Cisco Switching/Routing :: Rv042 - Firewall Setup On Vpn?
May 3, 2012
I have the rv042 vpn router which is the main gateway for our internet, connected to the vpn is one server for a software and then another computer is connected for a web server software, well i need to get these setup like so
Setup firewall rules that will block all inbound Internet access to the web server except port 443Setup firewall rules that will block all communication between the two internal networks, except ports 7000 and 1702These must be on two different internal networks
View 2 Replies
ADVERTISEMENT
Dec 10, 2011
I have a Cisco RV042 Wired Router. I've got a static IP and a MS Small Business Server in my Router Network. I have forwarded the essential ports to use the IIS and the Exchange Server of my SBS2011 (HTTPS, HTTP, smtp, rpc). I have also created some access rules for these ports, but I don't have any access on my server services, if the firewall is activated.
Here are my Firewall Access Rules from the RV042 Web Interface:
View 16 Replies
View Related
May 26, 2013
We have a setup of a firewall in between my Cisco 1841 router and Switch.
Cisco Router --> Meraki Firewall--> Switch
Client VPN is configured on the Meraki Firewall but then for the outside users to client vpn in to the network, I have to port forward or open the ports 500 and 4500 to the IP address of the Meraki Firewall 192.168.1.90. [code]
View 4 Replies
View Related
Aug 6, 2012
I have 2 networks.
NETWORK 1:EOC connection fro ISP going into a router (not the RV042) with a static WAN address from ISP. This router is hooked up to a switch that all the computers are connected to. All the computers on this network are using 192.168.1.x addresses. Most of these addresses are static, but the router is running DHCP in case we hook up temporary computers like laptops or client machines to this network.
NETWORK 2:DSL connection going into a router (not the RV042) with a static block of IPs from ISP. (8 IPs, 5 usable for the WAN interface, 1 static IP is being used for WAN interface). This router has a VPN connection set up for remote access to the linux machines on this network. This router is running DHCP on the LAN interface for this network with addresses 172.16.1.x. All the computers on this network are tied together with another switch, completely seperate from the 192.168.1.x network switch.
PROBLEM:We needed computers on the 192 network to be able to access computers on the 172 network. Someone decided to just run a cat 5 cable from the 192 switch to the 172 switch (not the routers, the switches). This "worked" - badly. Appearently there is a DHCP conflict (or something else going on) that was causing the router on the 172 network to try and assign addresses to the 192 network computers, and it was also "resetting" a connection about once an hour. This crashed our server on the 192 network. I disconnected that cat 5 cable between the two siwtches, and now each of the two networks are working properly, but they are now completely isolated from one another.
I need to create a bridge between the 2 networks so that machines on the 192 network can access machines on the 172 network while filtering out DHCP broadcasts from either network router to the other network. (I may need to filter out other protocols as well, but don't know yet.)So, I see 3 potential ways of doing this but don't know if they will work:
1) Can I just set up multiple subnets on the LAN interface of the RV042 and just run 2 cat5 cables from each switch on the two networks to the LAN ports of the RV042?
1a) If I do set up multiple subnets on the LAN interface of the RV042, do I need to assign the two ports to different VLANs? (I don't see any way to set each port to a specific IP address.)
2) Can I set up the 2 WAN ports on the RV042, one static for each network, and will the RV042 route traffic from 1 WAN port to the second WAN port?
3) Is there some other way I should consider setting this up?
Finally, someone mentioned that once I get the RV042 set up correctly as a bridge, I will need to route 172 addresses on the 192 network to the 192 interface of the RV042 via the DHCP router on the 192 network, and conversely, I will need to route 192 addresses on the 172 network from the DHCP router to the 172 IP interface of the RV042. I think this will be easy enough to set up in each of the DHCP routers...
View 3 Replies
View Related
Mar 3, 2013
i am currently using 2 DSL WIFI modem and wants to combine them to my RV042 dual wan router but as i set them up using WAN1 and Wan2 as "Obtain IP Automatically" there is no internet connection?
