In WinRoute under Configuration / Interfaces select a VPN server, open its settings dialog and enable it.
Note: A free subnet which has been selected for VPN is now specified automatically in the VPN network and Mask entries. There is no reason to change the network.
Use the server.officebrazil.company.com
). This certificate is used for identification of the VPN server. The fingerprint of the created SSL certificate will be required for definition of the VPN tunnel on the headquarters server (see chapter 4.1 Headquarters configuration). Select it, copy it to the clipboard and paste it to an email message, text file, etc.
Note: It is recommended to later replace this generated certificate with a certificate authorized by a reliable public certification authority.
Create an active endpoint of the VPN tunnel which connects to the company's headquarters server (kwf.company.com
). The fingerprint of the VPN server certificate can be set simply by clicking on .
Complete the Local Traffic rule (created by the Network Rules Wizard — see chapter 2.4 Basic Traffic Policy Configuration) with the VPN tunnel.
Name | Source | Destination | Service | Action | Translation |
---|---|---|---|---|---|
Local Traffic | Firewall Tunnel to office Trusted / local | Firewall Tunnel to office Trusted / local | Any | Allow |
Table 4.3. Office (Filial) — the Local Traffic rule
In the configuration of the DNS Forwarder (refer to chapter 2.6 DNS configuration), enable the Use custom forwarding. Define rules for the company.com
domain. Set the IP address of the headquarter's domain server (192.168.1.2
) which is used as the primary server for the company.com
domain as the DNS server used for forwarding.
Domain / Network | DNS server(s) |
---|---|
192.168.1.0 / 255.255.255.0 | 192.168.1.2 |
company.com | 192.168.1.2 |
Table 4.4. Filial — DNS forwarding configuration