Cisco Routers :: RV042 TLS Security Scan Failure
Mar 30, 2013
As part of my business' PCI compliance regime, we are regularly scanned for vulnerabilities. Today we started getting notifications of failure on all of the QuickVPN ports (443, 60443) for the following:
Details: Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
06/11/12 CVE 2009-3555 Multiple vendors TLS protocol implementations are prone to a security vulnerability related to the session-renegotiation process which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context.
Cisco, will you be issuing a firmware update to address this anytime in the near future? Presumably it effects all the other RV routers as well.
View 3 Replies
ADVERTISEMENT
Jun 28, 2011
Tried upgrading my firmware to 4.0.2.08-tm and now I cannot log in via the web interface. The router boots and gets out to the internet. It still allows incoming vpn connections. The login screen displays and will display an error message if I use incorrect credentials, but if I log in properly and am directed to the routers web config homepage at "192.168.1.1/default.htm", I get a 404 error message. Telnet does not work either (not sure if it's on, never used it before) 404 Not FoundThe requested server-side-includes filename, /usr/local/EasyAccess/www/htdocs/default.htm, does not seem to exist.As if the web pages after the login screen got removed or corrupted after the update.
SN is NKS10403247
I realize there is a newer version. Attempted the upgrade incrementally since I could not find documentation specifiying if that was required or not.
View 5 Replies
View Related
Sep 5, 2011
I just updated my RV042 to the firmware RV0XX-v4.0.4.02-tm-20110704-code.bin and now im having this error every time that i try to logon in the router? 404 Not FoundThe requested server-side-includes filename, /usr/local/EasyAccess/www/htdocs/default.htm, does not seem to exist.
View 7 Replies
View Related
Sep 13, 2011
So we had a PCI scan, and we failed on a couple things where the devices are HP printers.For those that don't know, PCI = Payment Card Industry
Quote:
service tcp 34862
Linux nfs-utils Overflow
The rpc.mountd service was detected on this server. This is a remote procedure call (RPC) based service that is known to have an overflow vulnerability which can give root-level access to an attacker. Note that this service may have been activated by default when you installed your operating system.
Quote:
service udp 2049
RPC nfsd Detected
The nfsd program faciliates the Unix Network File System, which is rarely meant to be exposed to the public Internet. Many Unix/Linux systems activate a number of RPC services by default during installation. The nfsd program has also had vulnerabilities which could allow an attacker to gain control of this system.
Quote:
Windows Registry Accessible The Windows Registry is accessible by remote users and can be accessed using a NULL session (no credentials) or using the built-in Guest account. The Registry is a critical collection of information that governs how Windows and installed applications operate. The Registry is a primary target for attackers to view or modify.
These 3 came from an HP LaserJet M4345 MFP.What needs to be disabled? Strangely, the other M4345's didn't get these. I compared configurations, but everything was the same that I could see (except for the SNMP setting).
View 12 Replies
View Related
Mar 27, 2011
I have a new RV042 v03 with 4.0.0.07 firmware. It's the gateway router at a client with a static IP address. I'm trying to configure a VPN tunnel so that they can access office resources from "road-warrior"-type situations (laptop at home or elsewhere). I have two problems:I cannot log into the router's interface from Safari 5.0.x. After logging in to the router, I'm kicked back out to the login prompt. It seems to work fine from Firefox 4.This is the real issue - I cannot get a VPN GroupVPN (or Client to Gateway, for that matter) connection working with IPSecuritas on the Mac.
View 3 Replies
View Related
Jan 12, 2013
I put my laptop in safe mode w/ networking and started to run Microsoft safety scanner, then when the scan is almost finished the whole thing shuts down.
View 5 Replies
View Related
May 24, 2011
I'm currently investigating an issue for one of our customers where one of their 3750 Core Switch Stacks crash / becomes unresponsive during a NESSUS Scan.
They've diabled DoS testing and have ensured that safe scanning is enabled. For the test they are port scanning all of their VLANs (around 600 internal addresses).
The network consists of 2x 3750 Switch Stacks connected via fiber, edge switches connect into these cores. Both cores are running HSRP, for VLAN gateway redundancy.
