Scribd Logo
Upload

Welcome to Scribd!

  • Cauhinhkerio

    Uploaded by

    Tran Hoang Phu
    23 views67 pages
    Kerio

    Original Title

    cauhinhkerio

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Kerio

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    23 views67 pages

    Cauhinhkerio

    Uploaded by

    Tran Hoang Phu
    Kerio

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 67

    CITVCUHNHKERIOWINROUTE,KERIOCONNECT

    A.MHNH



    B.CCBCTRINKHAI
    BiLabgm:
    1MyWindowsserver2003lmDC,MailServer(KerioConnect)
    1MyWindowsserver2003lmFirewall(KerioWinroute).
    1MyXpdnglmmycaVIP.
    1MyXPdnglmmycaUser.

    Ccbcthchin:
    CuhnhthngsTCP/IPvcit.KerioWinroute.
    KhaiboccthnhphnnibtrnKerioWinroutenhVIP,USER.

    ThitlpccTrafficPolicy,HTTPFiltertrnKerioWinroutekimsotccgiao
    ThitlpccTrafficPolicy,HTTPFiltertrnKerioWinroutekimsotccgiao
    dch.
    CitvcuhnhKerioConnect.
    ToUsertDatabasecaKeriovtAD.
    TrinkhaiMailOnline,chophpUsersdngmailbngWeb&POP3TInternet.

    C.TRINKHAICHITIT
    I.Chunb
    1.NngcpDomainControlertrnmyServer.
    tIPaddress:
    IP:172.16.0.2
    SM:255.255.255.0
    GW:172.16.0.1
    DNS:172.16.0.2
    2.MyKerioWinroute(gittlKW)
    Cn2Cardmng:
    LAN:cnglpviRouter.






    CROSS:Cnglpvimngnib.
    JoinDomainmyKerioWinroute
    3.MyXP1(thucnhmVIP,sdngIPt1050):
    tIPvJoinDomain.


    4.MyXP2(thucnhmUser,sdngIPt51100):
    tIPvJoinDomain:
    II.CitvcuhnhKerioWinroute:

    1.CitKerioWinroute.

    ChyFileSetupcaKerioWinroute














    ChnCustom,ClickNext.
    Next

    tUsernamevPasswordqunl,Next.

    NuangciWinroutetxa,clickchnIamremotely,khngthbqua,click
    Next.


    ClichInstall.

    Finish.


    Citxong,gcphiTaskbarxuthinIconcaKerioConnect:







    2.CuhnhInterface.

    DoubleClickvoIconWinroute,nhpPasswordlccit,clickConnect.


    BngNetworkRuleWardxuthin,clickCancel.

    LiscencechoKerioWinroute.


    CuhnhInterface:
    Configuration>Interface

    ChnCardLan>Edit,chnInternetinterfaces>OK
    ChnCardCROSS>Edit>Trusted/Localinterfaces.>OK

    ClickApply.





    3.CuhnhTrafficPolicy:

    a.KimtrahotngcaFirewall

    Configuration>TrafficPolicy.
    Mcnh,KWskhatonbtruycpttrongrangoivtngoivotrong,tr
    myciKW.(TrnghpciKWtxathKeriosmttc).

    DngmyDCtruycpInternetth,skhngtruycpc.



    PingIPcaKWvGooglekhngctrli:

    b.ChoPhpDCraInternet.
    TrlimnhnhTrafficePolicy,ClickAdd.Xuthin1Rulemi.

    ClickphiNewRule>EditRule>Name:DC>OK


    ClickphivoCtSourcecaRuleDC>EditSource.


    ClickAdd>Host>GIPcaDC:172.16.0.2>OK>OK



    ClickphivoctTranslationcaRuleDC>EditTranslation.

    ChnEnableSourceNAT>OK

    ClickphivoctActioncaRuleDC,chnPermit.>Apply

    TmyDC,pinggoogle.comvtruycpinternetbnhthng.


    c.nhNghaVIPvUser:
    Configuration>Definitions>AddressGroups>Add



    d.ChophpViprainternet.
    QuayliTrafficPolicy.
    ClickAddtoRulemi,Name:choPhepVipraInternet.
    EditSource:Add>IPAddressGroup

    ChnGroupVIP>OK>OK

    EnableSouceNATvchnPermitnhRuleDC.

    Test:TmyXP1(VIP),pinggoogle.comvtruycpWeb,thnhcng.

    TmyXP2(User),pinggoogle.comvtruycpWebvnkhngc.

