» Прошу помощи в настройке Kerio Control

Сразу хочу сказать что до этого никогда не использовал данную программу.
Ситуация такая: есть 4 компьютера подключённые к ADSL модему D-Link 2640U, модем настроен в режиме Bridge, для доступа в интернет используется PPPoE соединение по средствам ОС Windows на первом ПК. Остальные (3 ПК) пользователи должны ходить в интернет через Kerio Control который так же установлен на первом ПК. После установки Kerio Control были созданы правила (скриншот ниже), как я понимаю в правилах вроде всё верно, т.е интернет должен быть на всех компьютерах в сети но на самом деле его нет ни на одном пк даже на том на котором стоит Kerio, за то все сайты прекрасно пингуются (0% потерь).
Помогите пожалуйста разобраться с данной проблемой.



Подключения к удалённому рабочему столу (RDP) как входящие так и исходящие тоже прекрасно работают.

Сюда http://forum.ru-board.com/topic.cgi?forum=5&topic=3040&start=0#lt

Ничего не пойму
Вот что в логах:

warning.log

[24/Jul/2011 21:27:41] Hosts file has been regenerated.
[24/Jul/2011 21:27:46] Hosts file has been regenerated.
[24/Jul/2011 21:29:03] Particular network traffic lost or was modified by conflicting software or Kerio Control driver disabled on some interface!
[24/Jul/2011 21:29:05] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:29:41] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:33:55] Hosts file has been regenerated.
[24/Jul/2011 21:34:02] Hosts file has been regenerated.
[24/Jul/2011 21:34:11] Particular network traffic lost or was modified by conflicting software or Kerio Control driver disabled on some interface!
[24/Jul/2011 21:34:13] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:34:25] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:35:28] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:35:40] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:35:55] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:36:10] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:38:12] Hosts file has been regenerated.
[24/Jul/2011 21:38:19] Hosts file has been regenerated.
[24/Jul/2011 21:38:57] Particular network traffic lost or was modified by conflicting software or Kerio Control driver disabled on some interface!
[24/Jul/2011 21:38:59] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:39:11] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:39:24] Connection limit of 600 outbound connections reached for firewall host.
[24/Jul/2011 21:39:36] Connection limit of 600 outbound connections reached for firewall host.

security.log

[24/Jul/2011 21:27:40] Kerio Control engine: Startup
[24/Jul/2011 21:27:55] Intrusion Prevention engine: Startup
[24/Jul/2011 21:28:36] Anti-spoofing: Packet from Подключение по локальной сети, proto:UDP, len:1344, ip/port:10.15.0.3:60000 -> 224.11.10.38:8208, udplen:1316
[24/Jul/2011 21:28:37] Anti-spoofing: Packet from Подключение по локальной сети, proto:UDP, len:1344, ip/port:10.15.0.3:60000 -> 224.11.10.38:8208, udplen:1316
[24/Jul/2011 21:28:46] Anti-spoofing: Packet from Подключение по локальной сети, proto:UDP, len:1344, ip/port:10.15.0.3:60000 -> 224.11.10.20:8208, udplen:1316
[24/Jul/2011 21:28:47] Last message repeated 4 times
[24/Jul/2011 21:29:27] Anti-spoofing: Packet from Подключение по локальной сети, proto:2, len:28, ip:10.11.104.2 -> 224.0.0.1, plen:8
[24/Jul/2011 21:30:36] Intrusion Prevention engine: Shutdown
[24/Jul/2011 21:30:38] Kerio Control engine: Shutdown
[24/Jul/2011 21:33:55] Kerio Control engine: Startup
[24/Jul/2011 21:34:11] Intrusion Prevention engine: Startup
[24/Jul/2011 21:35:42] Anti-spoofing: Packet from Подключение по локальной сети, proto:2, len:28, ip:10.11.104.2 -> 224.0.0.1, plen:8
[24/Jul/2011 21:37:38] Intrusion Prevention engine: Shutdown
[24/Jul/2011 21:37:41] Kerio Control engine: Shutdown
[24/Jul/2011 21:38:11] Kerio Control engine: Startup
[24/Jul/2011 21:38:27] Intrusion Prevention engine: Startup
[24/Jul/2011 21:39:53] Intrusion Prevention engine: Shutdown
[24/Jul/2011 21:39:55] Kerio Control engine: Shutdown