Issue Being faced is as follows:
During the scan, Core 1 becomes unreachable from Core 2. We can telnet to Core 2 and administer as necessary. However we cannot telnet to Core1, a console connection also fails - the switch stack is unresponsive, but does respond to pings.
On Core 2 I've performed a show proc cpu sorted and can see the IP Input process is running at around 60% and the CPU is highly utilised.
Once Core 1 becomes unreachable the network gradually grinds to a halt, almost mimicking some sort of broadcast storm or Spanning Tree loop.
Interestingly Core 1 HSRP is still active, so the hello packets are still being sent.
The only resolution to the issue is to perform a hard reset of the Core to restore service.
Logs from core 1 show the CPU becomes fully utilised. There is also an error logged indiciating:
%FIB-2-FIBDOWN: CEF has been disabled due to a low memory condition. It can be re-enabled by configuring "ip cef [distributed]"
Both cores are running IOS 12.2.(52) SE IPBASE. I've attempted to reproduce the issue in the office here and although a NESSUS scan does increase switch CPU utilisation I couldn't reproduce the failure scenario.
What may be causing the 1st core to become unresponsive? I've found some articles with regard to a 6500 switch rebooting during a NESSUS scan, and also some HP switches exhibiting similar behaviour but nothing that matches the exact scenario I'm investigating.
View 4 Replies
View Related
Mar 18, 2013
Recently had an external security scan done on my DIR 655 and scan results are stating I have an accessible TFTP Server running. i've been through all the settings, and even upgraded to the latest firmware. Yet security scans are telling me I've got a TFTP Server running. Why would one be showing on the external interface, and how can I stop it?
View 7 Replies
View Related
Dec 20, 2011
Yesterday I discovered the primary and secondary CAS were both in active state and reporting their fellow peer as dead (I did this using ./fostate.sh), causing authentication errors on the network. I had to stop the perfigo process on the primary one to restore service.
After closer investigation I have discovered that when I put my laptop on the same subnet as their eth2 interfaces (eth0, eth1 and serial are not used for heartbeat only eth2), I can ping the eth2 ip address for the primary device, but can't ping that of the secondary device. See configs and outputs below. I am also wondering why the secondary CAS shows its eth0 and eth1 interfaces as fake0 and fake1.
[root@CAS-SEC ~]# ifconfig eth2
eth2 Link encap:Ethernet HWaddr 00:1F:29:5D:1C:6C
inet addr:172.29.254.10 Bcast:172.29.254.11 Mask:255.255.255.252
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11205 errors:0 dropped:0 overruns:0 frame:0
[code].....
View 2 Replies
View Related
Feb 13, 2011
I m using DIR600 router. from few days my router shows smas port scan attack detected. then how to prevent this type of attack.
View 2 Replies
View Related
Mar 27, 2011
Ive got a virtualised firewall running 3 security contexts in routed mode. What am experiencing is that i cannot connect to an OUTSIDE host through the security contexts. From the firewall itself i cannot ping the directly attached host on the OUTSIDE interface but i can ping the directly attached host on the INSIDE interface. When i reload the firewall box, the first ping to the OUTSIDE host would be successful but subsequent pings fail and thus total connectivity is lost.
I even tried upgrading to ASA version 8.4(1) but still the same.
View 5 Replies
View Related
Jan 24, 2013
I have RV042 and E4200 routers . I tried the manual UPnP port forwarding using Rv042 router and was succesful ( by typing 192.168.1.1 in the explorer and logged in using user name and password )
I am using a linux embedded system whose Internal IP ,Internal port are mapped .This system is connected to one of the LAN ports
I want to try auto UPnP port forwarding both for RV042 router and Linksys E4200 routers
After enabling the Upnp option only and logging out ,Can i add a port mapping entry in this router without logging in using a C++ program which runs on linux embedded system .
View 2 Replies
View Related
Aug 22, 2012
I was looking for a small business router that has VPN support and dual WAN support for load balancing. Upon reading reviews, I think RV042/RV042G is a good choice. Now am thinking if it supports intervlan/ router-on-a-stick configuration?
View 5 Replies
View Related
Jul 31, 2012
I have a Cisco Small bussiness RV120w and I setup the radius server , WPA2 Enterprise with a windows 2008 NPS radius server . The big problem is that the authentication fails .This is the error that I see in event viewer / server roles / Network policy and access services: reason-code 49 "The connection attempt did not match any connection request policy".The radius key is matching between the server and the client . The radius server is reachable and I don't find any routing issues .Does anybody tested this router with this type of wireless security?
