User Manual
Table Of Contents
- Introduction
- Front Panel
- Back Panel
- Installation Guidelines
- Wall Mounting
- Using the Setup Wizard
- Entering Login and Internet Connection Information
- Manually Connecting Your System
- Logging In
- Using the Getting Started Page
- Navigating through the Pages
- Saving Your Changes
- Viewing the Help Files
- Viewing the System Summary
- Viewing the Wireless Status
- Viewing the IPsec Connection Status
- Viewing the QuickVPN Connection Status
- Viewing Logs
- Viewing Available LAN Hosts
- Viewing the Port Triggering Status
- Viewing Port Statistics
- Configuring Networking
- Configuring the WAN for an IPv4 Network
- Configuring the WAN for an IPv6 Network
- Creating PPPoE Profiles
- Changing the Default Cisco RV 120W IP Address
- Configuring DHCP
- Configuring the LAN DNS Proxy
- Configuring Virtual LANs (VLANs)
- Configuring Port VLANs
- Configuring Multiple VLAN Subnets
- Configuring IPv6 LAN Properties
- Configuring LAN Groups
- Adding a Static IP Address for a Device on the LAN
- Configuring a DMZ Host
- Configuring Internet Group Management Protocol (IGMP)
- Choosing the Routing Mode
- Viewing Routing Information
- Configuring Static Routing
- Configuring Dynamic Routing
- Configuring the Routing Mode
- Configuring IPv6 Static Routing
- Configuring RIP next generation (RIPng)
- Configuring IPv6 to IPv4 Tunneling
- Configuring Router Advertisement
- Configuring the Wireless Network
- Wireless Security Tips
- General Network Security Guidelines
- Configuring the Group Key Refresh Interval
- Configuring RADIUS Authentication Parameters
- Enabling or Disabling APs
- Editing an AP’s Properties
- Using MAC Filtering
- Viewing AP Status
- Configuring the Firewall
- Protecting from Attacks
- Configuring Universal Plug and Play (UPnP)
- Enabling Session Initiation Protocol Application-Level Gateway (SIP ALG)
- Configuring the Default Outbound Policy
- Creating a Firewall Rule
- Managing Firewall Rules
- Creating Custom Services
- Blocking Web Applications and Components
- Adding Trusted Domains
- Adding Blocked Keywords
- Configuring MAC Address Filtering
- Configuring IP/MAC Address Binding
- Restricting Sessions
- Configuring Virtual Private Networks (VPNs) and Security
- Creating Cisco QuickVPN Client Users
- Using the VPN Wizard
- Viewing the Default Values
- Configuring IP Security Policies
- Configuring VPN Policies
- Configuring VPN Clients
- Monitoring VPN Tunnel Status
- Configuring IPsec Users
- Configuring VPN Passthrough
- Using Certificates for Authentication
- Using the Cisco RV 120W With a RADIUS Server
- Configuring 802.1x Port-Based Authentication
- Configuring Quality of Service (QoS)
- Configuring 802.1p to Queue Mapping
- Configuring 802.1p CoS to DSCP Remarking
- Administering Your Cisco RV 120W
- Editing SNMPv3 Users
- Adding SNMP Traps
- Configuring Access Control Rules
- Configuring Additional SNMP Information
- Using PING
- Using Trace Route
- Performing a DNS Lookup
- Capturing and Tracing Packets
- Configuring Local Logging
- Configuring Remote Logging
- Configuring the Logging Type and Notification
- Configuring E-Mailing of Log Events
- Configuring VLAN Associations
- Using Cisco QuickVPN for Windows 2000, XP, or Vista
- Installing from the CD-ROM
- Downloading and Installing from the Internet
- Where to Go From Here
Configuring the Firewall
Configuring Firewall Rules
Cisco RV 120W Administration Guide 82
4
• SSH
• SIP-TCP
STEP 6 Choose the action:
• Always Block—Always block the selected type of traffic.
• Always Allow—Never block the selected type of traffic.
• Block by schedule, otherwise allow—Blocks the selected type of traffic
according to a schedule. See Creating Firewall Schedules, page 85.
• Allow by schedule, otherwise block—Allows the selected type of traffic
according to a schedule. See Creating Firewall Schedules, page 85.
STEP 7 In the Source Hosts field, select the users to which the firewall rule applies:
• Any—The rule applies to traffic originating on any host in the local network.
• Single Address—The rule applies to traffic originating on a single IP
address in the local network. Enter the address in the From field.
• Address Range—The rule applies to traffic originating from an IP address
located in a range of addresses. Enter the starting IP address in the From
field, and the ending IP address in the To field.
STEP 8 In the Log field, specify whether or not the packets for this rule should be logged.
To log details for all packets that match this rule, select Always. For example, if an
outbound rule for a schedule is selected as Block Always, then for every packet
that tries to make an outbound connection for that service, a message with the
packet’s source address and destination address (and other information) is
recorded in the log. Enabling logging may generate a significant volume of log
messages and is recommended for debugging purposes only. Select Never to
disable logging.
STEP 9 When traffic is going from the LAN or DMZ to the WAN, the system requires
rewriting the source or destination IP address of incoming IP packets as they pass
through the firewall. In the SNAT IP Type field, choose WAN Interface Address or
choose Single Address and enter the Single IP Address in the SNAT IP field.
STEP 10 In the QoS Priority field, assign a priority to IP packets of this service. The priorities
are defined by “Type of Service (TOS) in the Internet Protocol Suite” standards,
RFC 1349. The gateway marks the Type Of Service (TOS) field as defined below:
• Normal-Service—No special priority is given to the traffic. The IP packets
for services with this priority are marked with a TOS value of 0.