Andreas Körber
My feedback
-
6 votes
Andreas Körber shared this idea ·
-
495 votes
GFI official position is to use purchased certificates for use with Kerio Connect and not use free Let’s Encrypt certificates, however for those wanting free Let’s Encrypt option it is possible.
Andreas Körber supported this idea ·
-
180 votes
Andreas Körber supported this idea ·
-
77 votes
Andreas Körber commented
The Cipher Suites accepted, Life Time, etc. should be changeable via the web gui. And please start to support PFS (Perfect Forward Secrecy).
Andreas Körber supported this idea ·
-
17 votes
Andreas Körber supported this idea ·
-
36 votes
Andreas Körber supported this idea ·
-
26 votes
Andreas Körber commented
Meanwhile Control supports that:
http://kb.kerio.com/product/kerio-control/vpn/configuring-ipsec-vpn-tunnel-kerio-control-and-another-device-1390.html -
43 votes
Andreas Körber supported this idea ·
-
37 votes
Andreas Körber supported this idea ·
-
52 votes
Andreas Körber supported this idea ·
-
40 votes
Roman Jokl responded
I don’t see reason for changing the key lifetime. It is automatic process that user shouldn’t be aware of. The only case is if the re-keying doesn’t work and increasing lifetime is a workaround. Such a bug should be fixed in the first place.
Andreas Körber commented
Lifetimes and many other options like dedicated cypher suites , DH groups and so on should be changeable in the web GUI. This is possible in almost any firewall, even in open source software.
There will be a bite more configuration work for the admin but that shouldn't be the reason for not doing it.Andreas Körber supported this idea ·
-
95 votes
Andreas Körber supported this idea ·
-
53 votes
Andreas Körber commented
It shouldn't be a move to IKEv2. Control should support IKEv1 and IKEv2.
IKEv2 would also be an option for Host-to-Site VPN.Andreas Körber supported this idea ·
-
53 votes
Andreas Körber supported this idea ·
-
199 votes
Heather P responded
Thanks for the idea. We haven’t assigned this idea to a release yet, but we welcome further comments and votes if this is important to you.
Andreas Körber supported this idea ·
-
83 votes
Andreas Körber commented
We would appreciate an Kerio VPN Client for iOS and Android to use Kerio VPN instead L2TP via IPSec.
One Problem is the missing search domain via L2TP connections. This works via Kerio VPN.Andreas Körber supported this idea ·
-
79 votes
Andreas Körber supported this idea ·
-
122 votes
Andreas Körber supported this idea ·
-
152 votes
Andreas Körber supported this idea ·
-
69 votes
Andreas Körber supported this idea ·
Looks like Kerio is adding changeable IPSec values in the GUI with version 9.2.
There is a beta version available.
However I have a few suggestions to improve the GUI IPSec values:
- DH Groups drop down: Please show DH Group in every line like "DH Group 2 (modp1024) „
- Please make lifetimes in Phase 1 and Phase 2 changeable
- Please add a possibility to change dead peer detection to on and off