Cisco Routers :: RVS-4000 Internet Access Policy Does Not Block Listed Domains
Oct 3, 2011
We have an RVS-4000 router that we use as an Internet gateway on our school network. I am trying to set up an Internet Access Policy to block some specific websites by URL using a domain name. I set up the policy, and added a PC to the list using the mac address, and the blocking did not work. I went back to the list and added the IP address of the same PC, the policy still did not work to block the domain. I rebooted the router, cleared the Internet Temporary files and history on the PC, and the policy still does not work. It acts like it is going to block access to the website because it takes a long time, but it will eventually connect.
I have an RVS 4000. I have several PC's to which I have assigned static IP addresses. I have recently upgraded most of the PC's to Win 7 (64) machines. I updated the firmware on the RVS4000 to 1.3.3.5 in conjunction with this. After such update (and actually before as well) I could not assign a static IP address to a PC and have access to the internet. It connects fine to my LAN, just no internet access. This is also affected on several other machines running Win XP and Win 2003 Server, so it's not just this computer.
I have:
1. Shut down (powered off/unplugged) everything, router, DSL modem, switches, server, etc.
2. As I said firmware is current.
3. Yes, DNS servers and gateway, subnet, etc. are all correctly specified on the PC.
4. Router is set for gateway mode.
5. Set to only IPV4.
The only way it allows internet access is to use DHCP. I've even tried taking the IP address via DHCP and manually assigning the DNS servers and that works fine, but as soon as I assign a static IP internet access is immediately gone.
There must be something I'm missing, but I can't seem to find it.
Everything worked fine prior to the conversion of the Win 7 machines, i.e. I had several PC's with static IP's and no problems.
On E4200 Firmware Version: 1.0.03, I managed to successfully set up "Internet Access Policy" (not the "Parental Controls") to set up the times when internet access is disabled for various IPs on my network.
But I could't setup a policy to block facebook.com. What I am doing wrong? See the attached screen shot. I did click the "Edit List" and apply this polity to the IP Address Range 192.168.1.2 to 192.168.1.254.
Would there be some reason why I cannot change the Access Restriction to Allow? I also can't add anything into the Website Blocking by URL Address or the Website Blocking by Keyword. I can't type anything in the fields. I've tried rebooting, other browsers and even other computers but nothing seems to work.
I am trying to create an IAP for a single computer based on it's MAC address. I want to block certain keywords and websites 24/7. When I setup the IAP as number 1, I add the MAC address of the computer in question. I then Select Allow and choose Everyday and 24 Hours. I type in the forbidden domains and click add after each one. I type in the keywords and click add after each one. After I click on Save, all of my computers on the network lose internet access.
I have WRVS4400N VPN Version 2, firmware version 2.0.2.1
I have an RV110W running firmware version 1.0.1.6 and I am trying to figure out how to enable website blocking in the Internet Access Policy screen. The Add Row button is grayed out in that section, as are the associated checkboxes.
Is there something else one needs to do to enable this feature?
If I set a name etc. at the top, and click save, it tells me "You must at least set a website blocking or PCs rule," so it is not the case that one has to save some information before continuing!
How do I block specific domains (pandora.com, etc.) in the Sonicwall? It seems like this would happen in the CFS but do I need a subscription for this? I don't want to subscribe to Sonicwall's filtering list, I just want to block a couple specific domains.
Is there any way to block access to the router logon page from the wan? By simply going to the router's external WAN IP, the cisco logon screen shows up? I really think this not that safe and want to block it from showing up. I have looked at all the settings and don't seem to be able to find something that will keep that from happening.
I'm having some issues trying to reserv an IP from my D-link DIR-825 router.I have set up a static IP on my computer: 192.167.0.10. But if i view the clients on my network that ip doesn't show up!
I am interested in knowing how to check on my 2003 Server what usernames are blocked from downloading. Many of the clients seemed to have downloaded Google Talk and also Spotify. I was wondering if I can check -where it is located and how to enforce this policy. (or create it if it isn't in effect correctly)
I am trying to block certain domain, i used "domain" and "domain.com" in the forbidden domains , but when people access the website as https://domain.com the website loads perfect. Http is block however. I tried to block "https://domain.com", but that didn't work.
