In this mode, it is the user currently working on the host who initiates and closes VPN connection. In the Kerio VPN Client system preferences panel, the user can connect by entering their login information. The session is closed by the user or automatically upon closing the Kerio VPN Client, user logout or computer shutdown/reboot.

For initiation of a VPN session in this mode, no special user rights for the client host are required — i.e. any user of the particular host can use the Kerio VPN Client there.

In this mode, once a user establishes a VPN connection, this connection is kept persistently. The Kerio VPN Client Service system service forces the connection to be kept even after closing the Kerio VPN Client and/or user logout, and it will be recovered automatically after the computer shutdown/reboot. Upon the computer startup, the VPN connection is recovered immediately, even before the user authenticates. Thanks to this feature, e.g. connection of the user to a remote private network domain is enabled.

For successful initiation and closing of persistent VPN connections, the user needs administrator rights for the client host (an account of the administrator type). Non-administrators can access only the remote private network if the VPN connection has already been established.