I have a RVS4000 and I am going to configure vlan in the near future. Among all other configurations sent by the internet provider company is this one :
Firewall NAT :
from x.x.2.0/24 to 0.0.0.0/24 should be NAT
from x.x.2.0/24 to x.x.0.0/21 should not be NAT
From all the other configurations, this one is not clear to me. Can this configuration be done on a RVS4000 and where can it be done.
I have a Cisco RVS400 router at my restaurant. In lan ports 1-3 on the router, I have plugged in my point-of-sale computers.Into LAN port 4 I have plugged my wireless access point that is in my dining room.
The wireless access is there ONLY for the customers to access the internet. I want to make sure the customers cannot access my company data, can this be accomplished through the use of VLANs ? If so, how do I do this? All of my devices are configured for dhcp..if that's relevant.
Ive set up a rvs4000 with two vlans, one as a bussiness network and the other as a guest network. Everything works fine and the networks can not see each other. I would like to add wifi and I would like to do so with keeping both networks separate. I have a used 1130AG access point and was wondering if I could use this single AP for both networks. If so, how would I go about doing so? Is there a better suited AP for my needs?
View 4 Replies View RelatedI bought a RVS4000 Router last week. I configured two VLAN's (beside of the default one), VLAN ID 120 and VLAN ID 130. I configured an IP in the LAN section for both of them (192.168.120.1 and 192.168.130.1).
I then configured port 1-3 to be in VLAN ID 120 (Untagged) and port 4 to be the Trunk (VLAN ID 120 Tagged and VLAN ID 130 Tagged). The port 4 I connected a Cisco SLM224G. There I configured these two VLAN's too, and configured the uplink port as Trunk as well. The two network seem to be properly switched: I have access to 130 Hosts directly on the VLAN ID 130, and the other VLAN ID 120, I have access on all hosts connected to that VLAN ID as well (both, on the switch and the three ports on the router). On Layer 3, the RVS4000 is configured to route between the VLAN's. But I cant ping hosts on the other network! I configured the Router to be the default gateway... I think the source of that problem is the next one:
I can't ping from the Routers Maintainance Page to a host connected on Port 1-3 of the Switch (which is configured as VLAN ID 120 untagged). I reseted the router, and tested this simple use case again: Created two VLAN's, defined Port 2 to be in one of them, setted the IP's properly (192.168.120.1 for the Router on that VLAN), but stil, I cant ping from the Router to Host on that VLAN (Router=>192.168.120.10)! The other way around works (Host=>192.168.120.1)
The Routers Configuration:
WAN: PPPoE (works)
LAN: VLAN ID 1: 192.168.1.1 no DHCP
VLAN ID 120: 192.168.120.1 no DHCP
VLAN ID 130: 192.168.130.1 no DHCP
[code]....
Wiresharks shows me no ARP requests on that interface too... The product seems not to work porperly when I configure a port to be in a VLAN untagged, and try to ping to a host connected to that interface.
I have Firmware 3.1.0.0 (Website says 3.0.5.0 is the newest...?)
I am getting ready to setup an RVS4000 so we can use the VPN functionality of it, but I am not quite sure of the correct way to integrate it into our network though. I do not need site to site, just the client portion of it for a few salesmen/off site people to use. I have never used or setup a VPN before, so I'm learning everything as I go along.
We are in the middle of switching our ISP and I am waiting to set this up until the new service is live so I can test it prior to moving the rest of the company to the new ISP.
We are switching to Comcast, and will have 5 static IP's available to use. Currently, the firewall does all our NAT and is the forward facing device on our network. I would like to leave the firewall in place (although I am setting up a new firewall for the new internet connection) and have th RVS 4000 sit behind it and receive VPN traffic from a WAN to LAN rule We currently have a 192.168.100.0/24 network.
Do I need to setup another /24 network for the VPN to function behind (and still have access to the 100.X network), or is there a way to allow everyone who connects to receive a 100.X ip address from our DHCP server. I'm not sure how to set everything up with the WAN/LAN connections on the RVS4000 to acheive this.
We are running a domain on a 2008R2 server. The clients will be using laptops that are already part of the domain, if that will make a difference.
Is there any way to granularly allow hosts from one vlan to be able to access another vlan with Inter-VLAN routing DISABLED?Can the use of an ACL override the setting?In general I don't want any traffic between VLAN's but there are 2 hosts on one VLAN that I would want to allow access to a server on another VLAN.
