSSL" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:39:51] Service "WebInterfaceSSL" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:39:51] Service "WebInterfaceSSL" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:39:51] Service "SSL-VPN" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:39:51] Service "SSL-VPN" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:39:51] Service "SSL-VPN" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:39:54] The WebFilter library unloaded
 
alert.log
 
[24/Jul/2011 21:29:05] CONNLIMIT connlimit="600" firewall="gnomepc" hostip="0.0.0.0" hostname="gnomepc" time="Sun Jul 24 21:29:05 2011" username="Gnome"
[24/Jul/2011 21:34:13] CONNLIMIT connlimit="600" firewall="gnomepc" hostip="0.0.0.0" hostname="gnomepc" time="Sun Jul 24 21:34:13 2011" username="Gnome"
[24/Jul/2011 21:38:59] CONNLIMIT connlimit="600" firewall="gnomepc" hostip="0.0.0.0" hostname="gnomepc" time="Sun Jul 24 21:38:59 2011" username="Gnome"
Всего записей: 112 | Зарегистр. 25-05-2006 | Отправлено: 15:41 24-07-2011
tejinderkang

Newbie		Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
I m install a Kerio control 7.0.0, every thing is working fine, and when i go to Content filter - HTTP Policy-url rules are also working and Kerio web filter is also enable. But its Unable to categorize and showing the below error message in Log -Warning
 
 
 
 
 
[04/Aug/2011 17:18:39] Unable to categorize 'sn118w.snt118.mail.live.com/mail/mail.fpp' by Kerio Web Filter. DNS response 'FAILURE: Invalid authorization' to query '0.sn118w.snt118.mail.live.com_-.mail_-.mail.fpp.2e27.ko-61262.url.esoft.com' is invalid.
[04/Aug/2011 17:18:39] Unable to categorize 'by2msg3020316.gateway.messenger.live.com/gateway/gateway.dll' by Kerio Web Filter. DNS response 'FAILURE: Invalid authorization' to query '0.by2msg3020316.gateway.messenger.live.com_-.gateway_-.gateway.dll.6893.ko-61262.url.esoft.com' is invalid.
[04/Aug/2011 17:18:40] Unable to categorize 'h.live.com/c.gif' by Kerio Web Filter. DNS response 'FAILURE: Invalid authorization' to query '0.h.live.com_-.c.gif.954a.ko-61262.url.esoft.com' is invalid.
 
 
 
 
 
when i open http://192.168.50.101/kwfp0wnz/getkey.php\
Its show
 
 
 
0:ko:61262:4036112775:86400
 
 
 
 
 
 
Please Help me I need very much web filter
Всего записей: 1 | Зарегистр. 05-08-2011 | Отправлено: 10:42 05-08-2011 | Исправлено: tejinderkang, 10:43 05-08-2011
itkarimius

Newbie		Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
сам Брендмауэр попробуйте добавить ко второму правилу сверху, т.к. 4ом он не попадает под NAT
Всего записей: 1 | Зарегистр. 31-08-2012 | Отправлено: 15:53 19-12-2012
merodahero

Newbie		Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
Всего записей: 1 | Зарегистр. 28-05-2012 | Отправлено: 17:31 23-12-2012
aliennick



Newbie		Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
Здравствуйте. В общем установил, настроил, проверил работу на трёх ПК при прозрачной авторизации - все просто великолепно. когда подключили остальных, в количестве около 300 пользователей, то стало заметно, что страницы-то очень медленно загружаются. сомнения падают на правильную настройку ДНС. Еще у нас несколько подсетей разных, которые рулятся одним маршрутизатором. маршруты прописываю через "route add -p..." на хосте с Kerio. так вот, пользователей из удаленных подсетей (которые физически не находятся в здании, где расположен сервер Kerio) вообще перестает пускать в интернет, Гугл Хром показывает ошибку 101. я вижу запросы пользователя, но по факту у него после минуты ожидания ничего не открывается. и даже майл-агент отваливается. в общем, скриншоты выложил, Очень жду, что кто-нибудь поможет. Заранее спасибо.  
 
 
 
 
 
 
 
 
Всего записей: 8 | Зарегистр. 22-06-2011 | Отправлено: 09:57 16-04-2013
SSSalexSSS



Newbie		Редактировать | Профиль | Сообщение | ICQ | Цитировать | Сообщить модератору
Здраствуйте господа, вот устоновил Kerio Control Software Appliance 8.1.0 Build 845 и не могу разобраться почему пользователей пускает в интернет без пароля (спрашивает только при первом подключении)  
подскажите куда бежать ? что смотреть ?
 
что нужно настроить чтобы каждый пользователь проходил под своей авторизацией?
Параметры аутентификации -> Включить принудительную аутентификацию непрозрачного прокси-сервера не помогает
 
 
 
Всего записей: 17 | Зарегистр. 07-11-2007 | Отправлено: 16:57 01-08-2013 | Исправлено: SSSalexSSS, 17:31 01-08-2013
SSSalexSSS



Newbie		Редактировать | Профиль | Сообщение | ICQ | Цитировать | Сообщить модератору
почему все молчат ? никто не читает форум
Всего записей: 17 | Зарегистр. 07-11-2007 | Отправлено: 15:08 06-08-2013
Cheery



.:МордератоР:.		Редактировать | Профиль | Сообщение | Цитировать | Сообщить модератору
SSSalexSSS
потому что спрашивать нужно в основной теме  
Kerio Control (ex Kerio WinRoute Firewall)

----------
Away/DND
Всего записей: 52737 | Зарегистр. 04-04-2002 | Отправлено: 01:24 08-08-2013
   

Компьютерный форум Ru.Board » Компьютеры » Программы » Прошу помощи в настройке Kerio Control
articlebot (10-08-2013 00:24): Kerio Control (ex Kerio WinRoute Firewall)


Реклама на форуме Ru.Board.

Powered by Ikonboard "v2.1.7b" © 2000 Ikonboard.com
Modified by Ru.B0ard
© Ru.B0ard 2000-2024

BitCoin: 1NGG1chHtUvrtEqjeerQCKDMUi6S6CG4iC

Рейтинг.ru