Cisco Routers :: RV042G - ProtectLink Enabled To Filter Out Various Categories From Network Traffic
Jun 29, 2012
I have upgraded to the new RV042G to take advantage of the gigabit Ethernet speeds and to prepare for when our ISP upgrades our bandwidth. I currently use the RV042 with Protect Link enabled to filter out various categories from our network traffic. I noticed that this feature is not included with the RV042G.
Is this something Cisco will decide to add back in later? In the meantime, how to block content on the network? The basic URL and keyword filter will not meet our needs, since it is much easier to let a service such as Trend Micro manage what is blocked in the categories they offer.
If you are using load balancing how do you bind i.e. all HTTPS traffic to i.e. wan1. RV042G V2 you can inter 0.0.0.0~0.0.0.0 as Source IP to forward from all IPs, how do you do that with a V3?
RV042G users on the Comcast network, we are looking for beta testers. If you have a RV042G on the Comcast network so we can see if you can be a tester of some new code that Cisco has.
It took me some time to get the load balancing (RV042 V3, v4.0.4.02-tm) working (my provider ist not returning any packets by the gateway ip on a ping). No I am ruinning into a performance issue. After activating PrtotectLink it takes a few hours or one or two days and the RV042 is reacting very slow. I need to reboot the RV042 and everything is ok again for some time ....Deactivating ProtectLink does not work only rebooting speeds the system up again.ProtectLink ist useless this way, anything I can do to get ProtectLink working?
We have successfully activated Protectlink Web but as we have observed that when we try to restart our router, Cisco Protectlink status is active but then when you look on license information on platform the status just states there is "Waiting...."Web Protection no longer working..In order for us to resolve this. We have to restore our router to factory default and then activate Protectlink and set all the settings again..As I have said this only happens when we restart our router?
We have implemented Cisco Protectlink Web Protection on our network.
By choosing the categories that we want to block everything worked well until we have noticed that when users try to browse social networking sites like [URL] this site is blocked but when users type in [URL] users that go directly to facebook.
and also with youtube if they add https:// users can then bypass our network block.
Is this somewhat a bug on the Protectlink Categories blocking?
I am reviewing the Firewall Log's and the block ProtectLink classifications are not matching up to what I have set on the ProtectLink settings.For example the log side says:Oct 21 07:02:08 2011KernelThe URL(facebook.com) you(10.0.5.17) are attempting to access has been identified as Dialers site and has been blocked. But in the ProtectLink side it does not have any hits on the Dialer classification but instead incremented the counter in the Social Networking classification as it should. I was hoping to use the logs to quickly determin which real classification to either turn off for false postivies as I get used to which ones I should turn on and off for our environment.
Just a few weeks ago I purchased a rvs4000 router. On that small business device is a product called protectlink. To get an activation key, you need a registration key first. That is normal in the package. However, my wify like to cleanup up and throws stuff away that she should not do. So, I lost the registration key.
It is impossible to key a new registration key. The webstore does not have them. They are in the package and will not open an other one. Cisco (if you can get passed the ...you don't have a support contract...go away statement) does not even know that they have this product. Registration keys, never heard of it. But you get the normal ... go to the webstore or trendmicro.... And that after the statement, we don't know that product. How do you know that this is a trenmicro piece of software.....
getting a registration key for a cisco small business router rvs4000 to obtain an activation code for the cisco/trensmicro protectlink product.
I have activated Protectlink Web. But today i started to get "router is busy" in all pages, so we restarted the router. That problem was solved but now the the web Protection is no longer working. It says activated but licence status says waiting.
We have just buy a Cisco Small Business Router, model RV082. I need to enable the content filtering, but we just realized that this equipment does not filter HTTPS urls, even with the solution "Cisco ProtectLink Web" the equipment does not filter HTTPS urls.
For example, if I type on my browser just [URL], the access blocked, but if I type HTTPS:[URL], the access is allowed!Is there any way to block urls with HTTPS?
My customer's Protectlink license is set to expire in 2 weeks. I would like to enter the activation code I just obtained, but cannot find the link. When I go to the license page in the router, there is a link to renew, but that just takes me to the website to enter the new key code, then receive an activation code. There is not howver any link to enter the activation code. I assume that once the license actually expires, the activation link will then show up, but there must be a way to get to this page ahead of time.
A client of mine has an RV042 and wanted a trial of the ProtectLink Web content filtering. The trial has expired but the RV042 is still blocking websites such as Facebook. They have requested a user to have access but I can no longer modify the ProtectLink settings.
We have in our business some RV042 with Cisco ProtectLink Webfiltering. Until now we do not had any problem of activate the licence and it works has we axpected.
But the two last time that we went through the install procedure outlined in the ProtectLink Gateway install manual, the both RV042 do not run the service, we do not know why... So we have decide to stop buy and sold them until we find a solution.
The firmware install are the last one.
When I try to activate the product again, it shows as "Already registered". Trend has no idea why it won't work. They said Cisco sold the license, so try their support.
Most of our VPN connections are done with our Cisco 3030 and the internet goes out the ASA. We are able to filter all web traffic by doing a a span port for web traffic.
When we move VPN connections to the ASA we will loose the ability to span web traffic becuase its coming in and going out the same interface on the ASA. We will loose the ability to filter web traffic when this happens.
How we can filter web traffic on VPN connections on the ASA. We are using websense. I know there is some integration that can be done with the ASA and websense but it doesn't have all the capabilities as doing a span port for websense to monitor.