View 1 Replies View RelatedI just purchased a RVS4000 after chatting with a Cisco rep. I want to set up a router at my office (RVS4000) that I can connect to from virtually anywhere with my iPad, log into a server on my network and run a Remote Desktop service. The Cisco rep. told me that the RVS4000 was exactly what I needed. So here is what I've done so far:
iPad(192.168.2.67)-->192.168.2.1(wirless router)-->Internet-->RVS4000-->(192.168.1.1)-->\Server(192.168.1.33)
On the RSV4000 VPN tab IPSec VPN:
Tunnel name: Office
Local Security Type: IP only
[Code].....
I have an RVS4000 version 1 with firmware 1.3.3.5. I have two VLAN's setup:
VLAN1 - 192.168.1.0/255.255.255.0
VLAN10 - 192.168.10.0/255.255.255.0
Ports 1 through 3 are configured for VLAN1 and right now I have one PC connected directly to port 1 and nothing connected to ports 2 or 3. Port 4 is configured for VLAN10 with a managed switch (also configured on VLAN10) connected to it. There are 4 wireless access points connected to the switch.
On the Setup->Advanced Routing page of the RVS4000 I have the Inter-VLAN Routing option set to Disabled. Yet when I connect to one of the wireless access points and receive a 192.168.10.x address, I can ping the PC connected to port 1 which has a 192.168.1.x address.
Also, I would like VLAN10 to not have access to the Management GUI on the RVS4000.
There are 5 VLAN's and all can communicate through all the different subnets, but VLAN5 can not communicate to the RVS 4000.
VLAN Smart Port set to switch and router - this is not working What Smart Port configuration should be set up to talk to the LAN port on a RVS4000?
VPN is set up and connected, but when trying to connect to the client can not connect to remote networks.
I have a home network with an Actiontec Q1000 providing me 20 meg down and 5 meg up speeds. The DSL modem supports DHCP, DMZ, port forwarding, application forwarding, filtering, etc. I have an existing network 192.168.0.x that uses a combination of DHCP and static IP addresses for printers, scanners, and servers.I just purchased a RVS4000 and configured its LAN port to accept a DHCP address. It received the .26 address. I set up application and port forwarding so all VPN traffic goes to this address. I also put the router in the DMZ and turned off all firewalls.On the LAN side of the RVS4000 I use the 192.168.1.x address and have the 4000 provide DHCP addresses. I have a PC connected to the LAN port and it has the address of 1.100. I am able to use TeamViewer to connect to this through the internet and I can also access the devices on the Actiontec network from the PC connected to the 4000.I set up the VPN as best I could while going through appendix B of the admin guide. When I am at a remote location and use the QuickVPN client to access the 4000 I get the message, "The remote gateway is not responding. Do you want to wait?'. When I look at the log everything looks good except I get the following error:
[WARNING]Failed to ping remote VPN Router!
I am unable to get a DHCP address for my remote PC and am unable to ping any device on either network. What do I have configured wrong that this is not working?I only purchased this so I can use the VPN. Is the VPN established on the Actiontec LAN or on the RVS4000 LAN side? I am obviously connecting to the 4000 but am just not getting an address so I can not use my home office network for all my communications.
I'm trying to set up a VPN tunnel between a Linux machine and a RVS4000 at a remote site (served via satellite connection). After many efforts, I finally succeeded (based on Openswan). However, while PINGing is OK, big packets (from the RVS4000 LAN to the Linux box) arrive corrupted.
I lowered the WAN MTU, with no success. What finally did the trick is to lower the MTU at the RVS4000 LAN interface. Since this is not possible via the Web I/F, I did it via telnet ("ifconfig eth0 mtu 1400"). However, this change is lost after router reboot. How can I make the LAN MTU setting permanent?
The local router is behind a fiber firewall/router; the rvs4000's ext ip is thus 192.168.1.2, not visible from the net. The firewall/router is a dyn ip, with a dyn dns name mapping to it. The remote (some NetGear thing) is also dyn dns, but it is not behind a firewall.
I want to cook a vpn from the local lan subnet to the remote lan subnet.
It worked fine when both ends were NetGear.
I think it would be ok if somehow I could thell the rvs4000 that the local Security Gateway Type be just FQDN; it can't be IP+FQDN because the remote end doesn't know anything about that kind of thing; it can do IP or FQDN or a couple other confusing things.
How do I submit an RFE (Request For Enhancement) to the Cisco SBR team to encourage them to implement the missing support for VLAN to VLAN firewall rules that was available in the RVS4000 (See [URL]) and that was supposedly added to a beta release of the RV220W firmware (See [URL])?
View 1 Replies View RelatedRVS4000 has default firewall rule from ANY WAN -> to ANY LAN with status Allowed. Should that be denied by default, like in RV042 or RVL200?