View 3 Replies
View Related
Mar 12, 2013
I'm experiencing a failure on headend 3945 routers with VPN tunnels to remote 2901 routers. Essentially, a tunnel a a 3945 will go down/down although the tunnel on the remote router indicates it is up/up. It happens intermittently and I am not seeing anything in the logs, other than the tunnel goes down. This seems so much like an IOS bug, but I can't find anything specific in caveats on this version of code.
View 12 Replies
View Related
Dec 15, 2011
We've (an independent school) just bought an SR520 with a view to replacing one of our Draytek 2820s. We need to set up some site-to-site VPN with NAT and the Drayteks won't do it.
I've been trying to configure the SR520 in just the most basic fashion using CCA (3.1) and the CLI but with no success. I can't get a PPP connection with our ISP.
I've tried following the instructions in the software config pdf and also tried replicating the various 'running configs' reported in other posts in this forum to allow connection to a UK ISP, with no success. I don't know how many times I've reset the poor thing to factory defaults.
I have to say that I'm dismayed at how flaky the CCA appears to be. Many of the things I've tried with it simply don't work and often end up in it hanging. Close to useless in my view.
So instead I've tried to use the CLI which seems a lot more solid but is somewhat impenetrable and there's precious little by way of supporting explanation.
View 12 Replies
View Related
Aug 22, 2011
my router has a WPA security system and I want it to be a WEP security system, what must i do?
View 7 Replies
View Related
Feb 27, 2012
I have two Internet connections-
1-DSL Modem (WAN1-Internet Port)
2-Cable Modem-Comcast (WAN2-DMZ/Internet Port)
I connected the DSL (WAN1-Internet) port in and the Cisco RV042 was able to get an IP automatically. I tested the connection and it works just fine. Then I connect the Cable Modem-Comcast (WAN2-DMZ/Internet Port) in and I have the RV042 automatically optain IP address. But it just says 0.0.0.0. I've tried release/renew and that does nothing. Also, when I connect the 2nd Internet connection the Internet goes down. The only way it goes back up is when I disable under the PORT MANAGMENT setting.
All the settings have been kept to the default.How can I get the router to obtain an IP address from the Cable Modem-Comcast (WAN2 DMZ/Internet Port).
View 5 Replies
View Related
Mar 6, 2012
We have an Cisco RV042. We need to setup a VPN with a business partner who is already using our current IP scheme on another VPN with another client. They have asked us to NAT our IP's from 192.168.25.x to 192.168.245.x
I can't seem to figure this out on this router. I have done it on a Sonicwall and Watchguard, but can't seem to get it to work on the RV042.
I have setup the VPN and the One-To-One NAT. The tunnel will connect (using the 245.x IP as our local IP on the VPN setup), but no traffic will pass through.
View 1 Replies
View Related
Sep 13, 2012
config setup
protostack=netkey
klipsdebug=none
[Code]....
View 3 Replies
View Related
Jan 17, 2013
The Lg840g is a tracfone with wifi capability. I get strong wifi signal and connection at home, but receive failure to connect to requested host message when I open the browser. This phone works at wayport wifi, so I assume it's a compatibility problem with the router. Is there a fix? (Router works great with our Acer and Kindle tablets though.)
View 1 Replies
View Related
May 20, 2012
i was planed to make a vpn over rv042 so i get the rv042 connected behind a thosmon 456(configured as a bridge) and 1 static ip ... and i configured the vpn and worked great ...but due to some circumstance i get a package of 6 ips insted of the old ip , so when i try to configure the router with the ISP they but the wan ip 10.232.x.x and told me that an internal ip from there lan ... and give me the 6 ip of 196.x.x.x to use as 1 for internal interface for the rv042 and 5 for the pc's,now the vpn not working anymore...notice: when try to configure the vpn tunnle in the local securty setting i mark the ip only and the ip that abear is the wan ip 10.232.x.x but i can't ping that ip beside i can ping the internal ip of the router 196.x.x.50does rv042 can support static and virtual ip inside the lan |! can i configure the thomson as pppoe and use one static ip from 196.x.x.x as wan ip for it ... and use anther 196.x.x.x ip for the rv042 to get access from outside and connect the lan to the rv042 with internal ip 192.168.x.x ...so i can access the vpn from outside .....and can connect the device i need to use static ip to the thomson ...