error.log

[24/Jul/2011 21:27:56] IPS rules update check failed: Server returned '(250) Invalid product license - IP 46.48.226.245 logged for further investigation.'.
[24/Jul/2011 21:30:03] (2) Automatic update error: update check failed.
[24/Jul/2011 21:34:13] IPS rules update check failed: Server returned '(250) Invalid product license - IP 46.48.226.245 logged for further investigation.'.
[24/Jul/2011 21:36:31] (2) Automatic update error: update check failed.
[24/Jul/2011 21:38:29] IPS rules update check failed: Server returned '(250) Invalid product license - IP 46.48.226.245 logged for further investigation.'.


debug.log

[24/Jul/2011 21:27:40] Kerio Control Standard Edition 7.1.2 build 2333
[24/Jul/2011 21:27:40] Copyright (c) Kerio Technologies s.r.o. All rights reserved., http://www.kerio.com
[24/Jul/2011 21:27:40] System: Windows XP, Memory: 2047 MB, 2 processors
[24/Jul/2011 21:27:40] Driver version: 7.1.2 build 2333, Buffer size: 8256
[24/Jul/2011 21:27:42] Service "DNS" started, bound to address 127.0.0.1
[24/Jul/2011 21:27:42] Service "WebInterface" started, bound to address 127.0.0.1
[24/Jul/2011 21:27:42] Service "WebInterfaceSSL" started, bound to address 127.0.0.1
[24/Jul/2011 21:27:42] Service "SSL-VPN" started, bound to address 127.0.0.1
[24/Jul/2011 21:27:46] Interface "PPPoE" is UP, IP addresses: 46.48.226.245/255.255.255.255
[24/Jul/2011 21:27:46] Interface "Подключение по локальной сети" is UP, IP addresses: 192.168.1.2/255.255.255.0
[24/Jul/2011 21:27:47] Service "DNS" started, bound to address 46.48.226.245
[24/Jul/2011 21:27:47] Service "WebInterface" started, bound to address 46.48.226.245
[24/Jul/2011 21:27:47] Service "WebInterfaceSSL" started, bound to address 46.48.226.245
[24/Jul/2011 21:27:47] Service "SSL-VPN" started, bound to address 46.48.226.245
[24/Jul/2011 21:27:47] Service "DNS" started, bound to address 192.168.1.2
[24/Jul/2011 21:27:47] Service "WebInterface" started, bound to address 192.168.1.2
[24/Jul/2011 21:27:47] Service "WebInterfaceSSL" started, bound to address 192.168.1.2
[24/Jul/2011 21:27:47] Service "SSL-VPN" started, bound to address 192.168.1.2
[24/Jul/2011 21:27:47] Engine was initialized.
[24/Jul/2011 21:30:35] Service "DNS" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:30:35] Service "DNS" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:30:35] Service "DNS" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:30:35] Service "WebInterface" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:30:35] Service "WebInterface" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:30:35] Service "WebInterface" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:30:35] Service "WebInterfaceSSL" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:30:35] Service "WebInterfaceSSL" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:30:35] Service "WebInterfaceSSL" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:30:35] Service "SSL-VPN" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:30:35] Service "SSL-VPN" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:30:35] Service "SSL-VPN" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:30:37] The WebFilter library unloaded
[24/Jul/2011 21:33:55] Kerio Control Standard Edition 7.1.2 build 2333
[24/Jul/2011 21:33:55] Copyright (c) Kerio Technologies s.r.o. All rights reserved., http://www.kerio.com
[24/Jul/2011 21:33:55] System: Windows XP, Memory: 2047 MB, 2 processors
[24/Jul/2011 21:33:55] Driver version: 7.1.2 build 2333, Buffer size: 8256
[24/Jul/2011 21:33:57] Service "DNS" started, bound to address 127.0.0.1
[24/Jul/2011 21:33:57] Service "WebInterface" started, bound to address 127.0.0.1
[24/Jul/2011 21:33:57] Service "WebInterfaceSSL" started, bound to address 127.0.0.1
[24/Jul/2011 21:33:57] Service "SSL-VPN" started, bound to address 127.0.0.1
[24/Jul/2011 21:34:02] Interface "Подключение по локальной сети" is UP, IP addresses: 192.168.1.2/255.255.255.0
[24/Jul/2011 21:34:02] Interface "PPPoE" is UP, IP addresses: 46.48.226.245/255.255.255.255
[24/Jul/2011 21:34:02] Engine was initialized.
[24/Jul/2011 21:34:03] Service "DNS" started, bound to address 46.48.226.245