View 7 Replies View RelatedThe firewall on my RVS4000 appears to hang when ever I use Netflix. If I disable the firewall and re-enable it it works for a while and then stops again. My IP address is in the Approved Client IP Addresses so it is excluded from the URL filtering and Web reputation rules.
View 5 Replies View RelatedI am trying to access a device behind my firewall that needs to use port 9000. I have completed the single port forwarding page with the exterior and internal port but I cannot access the device from outside the firewall. Yes I did check the "enabled" box
View 8 Replies View RelatedIf I have the IP ACL firewall enabled in my RVS4000 I have trouble connecting to specific websites and also connecting to Apple's update servers. The problem appears to be that the firewall is blocking incoming data to the ephemeral ports even when they are allowed in the firewall rules. I've also tried port forwarding rules but the only thing that resolves the problem is to disable the firewall entirely, which is not the desired resolution. The firmware version is 2.0.27.
View 11 Replies View RelatedI have problem with RVS4000 fw 1.3.3.5. When you switch the status of IPS function (turn on or turn off), firewall rules don´t work from that moment until you restart the router!
View 2 Replies View RelatedI am using an SRP541W router and i am trying to configure 2 vlans, each one to use its own Wan:Here are the dhcprules and vlans:As can be seen, each one has its own wan interface.
Vlans:As can be seen, each vlan is using its own ports and dhcp rule, so, now they should be separate.
Both Wans are connected: So now (at least as i see things) the two vlans are separate and using different Wan. But the reality is different, everything is going out using Wan1.Also in the Interface Info you can see that the 2 vlans are listed under the Wan1.
The rest of router setting are default.
I have a dell powerconnect 2848 switch and setting up a vlan 3 an make port 1 mngt, port 48 uplink to layer 3 switch and tag vlan 1 and 3 to port 48 with cli commands for this setup. and also to untag ports 2-10 for computers
View 1 Replies View RelatedI have a Cisco RV180-K9-NA router. I would like to set up 2 separate VLAN assigned to different ports on the router. I will be using LAN port #1 to communicate with the router. The NIC connecting the PC to the router has multiple IP addresses assigned to it so that I can communicate with the separate VPNs (192.168.1.x for the router; 172.16.10.x for VLAN #1 on port 2; and 182.16.10.x for VLAN #2 on port 3). I also need to be able to have the router provide both IPv4 and IPv6 DHCP services for devices on each subnet.
View 3 Replies View RelatedI have a Dell switch setup with 2 Vlan's. Vlan 1 is to the network. Vlan 20 is going to be for wireless access to the internet. How do I configure the switch/router so that Vlan 20 only connects to the internet and not the network? I will later want to have a 2nd SSID that I want to connect to both the internet and network.
View 5 Replies View Relatedi'm using an rv220W and i whant to know if is it possible to assign vpn traffic to a vlan when i setup an ipsec tunnel?
example:
Im using different vlans on my rv220W.
Vlan 10: engineers (ex: 192.168.1.0/27) no intervlan routing
Vlan20: sales (ex: 10.0.123.0/24) no intervlan routing
This is what i need: - An engineer is on the road and when he makes a ipsec vpn connection => assignd to the vlan "engineers" so he can access the server/pc's in that vlan.and when someone from the sales group starts a vpn connection he needs to be in the vlan "sales" so he can access his pc/data,...
I'm trying to connect through a VPN to RVS4000 router that I have VLAN'ed into two seperate networks 192.168.1.x (default) and 192.168.77.x. When i connect with the QuickVPN Client, I have no problems seeing devices on the 192.168.1.x network but i can't see the 192.168.77.x devices; so i'm assuming that the QuickVPN client software puts me on the default network and not the "77" network. Thing is, i only want to VPN into the "77" network and not the 192.168.1.x network.
Will QuickVPN allow me to do this? If not how do I VPN into the 192.168.77.x network?
I have an RVS4000 setup with a VLAN to a wireless "guest" network, guest network is 192.168.1.x, internal network is 10.0.0.x both have Internet access, and cannot see each other, exactly what I wanted. The only problem is that either from the internal network or the guest network I can no longer access the Remote Web Workplace - [URL] or Outlook Web Access [URL] fails with page not found. Internally I can access via \server emote and \serverexchange but of course this does not work for the guest network. We have Small Business Server 2003. External access if fine.
View 0 Replies View RelatedI have a side client who's recently upgraded their internet service from a single T1 to a 100mb fiber line. TW Telecom brought the fiber line into their building and run it through a Cisco 3400 which hands it off to TW Telecom's Adtran 4430. If I take my laptop and assign it the appropriate IP and subnet and plug straight into the Adtran I get close to full speeds so I can rule out the ISP (I think).