View 2 Replies
View Related
Sep 1, 2011
I have a RV042 Dual WAN router. What I would like to be able to do is to direct a computer on my network to access one particular WAN. For example, WAN1 is a DSL line and WAN2 is a cable line. I would like to direct a computer on our LAN to access the cable line always, even though I have Smart Link Backup set to WAN1. Is this possible?
View 6 Replies
View Related
Nov 2, 2011
How do you setup a Clint VPN on a RV042
View 1 Replies
View Related
Oct 24, 2011
I'm a bit new at this and I wanted to know if this is possible with the RV042 or if there's a better product to use. Our server is at located at location A and locations B and C telnet to the server via a VPN. We're looking at getting another ISP at each location as a backup and abandon older modem backups.
Would I setup a VPN tunnel between (A and B) and (A and C) for each ISP? Also I had a question on local IP addresses and if this would work
location A, ISP 1 -> location B, ISP1
local IP 192.168.1.1 remote IP 192.168.2.1
Public IP aa.aa.aa.aa Public IP bb.bb.bb.bb
[ code]....
View 2 Replies
View Related
Nov 10, 2011
I am trying to configure a Linksys RV042 VPN router as a simple router. I want to connect it to one of the ports from a CiscoASA5505 router because I need to connect 4 additional PC's and the ASA is out of available ports.I am trying to connect it through an ethernet port from my laptop.At first I configured the TCP/IP settings as getting the IP and DNS's automatically and but I was able to enter the setup by entering the default IP address (192.168.1.1).After 10 minutes it got disconnected and could not connect again.I get Status: Limited or no connectivity.If I try to type the IP address manually (192.168.1.1) I can ping the router successfully but the setup webpage never opens.what I need to do in order to access the setup webpage when I connect the router directly to my laptop?
View 10 Replies
View Related
May 19, 2012
We have 36 cctv cameras slowing down our oracle network pc's all in same subnet. I want to remove the dvr's of cctv to a separate network to improve performance. How to accomplish that with a Rv042 linksys router? Or is there any other better way around. 5 Users access the cctv cameras all the time.
View 2 Replies
View Related
Apr 7, 2013
I am trying to setup the following. We have an RV042 Router and are using it as our gateway at the office. In the office we are using a Windows Domain abc.lan with DHCP of 10.0.0 - 10.0.0.254. The Router/Gateway is setup with a Static IP of 10.0.0.100.A couple of our office employees would like to work from home via VPN using their laptops. With the many options available for this router, I am not clear as to which options and what settings I should set.
View 2 Replies
View Related
Oct 13, 2012
I need DHCP Option 66 to be enabled my small business RV042 router, so the IP phones could know where is the TFTP server.
View 1 Replies
View Related
Apr 5, 2013
We are currently running Windows 2003 Domain in our network with DHCP turned on the Server. We have turned off the DHCP on the Router. We are using RV042 as out Gateway to the internet and everything is working fine. We would like to allow a couple of our users to be able to VPN into the network so that they can use Outlook and be able to access their files on the Shared Folder. The users would be using their laptops from their homes to connect via VPN using the standard Windows 7 VPN connection.
In the RV042 Interface there are many options and I am not sure I understand which setting would allow them to connect successfully to the network, be authenicated as a domain user.
View 1 Replies
View Related
Sep 1, 2011
I am trying to set up my rv042 to use the ddns service. The rv042 is directly connected to the ISP provided modem on WAN port 1. The problem is that instead of seeing the internet IP the rv042 is using the ISP sub net assigned IP.
LAN IP : 192.168.1.1 WAN1 IP : 192.168.12.9 WAN2 IP : 0.0.0.0 Mode : Gateway DNS (WAN1) :DNS (WAN2) : 192.168.12.1 DDNS(WAN1 | WAN2) : Off | Off DMZ Host : Disabled
View 1 Replies
View Related
May 21, 2013
I have a Cisco SG 300-20 as the core switch, layer 3. It is 192.168.4.6 on VLAN1 and 192.168.5.1 for VLAN2 (VOIP). All the ports are set in trunk mode. DHCP relay is setup on this switch.
The phones connected into a layer 2, Catalyst 2960-S switch. All ports are set in trunk mode. Default gateway on it is set to 192.168.5.1.