View 0 Replies
View Related
Sep 23, 2011
Firmware v4.0.4.02 has a nasty bug in the VPN section. If you switch to "IP by DNS Resolved" (yes, it says "Resolved" instead of "Resolution". Gotta love all the Engrish in the RV042!), it will automatically populate the field with "@yourdomain.com". This will cause the VPN to not lookup the proper IP address. Simply deleting the atmark after it populates will fix the problem.
Let's see what happens when we validate a Cisco RV042 webpage:
Errors found while checking this document as HTML 4.01 Transitional!
Result: 353 Errors, 1 warning(s)
Don't even get me started on the horrible Javascript...
View 0 Replies
View Related
Apr 24, 2013
i am trying to make a simple Site to SiteVPN between two offices, one has Cisco ASA and one has RV042 router.when traffic initiated from ASA side, i keep getting this message in Debug and tunnel wont come up
.
[IKEv1]: Group = A.A.A.139, IP = A.A.A.139, Queuing KEY-ACQUIRE messages to be processed when P1 SA is complete.Apr 26 00:15:53 [IKEv1 DEBUG]: Pitcher: received a key acquire message, spi 0x0
whereas if traffic initiated from RV042 side, i keep getting this message in debug and tunnel wont come up.
Apr 26 00:43:44 [IKEv1 DEBUG]: IP = RV.RV.RV.139, Oakley proposal is acceptableApr 26 00:43:44 [IKEv1 DEBUG]: IP = RV.RV.RV.139, IKE SA Proposal # 1, Transform # 0 acceptable Matches global IKE entry # 6Apr 26 00:43:44 [IKEv1]: IP = RV.RV.RV.139, Connection landed on tunnel_group RV.RV.RV.139Apr 26 00:43:45 [IKEv1]: IP = RV.RV.RV.139, Connection landed on tunnel_group RV.RV.RV.139Apr 26 00:43:45 [IKEv1]: Group = RV.RV.RV.139, IP = RV.RV.RV.139, Freeing previously allocated memory for authorization-dn-attributesApr 26 00:43:45 [IKEv1]: Group = RV.RV.RV.139, IP = RV.RV.RV.139, PHASE 1 COMPLETEDApr 26 00:43:45 [IKEv1]: IP =RV.RV.RV.139, Keep-alive type for this connection: DPDApr 26 00:43:45 [IKEv1 DEBUG]: Group =
[code].....
View 1 Replies
View Related
Sep 27, 2012
Apparently one of my two ISPs,CenturyLink, supports 6rd connections to IPv6.
This is supported natively on my Q1000 ActionTec modem, however my modem is in "transparent bridging" mode, so that the RV042 v3 can be the only router.
how to configure the RV042 to operate in this manner.
Per the CenturyLink FAQ: the IPv6 address space is:
2602::0 /24
Most importantly, can I do this WITHOUT buying a new modem.
View 2 Replies
View Related
Aug 28, 2011
I have a RV042 router (Ser#: NKS10462300, HW V3) running Firmware version v4.0.2.08-tm (Jan 14 2011 22:08:38) set up as a gateway. Right after it boots I am able to long into its web interface but shortly after that if I try to log into it I go through a very log time out while the web page is waiting the router to respond and then eventually IE comes back and says it 'cannot display the web [age'.
View 30 Replies
View Related
Jan 14, 2013
I have a Cisco RV042 VPN Router and I have added a group vpn, but when I am trying to connect I got an error that the remote vpn server isn't responding.
Here's my log:
2013/01/15 12:24:53 [STATUS]OS Version: Windows 7
2013/01/15 12:24:53 [STATUS]Windows Firewall Domain Profile Settings: ON
2013/01/15 12:24:53 [STATUS]Windows Firewall Private Profile Settings: OFF
2013/01/15 12:24:53 [STATUS]Windows Firewall Private Profile Settings: OFF
2013/01/15 12:24:53 [STATUS]One network interface detected with IP address MY HOME IP
[code]....
