User's Manual
Table Of Contents
- Introduction
- LAN Ethernet Interfaces
- Wireless Access Point (Cisco RV180W)
- Firewall and VPN Client Access
- Wireless Distribution System (Cisco RV180W)
- Virtual Networks
- Wireless Security (Cisco RV180W)
- Quality of Service (Cisco RV180W)
- Configuration and Administration
- Front Panel
- Back Panel
- Front Panel
- Back Panel
- Installation Guidelines
- Wall Mounting
- Configuring Networking
- Configuring the IPv4 WAN (Internet)
- Configuring PPPoE Profiles
- Configuring IPv4 LAN (Local Network) Settings
- Configuring Virtual LAN (VLAN) Membership
- Configuring Multiple VLAN Subnets
- Configuring Static DHCP
- Configuring Advanced DHCP Settings
- Viewing DHCP Leased Clients
- Configuring RSTP (Cisco RV180W)
- Configuring Jumbo Frames
- Choosing the Routing Mode
- Viewing Routing Information
- Configuring Static Routes
- Configuring Dynamic Routing
- Configuring the IP Mode
- Configuring IPv6 WAN Settings
- Configuring IPv6 LAN Properties
- Configuring IPv6 Routing
- Configuring Tunneling
- Configuring Router Advertisement
- Configuring the Wireless Network (Cisco RV180W)
- Wireless Security Tips
- General Network Security Guidelines
- Enabling Rogue AP Detection
- Authorizing a Rogue AP
- Adding and Editing Authorized APs
- Configuring the Firewall
- Creating an Access Rule
- Adding a Port Triggering Rule
- Adding a Port Forwarding Configuration
- Configuring One-to-One Network Address Translation (NAT)
- Configuring MAC Address Filtering
- Configuring IP/MAC Address Binding
- Creating Custom Services
- Creating Firewall Schedules
- Configuring Sessions
- Configuring Internet Group Management Protocol (IGMP)
- Configuring LAN (Local Network) Groups
- Enabling Session Initiation Protocol Application-Level Gateway (SIP ALG)
- Configuring Virtual Private Networks (VPNs) and Security
- Creating Cisco QuickVPN Client Users
- Configuring a Basic VPN
- Configuring Advanced VPN Parameters
- Configuring VPN Clients
- Monitoring VPN Tunnel Status
- Configuring VPN Users
- Configuring VPN Passthrough
- Using SSL Certificates for Authentication
- Using the Cisco RV180/RV180W With a RADIUS Server
- Configuring 802.1x Port-Based Authentication
- Configuring Quality of Service (QoS)
- Administering Your Cisco RV180/RV180W
- Configuring Web Access
- Configuring User Accounts
- Setting the Session Timeout Value
- Configuring SNMP
- Configuring Additional SNMP Information
- Configuring Logging Policies
- Configuring Firewall Logs
- Configuring Remote Logging
- Configuring Bonjour
- Configuring UPnP
- Viewing the Cisco RV180/RV180W Status
- Using Cisco QuickVPN for Windows 7, 2000, XP, or Vista
- Installing from the CD-ROM
- Downloading and Installing from the Internet
- Where to Go From Here
Configuring the Firewall
Configuring Access Rules
Cisco RV180/RV180W Administration Guide 79
4
DRAFT - CISCO CONFIDENTIAL
• RIP (Routing Information Protocol)
• IKE
• SHTTPD (Simple HTTPD web server)
• IPSEC-UDP-ENCAP (UDP Encapsulation of IPsec packets)
• IDENT protocol
• VDOLIVE (live web video delivery)
• SSH (secure shell)
• SIP-TCP or SIP-UDP
STEP 6 In the Source IP field, configure the IP address to which the firewall rule applies:
• Any—The rule applies to traffic originating from any IP address in the local
network.
• Single Address—The rule applies to traffic originating from a single IP
address in the local network. Enter the address in the Start field.
• Address Range—The rule applies to traffic originating from an IP address
located in a range of addresses. Enter the starting IP address in the Start
field, and the ending IP address in the Finish field.
STEP 7 If you are configuring an inbound firewall access rule:
a. Destination Network Address Translation (DNAT) maps a public IP address
(your dedicated WAN address) to an IP address on your private network. In the
Send to Local Server (DNAT IP) field, specify an IP address of a machine on the
Local Network which is hosting the server.
b. The router supports multi-NAT, so your Internet Destination IP address does not
have to be the address of your WAN. On a single WAN interface, multiple public
IP addresses are supported. If your ISP assigns you more than one public IP
address, one of these can be used as your primary IP address on the WAN
port, and the others can be assigned to servers on the LAN. In this way, the
LAN can be accessed from the internet by its aliased public IP address. Check
the Enable box and enter the IP address you want to use.
c. Under Rule Status, choose Enabled or Disabled. You may want to configure a
rule and choose Disabled if you want to enable it at a later time.