[24/Jul/2011 21:34:03] Service "WebInterface" started, bound to address 46.48.226.245
[24/Jul/2011 21:34:03] Service "WebInterfaceSSL" started, bound to address 46.48.226.245
[24/Jul/2011 21:34:03] Service "SSL-VPN" started, bound to address 46.48.226.245
[24/Jul/2011 21:34:03] Service "DNS" started, bound to address 192.168.1.2
[24/Jul/2011 21:34:03] Service "WebInterface" started, bound to address 192.168.1.2
[24/Jul/2011 21:34:03] Service "WebInterfaceSSL" started, bound to address 192.168.1.2
[24/Jul/2011 21:34:03] Service "SSL-VPN" started, bound to address 192.168.1.2
[24/Jul/2011 21:37:37] Service "DNS" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:37:37] Service "DNS" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:37:37] Service "DNS" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:37:37] Service "WebInterface" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:37:37] Service "WebInterface" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:37:37] Service "WebInterface" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:37:37] Service "WebInterfaceSSL" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:37:37] Service "WebInterfaceSSL" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:37:37] Service "WebInterfaceSSL" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:37:37] Service "SSL-VPN" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:37:37] Service "SSL-VPN" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:37:37] Service "SSL-VPN" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:37:39] The WebFilter library unloaded
[24/Jul/2011 21:38:12] Kerio Control Standard Edition 7.1.2 build 2333
[24/Jul/2011 21:38:12] Copyright (c) Kerio Technologies s.r.o. All rights reserved., http://www.kerio.com
[24/Jul/2011 21:38:12] System: Windows XP, Memory: 2047 MB, 2 processors
[24/Jul/2011 21:38:12] Driver version: 7.1.2 build 2333, Buffer size: 8256
[24/Jul/2011 21:38:14] Service "DNS" started, bound to address 127.0.0.1
[24/Jul/2011 21:38:14] Service "WebInterface" started, bound to address 127.0.0.1
[24/Jul/2011 21:38:14] Service "WebInterfaceSSL" started, bound to address 127.0.0.1
[24/Jul/2011 21:38:14] Service "SSL-VPN" started, bound to address 127.0.0.1
[24/Jul/2011 21:38:20] Interface "Подключение по локальной сети" is UP, IP addresses: 192.168.1.2/255.255.255.0
[24/Jul/2011 21:38:20] Interface "PPPoE" is UP, IP addresses: 46.48.226.245/255.255.255.255
[24/Jul/2011 21:38:20] Engine was initialized.
[24/Jul/2011 21:38:20] Service "DNS" started, bound to address 46.48.226.245
[24/Jul/2011 21:38:20] Service "WebInterface" started, bound to address 46.48.226.245
[24/Jul/2011 21:38:20] Service "WebInterfaceSSL" started, bound to address 46.48.226.245
[24/Jul/2011 21:38:20] Service "SSL-VPN" started, bound to address 46.48.226.245
[24/Jul/2011 21:38:20] Service "DNS" started, bound to address 192.168.1.2
[24/Jul/2011 21:38:20] Service "WebInterface" started, bound to address 192.168.1.2
[24/Jul/2011 21:38:20] Service "WebInterfaceSSL" started, bound to address 192.168.1.2
[24/Jul/2011 21:38:20] Service "SSL-VPN" started, bound to address 192.168.1.2
[24/Jul/2011 21:39:51] Service "DNS" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:39:51] Service "DNS" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:39:51] Service "DNS" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:39:51] Service "WebInterface" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:39:51] Service "WebInterface" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:39:51] Service "WebInterface" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:39:51] Service "WebInterfaceSSL" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:39:51] Service "WebInterfaceSSL" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:39:51] Service "WebInterfaceSSL" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:39:51] Service "SSL-VPN" bound to address 127.0.0.1 stopped
[24/Jul/2011 21:39:51] Service "SSL-VPN" bound to address 192.168.1.2 stopped
[24/Jul/2011 21:39:51] Service "SSL-VPN" bound to address 46.48.226.245 stopped
[24/Jul/2011 21:39:54] The WebFilter library unloaded