If I am trying to connect the status of the vpn user in the remote interface is "online".I have deactived my firewall at home and at the server for testing purposes.
View 2 Replies
View Related
Apr 19, 2012
I am looking to configure RV042 for VPN access to local machines and Win 2008 server. The story: Had issues with remote printers being created for clients logging into old Linksys RV042 with Linksys VPN software. First Tech exposed server without security, and it had to be removed as it was being attacked, but did not fix printing issue. 2nd tech could not get VPN to work after 1st tech. 3rd tech, 4hours, and I got that the router is a piece of ... So I'm out over 1000, and not able to have a simple router set up. The present situation. New RV042 with firmware V4.1.1.01, using Cisco VPN client 5.0.07.0410, most XP 32 bit machines coming into network, one 64 bit win 7. My clients have been unable to access their data for too long.
View 3 Replies
View Related
Feb 6, 2012
Is there any documentation out there on a step-by-step instructions on setting up a vpn on a RV042 router?
View 1 Replies
View Related
Apr 30, 2012
I'm trying to set up 2 subnet with two RV042 routers. One router will act as a gateway and both WAN ports will be used by two different isp connection. The first router (gateway) LAN IP will be 192.168.0.1/24. I would also like to set up another router behind the gateway with with separate subnet 192.168.1.X/24. And I would like clients on the 192.168.1.x subnet to use the internet through the gateway router and clients on the 192.168.0.x subnet to access resources on the 192.168.1.x subnet. Am I able to do this with two RV042?
View 6 Replies
View Related
Sep 2, 2012
The issue is when I am using PPTP the router seems to die, not every time but I would say about once a week now. I am the only PPTP user, simply using RDP. A few hours into an RDP session the PPTP connection drops and cannot be re-established, or quickvpn, nothing. Routing still works (somewhat, high latency) locally.
When I've checked the logs both times I see:
TimeEvent-TypeMessageSep 3 17:07:56 2012KernelOut of memory: Killed process 14354 (pppd). Sep 3 17:07:56 2012KernelOut of Memory: Kill process 14354 (pppd) score 177 and children. Sep 3 17:07:56 2012KernelOut of memory: Killed process 14367 (sh). Sep 3 17:07:56 2012KernelOut of Memory: Kill process 14354 (pppd) score 234 and children. Sep 3 16:46:41 2012KernelOut of memory: Killed process 14330 (pppd). Sep 3 16:46:41 2012KernelOut of Memory: Kill process 14329 (pptpctrl) score 134 and children. Sep 3 16:46:41 2012KernelOut of memory: Killed process 14324 (pppd). Sep 3 16:46:41 2012KernelOut of Memory: Kill process 14324 (pppd) score 177 and children. Sep 3 16:46:40 2012KernelOut of memory: Killed process 14328 (sh). Sep 3 16:46:40 2012KernelOut of Memory: Kill process 14324 (pppd) score 234 and children. Sep 3 15:36:15 2012KernelOut of memory: Killed process 14187 (pppd). Sep 3
[code]....
View 3 Replies
View Related
Nov 11, 2012
I have an RV042 connected via VPN to the office (to a LinkSys DFL-700). Sometimes the VPN is dropped and never activates again. In this state, if I try to connect to the WEB interface, I can log in, but the router hangs at the login screen. I have to power recycle the router to make it work again.
Updated to latest firmware 4.2.1.02 for V3 hardware. The funny thing is that services from the WEB routed through to local IP adresses on the lan is still accessible. I have setup PPPT VPN on the router, and that also fails to work.
Is there, as a workaround, any possibility to access the routers reset page or access via TELNET to reset the router? This migth be useful, when I'm out. (I have a backup solution to access the local network at home).
View 3 Replies
View Related
Jun 29, 2012
I have just purchased the RV042 and while it is working great on WAN1 over Xfinity/Comcast broadband, I'm unable to get it working with my AT&T DSL for WAN2. I am planning on running this in failover mode - not load balancing.
The DSL modem it is connected to is a SpeedStream (hooking up laptop directly works etc. etc.). The SpeedStream is set to PPOE authentication passed in via the computer (in this case the RV042). On the RV042 side, I set it to use PPOE, using the credentials as given my AT&T DSL. The DNS servers are set to the ones recommended
View 4 Replies
View Related
