Configuring IPsec VPN Server

Kerio IPsecInternet Protocol security - A network protocol used to encrypt and secure data sent over a network. VPNVirtual private network - A network that enables users connect securely to a private network over the Internet. Server offer clients such desktops, notebooks, mobile devices, etc. a secure way to connect to the network.

To implement Kerio IPsec VPN Server you need to make changes in the configuration on the server side and also in the client sic=de.

Configuring the Server side

For securing the communication on the server side you can use both or one of the methods below:

Configuring IPsec VPN server with a preshared key

The preshared key is a shared password for all users using an IPsec VPN.

VPN Server properties

  1. In the administration interface, go to Interfaces.
  2. Double-click on VPN Server.
  3. In the VPN Server Properties dialog box, check Enable IPsec VPN Server. Note that Kerio Control can provide the Kerio VPN serverKerio Control includes a VPN server which provides users to connect to the Kerio Control network from the Internet securely. and IPsec VPN server simultaneously.
  4. On tab IPsec VPN, select a valid SSL certificate in the Certificate pop-up list.
  5. Check Use preshared key and type the key.
  6. Save the settings.

Configuring IPsec server with a SSL certificate

  1. In the administration interface, go to Interfaces.
  2. Double-click VPN Server.
  3. In the VPN Server Properties dialog, check Enable IPsec VPN Server.
  4. On tab IPsec VPN, select a valid SSL certificate in the Certificate pop-up list.
  5. On tab IPsec VPN, check Use certificate for clients.
  6. Save the settings.

Configuring the client side

On the client side only one of the two methods can be available. Either a preshared key or a SSLSecure Sockets Layer - A protocol that ensures integral and secure communication between networks. Certficate. Each user must provide their credentials for authentication.

Configuring clients with a preshared key

Tell your users what to prepare for the configuration of their clients:

Configuring clients with a SSL certficate

All client machines need to have the certificated imported into the Certification Trusted store. Instruct your users to contact help desk in case of a message of invalid certficate.

Supported mobile devices

Many mobile devices support IPsec VPN and may work with Kerio Control. However, Kerio Control officially supports the following list:

  • Android 4 and higher
  • iOS 6 and higher

Mobile settings for connection via VPN