DHCP for both VLANs is provided by a Windows Server 2008 R2 server (the relay IP 192.168.4.15).
There is also an ASA 5510 in the mix which is 192.168.4.1. It has a route added to it for the 192.168.5.0 network to go to the SG 300 (192.168.5.1).
Just the two switches can ping each other on the 192.168.5.x network when I "add vlan 2" to the trunk port that is connected between the SG 300 and the 2960. The phones don't get DHCP on the 2960 switch. And I cannot ping 192.168.5.x from the ASA or anything else on the 192.168.4.x network.
After a bit of reading on intra-vlan routing for the SG 300 switch, I am thinking the SG 300 has to be the "center" of things so I need to make it 192.168.4.1 to be the gateway for both VLANs and change the ASA to 192.168.4.2 for VLAN1, etc. And I really can't do asymmetric routing with this switch.
View 1 Replies
View Related
Jan 19, 2013
I have a power conncet 6224 with routing enabled with several VLANs setup.VLAN Database: 6,8,10,90-254VLAN 6 is our management vlan10 is for our core network services (DNS, Domain, Exchange etc)90-254 are isolated vlans.What I need to accomplish is to prevent vlans 90-254 from communicating with each other and only allow communication to VLAN 10 and the internet. All internet firewall work will be handled by our Sonicwall. [code]
View 1 Replies
View Related
Jul 12, 2009
I am trying to setup a VPN using an RV042 (fw ver: 1.3.12.6) to access a VISTA computer over the internet using a laptop using QVPN's latest version. I finally got it to connect but then hang's with error " Gateway is not responding, do you want to wait?". If I say yes it go through the login again and hangs. If I say no, it hangsup. I've tried a couple different ideas using tunnelling and static IPs in the router but nothing. All I want is to be able to access one computer through the RV042 over the internet from any other computer using the QVPN.
View 6 Replies
View Related
Nov 19, 2011
I have 2 VLANs set up and I know they are set as default to not allow one to communicate to the other. Is there a way to set a rule to allow that? I'd like VLAN1 to be able to access VLAN2, but not the other way around.
View 1 Replies
View Related
May 14, 2013
I'm trying to set up per vlan routing on a 3560G switch but it's not performing as I would expect. I've got a server on the 109 vlan with a 10.1.9.100 address and a default gateway of 10.1.9.1 this address is an HSRP gateway and currently resides on 10.1.9.7. When I traceroute through to my user PC on the internal network it receives a response from 10.1.9.7 However, it is then denied by an ACL on the internal firewall which has been applied to interface Eth0/0. It should arrive at the firewall on Eth0/2.109 as it has the 10.1.9.4 address.
My goal here is to route traffic on the 101 vlan to a seperate interface on the internal firewall from 109 vlan traffic. I'm either doing something wrong or these routing commands aren't designed to work in the way I'm expecting (I couldn't find any documentation on the ip route command where it is followed by different gateways for different vlans)
interface GigabitEthernet0/12
description Internal-FW Eth0/2
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 109
switchport mode trunk(Code )
View 1 Replies
View Related
Mar 16, 2011
We have a Network set up with a RV042 router. Router is hooked up to Cox Cable and ATT DSL. Currently have 20 computers hooked up to the router all using Static IP addresses. Setup has been in place for over 7 years. I want to set up a Wireless Access point on this network. The problem is, I can't seem to get DHCP to work right even WITHOUT the Wireless Access Point. I have taken one of the computers that works great with a static IP and changed it to be DHCP, I have enabled DHCP on the router and set the from and thru parameters for the IP assignment. The computer will connect and get an IP address and it allows me to see all the INTERNAL servers on the network but going to the Internet is REAL FLAKY. I usually have to refresh 5 or 6 times to get a web page and sometimes even that don't work. If I do get a page to come up there is about a 10% chance that it will bring up a subpage of that page without doing a refresh 5 or 6 times. Its like it won't hold the connection to the Internet. I did notice one thing different in the User Manual of the RV042 that is different than all the other Linksys routers I have worked with. It says that when you enable the DHCP on the router, you then make sure ALL computers hooked to it are set for DHCP. All other routers I have worked with do NOT use that word ALL. Am I missing some setting or is this a binding thing where you are either ALL static or ALL DHCP?