It comes out of the Adtran to a Cisco RVS4000 setup as a gateway and then feeds off to a Cisco SG200-50 and Cisco 248G switches. Anything from the RVS4000 and beyond on the customer side will only receive a quarter of the speeds I get if I plug straight to the Adtran. I talked to the tech from TW Telecom and they have confirmed the Adtran is hard coded for 1GB Full Duplex speeds so I'm going to assume the RVS4000 needs to match that. I'm not 100% sure on how to make sure the RVS4000 is set to that. In the Admin GUI for the RVS I've gone under the L2 Switch Port Settings and set them to match the Adtran but it makes no difference.
I'm getting some sort of port duplex conflict and need to figure out where to make adjustments.
I am trying to set up a Vlan on an SF-302-08 small business switch. I would like two Vlans both with internet access but the two cannot communicate with each other. I am not really sure how to go about setting this up as its all fairly new to me. I have successfully set up the Vlans and the ports on each VLAN cannot communicate with each other however the internet access will only work when plugged into either VLAN but wont work on both together
View 1 Replies View RelatedI have succesfully config an IPSec VPN Tunnel by using a Router Scientific Atlanta Cisco 2320 and a RVS4000 4-Port Gigabit Security Router with VPN.On the site of Router Scientific Atlanta Cisco 2320 this is some info: [code] On the site of RVS4000 4-Port Gigabit Security Router with VPN this is some info: [code] Remember that you can not be on the same range of IP, I mean, you can not have 192.168.0.X if the remote network is on 192.168.0.X, you have to change some of the Routers.I show the configuration on Router Scientific Atlanta Cisco 2320: I show the configuration on RVS4000 4-Port Gigabit Security Router with VPN:If all is correctly configured, you should see on Router Scientific Atlanta Cisco 2320 the Status Connected:
If all is correctly configured, you should see on RVS4000 4-Port Gigabit Security Router with VPN the Status Up.As you can see, I'm connected to the remote Router (RVS4000 4-Port Gigabit Security Router with VPN) by my own web browser accesing by the local IP 192.168.0.10.I have used Authentication MD5, maybe is not the best one but I had no time to test SHA1, I will when I will have time.
I have 2 internet connections in my office one via Verizon Fios and another one via the local cable company. On the fios connection I have an RV042 VPN router and on the Cable company connection I have an rvs4000 router, I would like to know if there is a way I can connect the 2 so I can share a printer I have on one of the 2 networks from the other network without using the VPN feature, like via an ethernet cable connected between the 2 and some kind of static route maybe?
View 6 Replies View RelatedWe share a common fibre connection to the internet. In the basement we have a modem/router(zyxel) which is in "bridge mode". Therefore not acting as DHCP.Behind this zyxel we have a Cisco RVS4000 router. Ports 1 and 2 go to family A, and Ports 3 and 4 go to family B.Family A and B have separate routers which are both set to "access point mode". Family A has an ASUS RT-N66U router while family B has a dlink DIR-615. The asus has an "access point mode" while the dlink needs to be set up manually to achieve this. The dlink must also have a static IP adress. The asus can receive ip adress.
View 1 Replies View RelatedMy operations manager says "Could you go on-site and configure a new clients new internet connection?" I make the arrangements and go on-site. As I'm working with the providers tech he says "Do you have a sub-interface confgured for a dot1q VLAN id of 1057?", I say "What?". Anyway my firewall is not capable of dot1q VLAN, so he says "Do you have a Cisco router that can provide the trunking?", I say "Yes, I tink so but not with me". The question is can I use an SR520 between my firewall and the provider demarc to route the VLAN he is talking about? My initial discovery says yes but I am not quite sure of the details on how to achieve this on the SR520.
View 2 Replies View RelatedI am a novice with networks but do have a fair understanding of networks. I have a small business network, utilizing a RVS4000 router (Firmware V2.0.27)I am attempting to set up firewall rules to block certain web sites at certain times.I have successfully set up rules using source and destination ranges, to deny service 24 hours a day everyday.
However and here is the problem when I attempt to edit any of the rules (I want to change the time to certain hours of the day) it allows me to edit the rule but when I attempt to save I get an error message up saying there are invalid characters and it will not save the changes?create the whole thing with the changes I want it works fine, is this a known bug?
Trying to get a service setup with a third party to access our system (ERP web service to access our ERP data, making data available to customers and vendors via internet). They require that I setup four external IP addresses to have access through the firewall. I haven't figured out how to do this. I'm using a Linksys WRV200 router.
View 1 Replies View Related