System Information Firmware Version:V2.0.2.7CPU:STAR 9202 Router is operated 2y. No problems till now.There is sometimes abnormal lost of Internet connection, detected by LAN devices. I found it 3 days ago. This dysfunction is occasional 2-5 per day in occasional time.Nothing was changed/upgraded/updated in my WAN cable router or LAN or in the Cisco router. Nothing was changed on computers site (OS,LAN cards, drivers, ...). Just the problem is discovered on the router side.LAN operatation is correct, no problems was founded. Just the devices on LAN lose the internet connection (Win7, Lnx, Mac).
This is status of my WAN - does not matter if the internet connection was lost or not. It is still same:
STATUS-WAN/Gateway Interface: UP IP Address is assigned (checked by provider - correct) Default Gateway and DNSs are assigned too(checked by provider- correct)
What was checked by me:
1. A. I disconnected the cable router from Cable modem
B. I connected the Cable router directly to laptop. Internet connection was right.
2. I called to my Cable provider to check my connection:
- with direct laptop connection to Cable router - Right
- with Cisco router connected to Cable router - Right, but no Internet connection on LAN side behind the Cisco router
3. Standard procedure was tested:
- Unplugged (electricity & cabling) all devices - Cable modem, Cisco router as well.
- Restart of Cable modem, +30 sec. connection of IP cable to Cisco router, start of Cisco router Still same. No Internet connection.
- SETUP/SUMMARY/Network Settings Status - DHCP Release or DHCP Renew was tryed - Still same.After several minutes - was Internet connection Renewed. Just by itself. how?
I have my RVS-4000 configured using static IP addresses in the LAN configuration. The users use DHCP to get their addresses (for the most part, a couple may have static IPs set on the computer). I have the maximum number of DHCP users set to 1 to restrict the ability of people to log in to the system. That one address is locked down.
The internal address of the router is set to 182.168.2.1. It doesn't conflict with anything on my network. I have 35 static IPs. About half of them are uing IP Based ACL to limit their access time but that doesn't seem to bear any relationship to what drops off.
Almost daily one or more of the users will lose their IP address and a hard reset of the router is required. The user this happens to seems random and it may be more than one but seldom all of them. The network includes Windows7 (Home & Pro), a FreeNAS, Macs (Leopard and Snow Leopard), iPad, iPods, an iPhone and an AirPort Extreme used as a WAP (DHCP is disabled). The AirPort is plugged directly into the router and has a staic ip on the RVS-4000 but is set to DHCP. It seems to be the most common problem child.
I attempted to load RVS4000_WRVS4400N_IPS_Signature_v1.50.zip and received an error message "Signature file is not the correct type of version for this device". I have firmware version 1.3.3.5, and and current IPS version 1.42. why IPS v1.5 is rejected?
I'am using a modem/router to conncet my lan to internet. unfortunetly it is impossible to switch off the router of my modem. So i connect my RVS 4000 on the modem/router and i assign it static ip 192.168.1.10 as my modem has 192.168.1.1. i disable the DHCP function on my RVS 4000. I m still using it because of its gigabit ethernet capability.
My problem is i am unable to connect to my RVS from the outside. inside the LAN no problem I just use its STATIC IP. I have a NAS on this LAN. I write a NAT/PAT rule in my modem/router to route HTTP and FTP and the port for the interface to my NAS. It's just working smoothly. But not for my RVS. I have checked the remote management and translate the traffic incoming on this port to the same port on the 192.168.1.10.Unsuccessfull !!. ok that can't be considered as external traffic.so I disable remote management and all the protection firewall, DOS,BLOCK WAN REQUEST. I route the HTTP port 80 to port 80 192.168.1.10. I try to connect to /home.htm....unsuccessful !!
RVS 4000 v1.3.2.0 - Linksys by Cisco version SG200-26 AP541N [WAP]
All devices have the latest version of firmware.Users only connect laptops via wireless, they are a mix of MAC and Windows users, devices such as printers and network storage are all wired connections.The RVS 4000 would drop the internal Lan after several hours or sometimes days, there would be no reason to the periodicity it would retain and then drop the LAN. By dropping the Lan I mean:
Internet Access would cease, devices such as laptops would lose their wireless connection, a laptop requesting an IP address would be ignored. Effectively we were down.Connecting a laptop to the network via a cable connection would eventually get an IP address but all other wired devices such as the NAS Storage and printers would be unreachable and require powering off and on to get an IP.