View 1 Replies
View Related
Nov 24, 2009
I have a RV042 router and we are trying to set-up our OWA for outside access. I can't figure out which ports or which page those ports are on to open them. We are a small company and we do not have IT except for ourselves. The internal network works fine but i can't get the Exchange access from outside.
View 2 Replies
View Related
Jul 24, 2011
I am trying to set up my router to grant http traffic a minimum bandwidth of - for example - 5,000 kBit (if there is any http traffic).
So I set http min. rate to 5,000 while I set nntp min. rate to 1 However, when I run nntp downloads on several connections (e.g. 10) my single http download never goes above 1,000 kBit. Without any other connections I reach 8,000 kBit.
I am using a single 12 MBit line.
View 4 Replies
View Related
Apr 13, 2011
ISP assigned us the following:xxx.yyy.zzz.32/30 as the outside interface network.This means .33 is the next hop, gateway, or default route.This means .34 is the outside interface on the ASA.xxx.yyy.zzz.64/26 as the ip address pool.This means xxx.yyy.zzz.65 to xxx.yyy.zzz.127 is the address pool.xxx.yyy.zzz is identical in all cases.Addresses .35 through .63 are owned by other parties and are not usable to us.The 33-34 setup works using static routing - IPSEC VPN is setup and functioning properly using these addresses.
[ie. Route outside 0.0.0.0 0.0.0.0 xxx.yyy.zzz.33]
After NAT and ACL entries are created to provide altnernate external IP address on the outside interface [ie. static (inside,outside) [external ip] [name] netmask 255.255.255.255 and access-list [name2] extended permit tcp any host [alternate outside ip] eq https], attempting to browse to an internally hosted website from an external IP address results in the following messages in the ASDM log.
6 Apr 14 2011 17:58:51 110003 [redacted external IP Address] 37763 [Internal Website Name] 80 Routing failed to locate next hop for TCP from Outside:[redacted external IP Address]/37763 to Inside:[Internal Website Name]/80
How do I setup routing for this non contiguous address range?
View 4 Replies
View Related
Nov 15, 2011
I've got working PAT, but absolutely not sure how to perform additional task.
ip cef
no ip bootp server
no ipv6 cef
interface FastEthernet8
ip address 192.168.1.141 255.255.255.0
duplex auto
speed auto
[Code] ........
View 22 Replies
View Related
Jun 3, 2013
I have a server behind an rv042 that i would like to block access to on one port from outside in. I have configured the rule as follows:
priority = 1. policy name<name>. enable<checked>. action = deny. service <service to block>. source interface = wan1. sources = any. destination = <public ip address of server>. day <nothing>.
This does not block the intended port from outside. I also changed the destination to be the private ip address and i changed the source interface to LAN and to *. What is the correct syntax to do this?. Port forwarding is enabled. I noticed that there is one entry in the forwarding table for the public ip but it is going to a dead private ip address. Would this have an effect?
View 5 Replies
View Related
Sep 10, 2012
How to setup dynamic dns for Cisco 2621xm ? What IOS support Dynamic Dns?
View 3 Replies
View Related
Nov 6, 2011
I'm new to using Cisco Config Professional Express but a lot of things are just "off" with this utility. But my problem for this post is specifically the 891W's internal access point, or initial access to it.
My situation is that I have some 891W's. It's my first time working with them, as well as with CCP Express (2.5). After isolating the router and my PC to their own network, using the IP my PC got via DHCP frmo the router I opened a web broswer and connected to the router. The initiial configuration wizard came up and I went through the various screens. One of those screens had basic config info for the internal wireless AP which I provided. Somewhere in that screen it asked for a Hostname for the AP, and a password. It doesn't askfor a username though. To ensure I wouldn't run into confision, I made sure to set every password I ever get asked to configure as the same thing so the AP's password was also the same.
However after I finish with the wizard, the java-based CCP Express begins prompting me for first the main router credentials which I provide and it gets the router config, then it prompts mefor the username/password for the Access Point. First of all, the initial config wizard had never asked me for the username for the access point, only the hostname, and the password. I had assumed it was just going to use the main router username, or perhaps a blank username.
