User Manual
Table Of Contents
- Introduction
- Front Panel
- Back Panel
- Installation Guidelines
- Wall Mounting
- Using the Setup Wizard
- Entering Login and Internet Connection Information
- Manually Connecting Your System
- Logging In
- Using the Getting Started Page
- Navigating through the Pages
- Saving Your Changes
- Viewing the Help Files
- Viewing the System Summary
- Viewing the Wireless Status
- Viewing the IPsec Connection Status
- Viewing the QuickVPN Connection Status
- Viewing Logs
- Viewing Available LAN Hosts
- Viewing the Port Triggering Status
- Viewing Port Statistics
- Configuring Networking
- Configuring the WAN for an IPv4 Network
- Configuring the WAN for an IPv6 Network
- Creating PPPoE Profiles
- Changing the Default Cisco RV 120W IP Address
- Configuring DHCP
- Configuring the LAN DNS Proxy
- Configuring Virtual LANs (VLANs)
- Configuring Port VLANs
- Configuring Multiple VLAN Subnets
- Configuring IPv6 LAN Properties
- Configuring LAN Groups
- Adding a Static IP Address for a Device on the LAN
- Configuring a DMZ Host
- Configuring Internet Group Management Protocol (IGMP)
- Choosing the Routing Mode
- Viewing Routing Information
- Configuring Static Routing
- Configuring Dynamic Routing
- Configuring the Routing Mode
- Configuring IPv6 Static Routing
- Configuring RIP next generation (RIPng)
- Configuring IPv6 to IPv4 Tunneling
- Configuring Router Advertisement
- Configuring the Wireless Network
- Wireless Security Tips
- General Network Security Guidelines
- Configuring the Group Key Refresh Interval
- Configuring RADIUS Authentication Parameters
- Enabling or Disabling APs
- Editing an AP’s Properties
- Using MAC Filtering
- Viewing AP Status
- Configuring the Firewall
- Protecting from Attacks
- Configuring Universal Plug and Play (UPnP)
- Enabling Session Initiation Protocol Application-Level Gateway (SIP ALG)
- Configuring the Default Outbound Policy
- Creating a Firewall Rule
- Managing Firewall Rules
- Creating Custom Services
- Blocking Web Applications and Components
- Adding Trusted Domains
- Adding Blocked Keywords
- Configuring MAC Address Filtering
- Configuring IP/MAC Address Binding
- Restricting Sessions
- Configuring Virtual Private Networks (VPNs) and Security
- Creating Cisco QuickVPN Client Users
- Using the VPN Wizard
- Viewing the Default Values
- Configuring IP Security Policies
- Configuring VPN Policies
- Configuring VPN Clients
- Monitoring VPN Tunnel Status
- Configuring IPsec Users
- Configuring VPN Passthrough
- Using Certificates for Authentication
- Using the Cisco RV 120W With a RADIUS Server
- Configuring 802.1x Port-Based Authentication
- Configuring Quality of Service (QoS)
- Configuring 802.1p to Queue Mapping
- Configuring 802.1p CoS to DSCP Remarking
- Administering Your Cisco RV 120W
- Editing SNMPv3 Users
- Adding SNMP Traps
- Configuring Access Control Rules
- Configuring Additional SNMP Information
- Using PING
- Using Trace Route
- Performing a DNS Lookup
- Capturing and Tracing Packets
- Configuring Local Logging
- Configuring Remote Logging
- Configuring the Logging Type and Notification
- Configuring E-Mailing of Log Events
- Configuring VLAN Associations
- Using Cisco QuickVPN for Windows 2000, XP, or Vista
- Installing from the CD-ROM
- Downloading and Installing from the Internet
- Where to Go From Here
Configuring the Firewall
Configuring Firewall Rules
Cisco RV 120W Administration Guide 83
4
• Minimize-Cost—Choose this option when data must be transferred over a
link that has a lower “cost.” The IP packets for services with this priority are
marked with a TOS value of 2.
• Maximize-Reliability—Choose this option when data needs to travel to the
destination over a reliable link and with little or no retransmission. The IP
packets for services with this priority are marked with a TOS value of 4.
• Maximize-Throughput—Choose this option when the volume of data
transferred during an interval is important even if the latency over the link is
high. The IP packets for services with this priority are marked with a TOS
value of 8.
• Minimize-Delay—Choose this option when the time required (latency) for
the packet to reach the destination must be low. The IP packets for services
with this priority are marked with a TOS value of 16.
STEP 11 When the traffic is coming from the WAN to the DMZ or the LAN, Destination
Network Address Translation maps a public IP address (your Dedicated WAN
address, Optional WAN address, or another address) to an IP address on your
private network. Enter the following:
• Send to Local Server (DNAT IP)—Specify an IP address of a machine on the
Local Network which is hosting the server.
• (Optional) Check the Enable Port Forwarding box to enable port forwarding
to the port that you specify in the Translate Port Number field. This will allow
traffic from the Internet to reach the appropriate LAN port via a port
forwarding rule.
• Translate Port Number—Enter the port number to use for port forwarding.
For example, if a machine on the Local Network side is running a telnet
server on port 2000, then check the Enable Port Forwarding box and enter
2000 in the Translate Port Number field. If the server is listening on the
default port 23, then the box can be left unchecked.
• Internet Destination Address—Select the public IP address that is used for
this firewall rule: Dedicated WAN, Optional WAN, or Other. If you choose
Other, enter the WAN IP address that will map to the internal server in the
Other IP Address field.