A reboot of the RVS 4000 by powering off the router would have to happen to restore the LAN quickly. I followed advice on the Internet and this forum by upgrading the firmware and resetting to factory defaults and then reloading the configuration.The only change that seemed to make any sort of differnece was connecting the AP541N directly to the RVS 4000 rather than the SG200-26. Throughput increased and the period between LAN drops extended but the RVS 4000 would ciontinue dropping the LAN eventually.
When it dropped the LAN during a work day, that was it!I read a lot of negative feedback on the version of RVS 4000 firmware and as the version 2.0 will not install I purchased the Cisco version of the RVS 4000 v 2.0.0.3.
The new RVS 4000 also drops the LAN! The period between drops is much longer, but it still drops the Lan.Ventilation is good and it is sitting on its edge using the platsic feet that come in the package.The AP541N is still directly connected to the RVS 4000 rather than the SG200-26.how to fix the RVS 4000 or an alternative... I would like to stay with Cisco, an alternative, if the RVS 4000 is unfixable should have a browser based admin facility!
After configuring the router and enabling a load of functions to secure our LAN, the download speed halved! Even disabling AcitveX "eats" 10Mbs! I understand that enabling IPsec will drag the speed down to 25Mbps, but I have disabled this.
Even setting the QoS to speeds equal or higher then the ISP's promissises drags the speed down!
This type of issue has been posted time and time again by others. In this particular instance the ability to deny and allow access based on a time and day for one or more MAC id or IP address or range of addresses does not work. Because the code is so "weak" that it cannot handle a policy which passes the midnight threshold into the morning (the test is actually commented out in the code), one is forced to write one, perhaps two inverse permit rule(s). In this case, it cannot be done because the "allow" radio button is stippled out.
Some simple digging reveals that the file AccessRes.htm gets to the browser with the "allow" radio button stippled out because the token "disabled" appears in the generated html.
I have several of these devices. They are all new V2 units. They all have the latest version of the firmware and they are all broken the same way. This behavior is the same on various flavors of browser. As an experiment, based on SOP responses I've read, I downloaded and flashed with the latest firmware (same version as delivered), and then performed the factory reset. No change. It's broken.
Internet policy access on my Linksys E3000. I am trying to block facebook.com to a particular ip address in my office. This what I did. Logged in to control panel clicked on access restriction. Clicked on add. Gave it a name. Clicked the applies to drop down box and selected by ip address. Unchecked the block all internet access. Typed facebook down in the window below. Saved.Not blocking access.
The Internet Access Policy feature of my WRT610N router doesn't appear to work, at all, zip, nothing, nada. I have setup the feature todeny access to one of my laptops for everyday 24 hours a day, but it can still use the net...
When i try to active the Internet Access Police with Website Blocking by Keyword, the router WRVS4400N block any access to internet, the Access Restriction by time is disable. How i can active this feature without restrict all the access?
My RVS 4000 v1 router firmware version 1.3.0.5 has been intermittently going off-line ... a reset of the power resolves the issue temporarly. My plan was to update the firmware but I haven't been able to download an uncorrupted version of the firmware file on the Cisco support site. The file downloads as a zip file but the winzip program says that the file is not in a valid zip format and cannot open it.
I just bought a factory refurbished E1200. The label on the bottom says it is a Version 2 model. When I purchased it, it was loaded with 2.0.02 firmware but I upgraded the firmware to 2.0.04.My problem is that I'm trying to setup MAC address-based restrictions thru the manual/web-based setup and when I click on the "Access Restrictions" tab, I only have simple "Parental Controls" and not the advanced "Internet Access Policy".Is it possible that I have a mislabeled V1 device? If that is the case, how is it that I was able to upgrade the firmware using firmware from the V2 downloads section.
Do V! and V2 units use the same firmware but more importantly, how do I upgrade the built-in software so that I have the advanced "Internet Access Policy" controls?
I have WRT150N, with firmware version 1.01.9 and I can not get the internet access policy to work.Here are my settings: PC list is configured through IP range as follows:Even if I deny internet access completely, I can still access the internet.