I've got a PIX running 7.2(4) with its outside interface on the Internet. The only thing this PIX is doing is acting as the endpoint for an IPSEC LAN-to-LAN tunnel with an Internet-connected ASA on another network.
I'd like to filter inbound Internet traffic to this PIX so that only the designated ASA can attempt to establish an IPSEC connection -- in other words, I want to prevent any other device on the Internet from even being able to attempt to establish an IPSEC connection to the PIX. As far as I know (and have seen), this can't be done with an access-list on the outside interface, since that access-list doesn't apply to traffic to the PIX itself.
I was looking for a small business router that has VPN support and dual WAN support for load balancing. Upon reading reviews, I think RV042/RV042G is a good choice. Now am thinking if it supports intervlan/ router-on-a-stick configuration?
Is it possible to configure cisco router like C3800 or catalyst switches like C4500 or C2960 to filter traffic based on allowable mac addresses only? I would like only to allow those devices that belongs to the domain, meaning if a user connects a computer or any devices that concerns network which I have not allowed the mac addresses, it will be denied access to the network. However, any of the allowable devices could able to use any port of the switch, meaning I dont want to associate an allowable Mac Address to a physical port on the switch.
I have a site to site VPN setup between a 5510 and 5505. All traffic is sent ovet the VPN from the remote site to the home office. Everything is working fine but the remote site "www" traffic is not going to the Barracuda. ISP -> CISCO ASA -> Barracuda -> Internal Switch.The Barracuda is setup "inline" with the internal network.
We have a lot of IPX traffic flowing through a switched network and we are being asked to filter it from a network standpoint. At one point they were using IPX in their network, but no longer need to, so they still have a lot of machines spewing out IPX traffic. We have removed the IPX routing commands from our distribution switches, (Cisco 6500), but after running a short 10 minute Wireshark capture I'm still getting a good bit of IPX traffic from a lot of different devices.
I have a ASA 5585 and a Nexus 5596, and i need a sugestion to configure this cenário:
My users in the Vlan 10 need access on the network in the Vlan 20, but this traffic must be filtered for firewall. In the firewall a received a trunk port for Nexus 5596, and i created subinterfaces to receive the Vlans for this trunk.
The gateway for my users is the address for the ASA subinterfaces.
What i do to filter the traffic between the Vlans?
We want to filter IP traffic by MAC address on Catalyst 4500. Since we are using bonding (active-backup mode) we need those mac addresses appear on different ports. Below are solutions that we have tried: ACL but it does not work since mac acls only match non ip traffic (We CAN NOT use ip acl). Use a static mac address-table entry to ALLOW specific mac addresses. It does not work either since the same MAC address needs to be seen on a different port. Catalyst 4500 does not support auto-learn option (as e.g. Nexus 5000).
I'm decommissioning my SonicWall PRO 3060 and upgrading to an ASA5550 (we're increasing our WAN link speed to 1Gig and need the 5550). In any case, I want to copy over the configuration from the PRO to the ASA. I have everything documented and I've started doing the changeover, but in looking at some other network diagrams on the net I'm seeing router symbols between the LAN switches and the ASA and I'm beginning to worry that I might need routers to do this which, of course, would increase cost quite a bit.
So my question is this: If I have a core switch carved into multiple VLANs and I connect each VLAN to a port on the ASA, will I be able to route and filter traffic from VLAN to VLAN through the ASA? If so how, in general, is this accomplished (I'm betting ACLs). I think that the ASA will be able to do this easily, but I just want to be sure before I get too far into the configuration of this unit,.
I am having a setup with a 2851 router & websense url filtering server where I need to forward the traffic to websense server for all the internet requests. The http traffic is getting filtered properly, but the https traffic is not getting filtered. The two commands I ahev given for http & http are as follows: ip inspect name test http urlfilter ip inspect name test https.
my router (RV042G V01 Firmware Version : v4.2.1.02 ) get errors I can't understand.Lost connection, can't get a new IP, DNS does not work, total hangup.After a short time / reset everything works fine up to the next error.In the Log I found the following interest entries:undefined Kernel undefined Kernel failed (1).undefined Kernel Message from server.
I purchased RV042G and setup one-to-one NAT problem to several servers. ometimes the NAT servers lost the internet connection. My case as below
ISP provide two set Public IP Address , one modem e.g. set one) 100.100.1.2-6, gateway 100.100.1.1 set two) 200.200.2.2-6, gateway 200.200.2.1
[code]....
All computers and servers (one-to-one NAT) outbound and inbound all work fine. After several hours, only the servers (one-to-one NAT) alert internet connection broken, but the computers (non NAT) still have internet connection.
What's the problem occurs? Why only one-to-one NAT servers lost the connection? and Why only serveral hours later, the server lost the internet connection.
If I changed the WAN setting to same as subnet of the one-to-one NAT, it doesn't occur any problem.
I run my business network on the 192.168.x.x range with a server set as 192.168.2.4 statically. The router is currently connecetd to two DCHP wan connections from my ISP, I'm on a residential consumer plan. It has defaulted to loadblanacing with the second WAN however I want to have the second wan's public IP be used by my server and only the server however I wish for the server to still be on the lan so I can use HYPER-V's brided network connection feature to run VMs on the lan, and I would like their wan connection to be from wan 1... as for the entire lan except the server at 192.168.2.4 Is this possible, I can't seem to get the 1-to-1 NAT to do it?