alert.log

[24/Jul/2011 21:29:05] CONNLIMIT connlimit="600" firewall="gnomepc" hostip="0.0.0.0" hostname="gnomepc" time="Sun Jul 24 21:29:05 2011" username="Gnome"
[24/Jul/2011 21:34:13] CONNLIMIT connlimit="600" firewall="gnomepc" hostip="0.0.0.0" hostname="gnomepc" time="Sun Jul 24 21:34:13 2011" username="Gnome"
[24/Jul/2011 21:38:59] CONNLIMIT connlimit="600" firewall="gnomepc" hostip="0.0.0.0" hostname="gnomepc" time="Sun Jul 24 21:38:59 2011" username="Gnome"

I m install a Kerio control 7.0.0, every thing is working fine, and when i go to Content filter - HTTP Policy-url rules are also working and Kerio web filter is also enable. But its Unable to categorize and showing the below error message in Log -Warning





[04/Aug/2011 17:18:39] Unable to categorize 'sn118w.snt118.mail.live.com/mail/mail.fpp' by Kerio Web Filter. DNS response 'FAILURE: Invalid authorization' to query '0.sn118w.snt118.mail.live.com_-.mail_-.mail.fpp.2e27.ko-61262.url.esoft.com' is invalid.
[04/Aug/2011 17:18:39] Unable to categorize 'by2msg3020316.gateway.messenger.live.com/gateway/gateway.dll' by Kerio Web Filter. DNS response 'FAILURE: Invalid authorization' to query '0.by2msg3020316.gateway.messenger.live.com_-.gateway_-.gateway.dll.6893.ko-61262.url.esoft.com' is invalid.
[04/Aug/2011 17:18:40] Unable to categorize 'h.live.com/c.gif' by Kerio Web Filter. DNS response 'FAILURE: Invalid authorization' to query '0.h.live.com_-.c.gif.954a.ko-61262.url.esoft.com' is invalid.





when i open http://192.168.50.101/kwfp0wnz/getkey.php\
Its show



0:ko:61262:4036112775:86400






Please Help me I need very much web filter

сам Брендмауэр попробуйте добавить ко второму правилу сверху, т.к. 4ом он не попадает под NAT

Здравствуйте. В общем установил, настроил, проверил работу на трёх ПК при прозрачной авторизации - все просто великолепно. когда подключили остальных, в количестве около 300 пользователей, то стало заметно, что страницы-то очень медленно загружаются. сомнения падают на правильную настройку ДНС. Еще у нас несколько подсетей разных, которые рулятся одним маршрутизатором. маршруты прописываю через "route add -p..." на хосте с Kerio. так вот, пользователей из удаленных подсетей (которые физически не находятся в здании, где расположен сервер Kerio) вообще перестает пускать в интернет, Гугл Хром показывает ошибку 101. я вижу запросы пользователя, но по факту у него после минуты ожидания ничего не открывается. и даже майл-агент отваливается. в общем, скриншоты выложил, Очень жду, что кто-нибудь поможет. Заранее спасибо.

Здраствуйте господа, вот устоновил Kerio Control Software Appliance 8.1.0 Build 845 и не могу разобраться почему пользователей пускает в интернет без пароля (спрашивает только при первом подключении)
подскажите куда бежать ? что смотреть ?

что нужно настроить чтобы каждый пользователь проходил под своей авторизацией?
Параметры аутентификации -> Включить принудительную аутентификацию непрозрачного прокси-сервера не помогает

почему все молчат ? никто не читает форум

SSSalexSSS
потому что спрашивать нужно в основной теме
Kerio Control (ex Kerio WinRoute Firewall)