    LcnyVIPracInternet,nhngvnkhngpingcKerioWinroute
    Server.MunPingthtoRule:
    Name:chophepVIPpingFirewall
    Source:172.16.0.10172.16.0.50
    Destination:clickphi,chnEditDestination:

    Add>FirewallHost>OK.
    Service:ClickphictService:

    ChnAdd>Service>Ping>OK>OK

    TEST:TVipping172.16.0.1thnhcng

    e.ChophpnhmUserginhnMailtInternet

    ToRulemi:
    Name:ChophepUsersudungMail
    Source:GroupUser
    Destination:Any
    Service:DNS,POP3,POP3S,SMTP,SMTPS

    KimtraUserginhnMailbnhthng,nhngkhngvoWebc.


    f.ChoNhmUserctruycpcctrangwebhtrcngvic.
    B1.nhnghaWebhotrocongviec
    Configuration>Definitions>URLGroups>Add2trang:
    http://nhatnghe.com/*vhttp://vietcombank.com.vn/*


    B2.nhnghaGilmvic
    Configuration>Definitions>TimeRanges>Add

    B3.ChoPhpUsertruycpWeb:
    Configuration>TrafficPolicy>ToRulemichophpUsersdngWeb:add2
    ServiceHTTP,HTTPS

    B4.ToFilter,chnttctrangweb,saumli2trangcnlmvic.
    Configuration>ContentFiltering>HTTPPolicy
    Add:RulecmUsertruycpttcccWebsite


    AddRulechophptruycp2Websitetrn:

    OK>Apply.(Ch,Rulechophpphinmtrnrulecm)
    g.ChophpUsertruycpWebkhnghnchtronggigiolao.
    B1.nhNghaGiGiiLao
    Configuration>Definitions>TimeRanges>Add

    B2.ToURLRule:
    Configuration>ContentFiltering>HTTPPolicy>Add

    h.CmttcUsertruycpwebsitengoisao.net,nutruycpsredirectv
    nhatnghe.com
    B1.nhNghaURLngoisao.net:
    Configuration>Definitions>URLGroups>Add2trang
    Http://ngoisao.net
    http://ngoisao.net/*

    B2.ToURLRule:
    Configuration>ContentFiltering>HTTPPolicy>Add

    i.CmttcUsersdngMediatrctuyn(nghenhc,xemphim).
    B1.nhnghaMedia
    Configuration>Definitions>URLGroups>AddGroupMediagm:
    *.mp3,*.mp4,*.wma,*.wmv,*.flv

    B2.ToURLRule:
    Configuration>ContentFiltering>HTTPPolicy>Add


    j.CmTtcUserdownloadfile.EXE,.RAR,.ZIP
    B1.nhnghaCmDownload
    Configuration>Definitions>URLGroups>AddGroupCamDownloadgm:
    *.exe,*.rar,*.zip








    B2.ToURLRule:
    Configuration>ContentFiltering>HTTPPolicy>Add



















    k.CmChatYahoo/Skype
    Configuration>ContentFiltering>HTTPPolicy>Add
    ClickSelectRating,tick:Chat/IM>OK

    ChnDeny>OK>Apply



















    l.Lcwebtheoktnhycm.
    B1.Xem&thmnhngktnhycm.
    Configuration>ContentFiltering>HTTPPolicy>[Tab]ForbiddenWorks.


    [Tab]URLRules>chnRuleTruycapWebtronggiogiailao


    [Tab]ContentRules>Check:DenyWebpagesconteningforbiddenworkinHTLM
    code.

    III.CITVCUHNHKERIOCONNECT.
    1.CitKerioConnect.
    ChyfileSetuptrnmyMailServer(DC).ChnEnglish>OK

    ChnIaccept>Next.


    ChnCustom>Next.

    tPasswordAdmin>Next.


    ttnminchoMail(sdngtnminngk).


    ChnniluDirectory>Next

    KHAIBOCUHNHCHOOUTLOOKEXPRESSCHOUSERADMIN.
    B1.MOutlookExpress.
    B2.CasYourname:gAdmin>Next.

    Emailservername:
    Myincommingmailserverisa:POP3
    Incomingmail:172.16.0.2
    Outgoingmail:172.16.0.2
    >Next.

    Gadmin,password>Next.

    Tools>Accounts>[Tab]Mail>Properties>[Tab]Server>Check:Myserver
    requiresauthentication>Apply.

    [Tab]Advanced>Check:Leaveacopyofmessagesonserver>OK>OK.

    Adminson1emailgichochnhmnh(admin@ngunhubo.com).
    ClickSend/Recev.Kimtranhncmail.

