Say I have a VPN user and a user on my local network. Can the local user access shares and services on the VPN users system?
No. The VPN client provides access for client to other networks; connections from networks to the VPN user may or may not work correctly. We’ve seen some situations where it happened to work for the users – but this configuration is not supported by Kerio. I have three WinRoute servers at three locations – A, B and C. Each have a VPN tunnel to each other: A to B, A to C, and B to C. When a VPN user connects to A, and tries to contact B, the packets go through C! What’s up? WinRoute currently does not have metrics for VPN routing, and therefore it can not determine optimal routes in a multi-VPN server setup. This is a feature we hope to eventually introduce. To make such a VPN work correctly, you have to setup the VPN routes manually. For detailed information on this, please see the “More complex VPN scenario” example in the KWF Administrator’s Guide (http://www.kerio.com/manual/kwf/en/sect-vpnexample2).