Chapter 1  Quick Checklist

In this chapter you can find a brief guide for a quick setup of “Kerio WinRoute Firewall” (called briefly “WinRoute” in further text). After this setup the firewall should be immediately available and able to share your Internet connection and protect your local network. For a detailed guide refer to the separate WinRoute — Step-by-Step Configuration guide.

If you are not sure how to set any of the Kerio WinRoute Firewall functions or features, look up the appropriate chapter in this manual. For information about your Internet connection (such as your IP address, default gateway, DNS server, etc.) contact your ISP.

Note: In this guide, the expression firewall represents the host where WinRoute is (or will be) installed.

  1. The firewall must include at least two interfaces — one must be connected to the local network (e.g. Ethernet or WiFi network adapter), another must be connected to the Internet (e.g. Ethernet or WiFi network adapter, analog modem or an ISDN adapter. TCP/IP parameters must be set properly at both/all interfaces.

    Test functionality of the Internet connection and of traffic among hosts within the local network before you run the WinRoute installation. This test will reduce possible problems with debugging and error detections.

  2. Run WinRoute installation. Specify a username and password for access to the administration from the configuration wizard (for details refer to chapters 2.3  Installation and 2.7  Configuration Wizard).

  3. Set interface groups and basic traffic rules using the Network Rules Wizard (see chapter 7.1  Network Rules Wizard).

  4. Run the DHCP server and set required IP ranges including their parameters (subnet mask, default gateway, DNS server address/domain name). For details, see chapter 8.2  DHCP server.

  5. Check the DNS Forwarder's configuration. Define the local DNS domain if you intend to scan the hosts file and/or the DHCP server table. For details, see chapter 8.1  DNS Forwarder.

  6. Set user mapping from the Active Directory domain or create/import local user accounts and groups. Set user access rights. For details see chapter 15  User Accounts and Groups.

  7. Define IP groups (chapter 14.1  IP Address Groups), time ranges (chapter 14.2  Time Intervals) and URL groups (chapter 14.4  URL Groups), that will be used during rules definition (refer to chapter 14.2  Time Intervals).

  8. Create URL rules (chapter 12.2  URL Rules) and set the ISS OrangeWeb Filter module (chapter 12.4  Content Rating System (ISS OrangeWeb Filter)). Set HTTP cache and automatic configuration of browsers (chapter 8.5  HTTP cache). Define FTP rules (chapter 12.6  FTP Policy).

  9. Select an antivirus and define types of objects that will be scanned.

    If you choose the integrated McAfee antivirus application, check automatic update settings and edit them if necessary.

    External antivirus must be installed before it is set in WinRoute, otherwise it is not available in the combo box.

  10. Using one of the following methods set TCP/IP parameters for the network adapter of individual LAN clients:

    • Automatic configuration — activate the Obtain an IP address automatically option. Do not set any other parameters.

    • Manual configuration — define IP address, subnet mask, default gateway address, DNS server address and local domain name.

    Use one of the following methods to set the Web browser at each workstation:

    • Automatic configuration — activate the Automatically detect settings option (Internet Explorer) or specify URL for automatic configuration (other types of browsers). For details, refer to chapter 8.5  HTTP cache.

    • Manual configuration — select type of connection via the local network or define IP address and appropriate proxy server port (see chapter 8.4  Proxy server).