    2.CuhnhKerioConnect.
    a.ToUsermi.
    TousertrongDirectorycaKerio:Accounts>Users>Add
    ToUserviUsername:test.
    Password:123456

    ToUsertActiveDirectory(ImporttADcaWindowsServer2003)
    B1.ToUsertrongAD.
    Start>Run>g:dsa.msc
    *ToUsername:sep
    Password:123

    Tngt,toccUser:ketoan1,ketoan2,kinhdoanh1,kinhdoanh2.

    B2.ImportUser:
    CasKerioConnectAdministrator>Accounts>Users

    Import>ImportfromaDirectoryService

    CasImportUsers:
    Importusersfrom:ActiveDirectory
    ActiveDirectorydomainname:ngunhubo.local(tndomainnib)
    Importfromserver:dc.ngunhubo.local(tnDomainControler)
    Loginasuser:Administrator
    Password:*******.
    >OK.

    ChnnhngUsercnImport>OK

    KimtracccUsermiImport.

    Ch:
    DomainnibvDomainmailkhngcngtn(.localv.com)nn
    cnsalitnDomainchngthcKerberos:
    Configuration>Domains>Edit:ngunhubo.com>[Tab]Advanced>
    KerberosTM5:ngunhubo.local>OK

    GiihndunglnghpMailvmailgii:
    RightClickUsercnGiihn>[Tab]Quota:GiihndunglnghpMail2
    GB.

    [Tab]Messages:GiihnMailgiitia2MB.

    b.ToGroup
    Accounts>Groups>Add>Name:VIP
    [Tab]Emailaddress>Add

    [Tab]Users>Add

    ChnAdmin&sep>OK>OK

    TngtviGroupUser




    Kimtra:DngmailAdmingitivip@ngunhubo.comv
    user@ngunhubo.com
    Truycphttp://172.16.0.2.LoginvottcccUseru
    nhncmail.

    3.CuhnhTrnDomainngunhubo.comvRouter,vWinrouteFirewall
    PublicMailServer.
    a.CuhnhTrnDomain:
    TruycptrangqunlDomain.




    AddHostRecordnhsau:
    Hostname:mail
    Address:IPtnhthu.
    Hosttype:A(Address)


    b.CuhnhTrnRouter.(MiRouterccchcuhnhChititkhcnhau)
    B1.ToStaticRoute:
    MTrnhduyt>http://192.168.1.1>NhpUsernamevPassword
    Router>OK.
    AdvancedSetup>Routing>StaticRoute>Add:
    DestinationNetwordAddress:172.16.0.0
    SubnetMark:255.255.255.0
    UseGatewayIpAddress:192.168.1.2
    UseInterface:LAN/bro

    B2.NAT
    AdvancedSetup>NAT>VirtualServer>AddCcPort:110,25,80,443
    vIP:172.16.0.2



    Cuhnh:

    c.CuhnhtrnWinrouteFirewall:
    Configuration>TrafficPolicy>AddnewRule
    Source:Any
    Destination:172.16.0.2
    Service:HTTP,HTTPS,POP3,SMTP
    Action:Permit
    Translation:NAT
    >Apply

    d.KimTraHotng
    TngoiInternet,truycpach:http://mail.ngunhubo.com
    CuhnhOutlookExpresstngoiviachPOP3vSMTPl
    mail.ngunhubo.com.
    GinhnMailthnhcng.KimtragiraNgoiGmail,YahooMail.
    4.ARCHIVE,BACKUP&RESTORE.

    a.Archive
    Configuration>ArchivingandBackup
    Check:Enableemailarchiving
    Pathtothearchivedirectory:TrtiPhnvnghoccngkhc
    nicitKerioConnect.>Apply
    KimtratrongMailcaAdmincFolderArchive.

    b.Backup

    GilpSpxanhmmail(hocDatabaseh),trcc1bnBackupv
    tinhnhRestoreli.
    VomailAmingi1emailchosp:



    Vomailcasp,kimtranhncmailtadmin:









    TinhnhBackup:
    Configuration>ArchivingandBackup>[tab]Backup
    Check:Enablemessagestoreandconfigurationrecoverybackup
    McnhKerioConnecttoScheduesntth2nChNht.
    BackupDirectory:TrnthmcD:\backup\Mail.
    ClickStartNow.SaunthmcD:\backup\Mail,kimtrac1File
    *.Zip.


    VoEmailcasp,xaMailadminmigi.TinhnhRecover


    c.Recover
    TtKerioConnect:NhpphivobiutngdithankTaskbar


    VoRun>Cmd
    DichuyntithmccitKerioConnect:



    G:kmsrecoverD:\backup\Mail>Enter


    G:yeshocy>Enter
    hontt.


    StartliKerioConnect:




    LoginvoEmailcaSp.KimtraMailadmingivncn.

    You might also like