Settings > Kerio Control Interfaces > Configuring network interfaces

Configuring network interfaces

Kerio Control represents a gateway between two or more networks (typically between the local network and the Internet) and controls traffic passing through network adapters which are connected to these networks.

In Kerio Control, you can define the following groups of interfaces:

Internet Interfaces — interfaces which can be used for Internet connection,
Trusted/Local Interfaces — interfaces connected to local private networks protected by the firewall,
IPsecInternet Protocol security - A network protocol used to encrypt and secure data sent over a network. and Kerio VPNVirtual private network - A network that enables users connect securely to a private network over the Internet. interfaces — virtual network interfaces (Kerio VPN, IPsec VPN),
Guest Interfaces — interfaces which can be used for Guest LANs. For more information refer to Configuring the guest network.
Other Interfaces — interfaces which do not belong to any of the groups listed above (i.e. dial-like links).

NOTE

If you want to configure WiFi in your Kerio Control NG100W or NG300W, see Managing WiFi in Kerio Control NG100W and NG300W.

Adding new interfaces

Interfaces in Kerio Control represents:

Network adapter — Each new network adapter in the Kerio Control computer displays as an interface in the Interfaces section. If you use a Kerio Control Software ApplianceA special operating system designed to run on a computer., you must put a new network adapter (NIC) to the Kerio Control computer. If you use a Kerio Control Virtual AppliancePre-configured Kerio Control virtual machine image for VMware or Hyper-V., you must create a new network adapter in your Hyper-V or VMware environment.
Port in Kerio Control Box — In the Interfaces section displays LAN switchA network unit which connects separated subnets. interface. You can take a port from the switch and make it a standalone interface from the port.
VLAN — If your network architecture is built on VLANs, you can add VLANs as interfaces.

Configuring interfaces

A configuration wizard is available for the setup of basic interface parameters:

In the administration interface, go to Interfaces.
Click More Actions > Configure in Wizard.
Read the Configuration Assistant article. For more information refer to Configuration Assistant.

During the initial firewall configuration by the wizard, interfaces will be arranged into groups automatically. This classification can be changed later.

You can configure interfaces directly in the Interfaces section. For more information refer to Configuring TCP/IP settings in Kerio Control interfaces.

Moving an interface to another group

To move an interface to another group, drag it by mouse to the desired destination group, or select the group in the properties of the particular interface — see below.

Configuring Internet connectivity

For networks using IPv4Version 4 of the Internet Protocol., it is possible to use one or more Internet connections.

In the administration interface, go to Interfaces.
Select one of the following options:

A Single Internet Link — the most common connection of local networks to the Internet. In this case, only one Internet connection is available and it is used persistently. It is also possible to use dial-like links which can be connected persistently — typically PPPoE connections. Only a single link connection is for IPv6Version 6 of the Internet Protocol..
Multiple Internet Links - Failover — if the primary link fails, Kerio Control switches to the secondary link automatically. When the connection on the primary link is recovered, Kerio Control automatically switches back to it.
Multiple Internet Links - Load Balancing — Kerio Control can use multiple links concurrently and spread data transferred between the LANLocal area network - A network that connects computers and other devices in a small area. and the Internet among these links. In standard conditions and settings, this also works as connection failover — if any of the links fails, transferred data are spread among the other links.

Click Apply.

Adding tunnels

You can add an interface for a new type of tunnel:

Configuring Ethernet ports

Hardware appliance Edition

Kerio Control hardware applianceKerio Control installed and delivered with standardized and tested hardware box. contains Gigabit Ethernet ports. Individual ports can be set as:

Standalone interface
Switch for LAN
Not assigned — the port is inactive.

NOTE

It is also possible to use a virtual network (VLAN). For more information refer to Configuring VLANs.

In the administration interface, go to Interfaces.
Click Manage Ports.
In the Manage Ports dialog, double-click Port Name.
In the Configure Port dialog, you can set a port as:

Standalone interface — the port is used as a standalone Ethernet interface.
Switch for LAN — port is a part of the switch which, in Kerio Control, behaves as one Ethernet interface.
Not assigned — the port is inactive. This can be used for example for temporary disconnection of the computer of a network segment connected to the port.

Speed and duplex leave as it is.
On Ethernet interfaces, you can create one or more tagged virtual networks (VLAN).
Save the settings.

Appliance Editions

Appliance editions can set speed and duplex mode for Ethernet interfaces and create virtual networks (VLAN) on these interfaces:

In the administration interface, go to Interfaces.
Click Manage Ports.
In the Manage Ports dialog, double-click Port Name.
Set Speed and duplex. In most cases, interconnected devices agree on speed and communication mode automatically.
On Ethernet interfaces, you can create one or more tagged virtual networks (VLAN).
Save the settings.