User Manual
Table Of Contents
- Introduction
- Front Panel
- Back Panel
- Installation Guidelines
- Wall Mounting
- Using the Setup Wizard
- Entering Login and Internet Connection Information
- Manually Connecting Your System
- Logging In
- Using the Getting Started Page
- Navigating through the Pages
- Saving Your Changes
- Viewing the Help Files
- Viewing the System Summary
- Viewing the Wireless Status
- Viewing the IPsec Connection Status
- Viewing the QuickVPN Connection Status
- Viewing Logs
- Viewing Available LAN Hosts
- Viewing the Port Triggering Status
- Viewing Port Statistics
- Configuring Networking
- Configuring the WAN for an IPv4 Network
- Configuring the WAN for an IPv6 Network
- Creating PPPoE Profiles
- Changing the Default Cisco RV 120W IP Address
- Configuring DHCP
- Configuring the LAN DNS Proxy
- Configuring Virtual LANs (VLANs)
- Configuring Port VLANs
- Configuring Multiple VLAN Subnets
- Configuring IPv6 LAN Properties
- Configuring LAN Groups
- Adding a Static IP Address for a Device on the LAN
- Configuring a DMZ Host
- Configuring Internet Group Management Protocol (IGMP)
- Choosing the Routing Mode
- Viewing Routing Information
- Configuring Static Routing
- Configuring Dynamic Routing
- Configuring the Routing Mode
- Configuring IPv6 Static Routing
- Configuring RIP next generation (RIPng)
- Configuring IPv6 to IPv4 Tunneling
- Configuring Router Advertisement
- Configuring the Wireless Network
- Wireless Security Tips
- General Network Security Guidelines
- Configuring the Group Key Refresh Interval
- Configuring RADIUS Authentication Parameters
- Enabling or Disabling APs
- Editing an AP’s Properties
- Using MAC Filtering
- Viewing AP Status
- Configuring the Firewall
- Protecting from Attacks
- Configuring Universal Plug and Play (UPnP)
- Enabling Session Initiation Protocol Application-Level Gateway (SIP ALG)
- Configuring the Default Outbound Policy
- Creating a Firewall Rule
- Managing Firewall Rules
- Creating Custom Services
- Blocking Web Applications and Components
- Adding Trusted Domains
- Adding Blocked Keywords
- Configuring MAC Address Filtering
- Configuring IP/MAC Address Binding
- Restricting Sessions
- Configuring Virtual Private Networks (VPNs) and Security
- Creating Cisco QuickVPN Client Users
- Using the VPN Wizard
- Viewing the Default Values
- Configuring IP Security Policies
- Configuring VPN Policies
- Configuring VPN Clients
- Monitoring VPN Tunnel Status
- Configuring IPsec Users
- Configuring VPN Passthrough
- Using Certificates for Authentication
- Using the Cisco RV 120W With a RADIUS Server
- Configuring 802.1x Port-Based Authentication
- Configuring Quality of Service (QoS)
- Configuring 802.1p to Queue Mapping
- Configuring 802.1p CoS to DSCP Remarking
- Administering Your Cisco RV 120W
- Editing SNMPv3 Users
- Adding SNMP Traps
- Configuring Access Control Rules
- Configuring Additional SNMP Information
- Using PING
- Using Trace Route
- Performing a DNS Lookup
- Capturing and Tracing Packets
- Configuring Local Logging
- Configuring Remote Logging
- Configuring the Logging Type and Notification
- Configuring E-Mailing of Log Events
- Configuring VLAN Associations
- Using Cisco QuickVPN for Windows 2000, XP, or Vista
- Installing from the CD-ROM
- Downloading and Installing from the Internet
- Where to Go From Here
Configuring the Firewall
Configuring Basic Firewall Settings
Cisco RV 120W Administration Guide 76
4
Configuring Basic Firewall Settings
To configure basic firewall settings, choose Firewall > Basic Settings. You can
configure the following:
Protecting from Attacks
Attacks are malicious security breeches or unintentional network issues that
render the Cisco RV 120W unusable. Attack checks allow you to manage WAN
security threats such as continual ping requests and discovery via ARP scans.
TCP and UDP flood attack checks can be enabled to manage extreme usage of
WAN resources.
As well, certain Denial-of-Service (DoS) attacks can be blocked. These attacks, if
uninhibited, can use up processing power and bandwidth and prevent regular
network services from running normally. ICMP packet flooding, SYN traffic
flooding, and Echo storm thresholds can be configured to temporarily suspect
traffic from the offending source.
STEP 1 Choose Firewall > Basic Settings > Attack Checks.
STEP 2 Check the boxes to enable the following functions:
WAN Security
• Respond to Ping on the Internet—To configure the Cisco RV 120W to allow
a response to an Internet Control Message Protocol (ICMP) Echo (ping)
request on the WAN interface, check this box. This setting is used as a
diagnostic tool for connectivity problems. Not enabled by default.
• Enable Stealth Mode—If Stealth Mode is enabled, the router will not
respond to port scans from the WAN. This feature makes the network less
susceptible to discovery and attacks. Enabled by default.
• Block TCP Flood— If this option is enabled, the router will drop all invalid
TCP packets. This feature protects the network from a SYN flood attack.
Enabled by default.
LAN Security
• Block UDP Flood—If this option is enabled, the router will not accept more
than 25 simultaneous, active UDP connections from a single computer on
the LAN. Enabled by default.