In any case, nothing I type ever works. I've used cisco/cisco, or a blank username with my new password, or the same username as the main router with the password ---- nothing. This is now the 4th time I have completely Reset the router to factory defaults and while I am learning the use of CCP Express through repetition, I'd also like to get this thing configured and out the door so my customer can use it.
View 3 Replies
View Related
Apr 19, 2013
How to you setup ip routing on a Nexus 5500 I want to do vlan routing between an Nexus 5500 and Catalyst 3750. Nothing clever just have the 2 switches talk and vlans route between the two.
View 3 Replies
View Related
Feb 9, 2012
I am trying to configure the FE8 (WAN port) to connect to the Internet. We're swtiching ISP'ssoon so this router was set up at my office and has since been deployed at the client site. So far it is just plugged in and powered, with a console cable attached but no LAN cabling since this router will replace an existing one using the same addressing (except the WAN settings of course). So for now I am just focused on working on the WAN side since I have the ISP's cable modem attached . I had intiially used CP Express to config the wan port with an IP and mask and the various port forwarding options I intend to use. Now, connected via console cable, I tried pinging the IP of the wan port, which works. Beyond that, can't ping anyting (8.8.8.8 - a Google IP), also can't resovle any DNS names which makes sense with no apparent connectivity. Likely my config is just imcomplete. Nowhere in sh run do I see a Default Gateway, yet this ISP did specify one so I assume I need to enter it. Not sure what's the right way - I get confusing results on searches telling me either to use ip default-gateway or ip default-network. I want to think that it's as simple as entering in the IP but so far I've learned with the IOS that you never do anythign without knowing all the possible implications, which I don't. Also while I am at it, I don't know what I should have for DNS entries. This router will not be a DNS server for any internal systems that function will be managed by the two Windows 2008 R2 DNS machines. The ISP has also provided two IP's for their DNS servers. I thought it would be a simple matter of just adding two entrires via ip name-server command, which I did. So now I have four entries, first the two internal servers (inaccessible currently due to no LAN cabing to this router), and the two ISP servers. Can't ping those either, but again there's no default gateway.
View 39 Replies
View Related
Jun 13, 2012
How to setup redundancy on a 2800 series Router so that whenever it fails it will be routed through the MPLS router
View 5 Replies
View Related
May 12, 2013
I've been handed a requirement to try and get a multicast server working on my setup. Trouble is, I don't know if I can with the feature set I have on my switches. What is desired is that a multicast server (stand alone, but network connected, obviously) be accessible by everyone on the local network (multiple V LAN's, multiple SVI's) in the building.
All users will be connected to the one switch stack, although some will want to be wireless (which is one of the separate V LAN's) - I don't care if the wireless requirement goes by the wayside - they can sod off. :-) The main purpose will be multicast, high quality video.
I have a single switch stack consisting of two (soon to be 3) WS-C3750X-48P switches running the IP BASE feature set.
Question - can I do this on IP BASE, or do I need to upgrade to IP SERVICES?
If I can do it on IP BASE, does anyone have any links/pointers to setup this properly? Currently installed IOS is 12.2(58)SE2.
View 3 Replies
View Related
May 6, 2013
I have some 3750 switches in a network, where I need to transport a QinQ connection between them.
Switch A <-> Switch B <-> Switch C <-> Switch D.
Need the QinQ from switch A port 11 and to Switch D port 9. Between the switches interfaces are in standard 082.1Q trunk mode. What do I need to configure to make this happened? I need to make sure that the VLANs in and out of these interfaces do not conflict with the rest of the network, as some VLANs will overlap.
View 8 Replies
View Related
Jul 8, 2012
I have a 2600 router and im trying to set it up for SDM. The crypto command is not there. What do i do?
show version
Cisco Internetwork Operating System Software
IOS (tm) C2600 Software (C2600-J1S3-M), Version 12.3(15b), RELEASE SOFTWARE (fc1 )
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Thu 25-Aug-05 13:38 by ssearch
Image text-base: 0x80008098, data-base: 0x81A255C4
[code]....
View 3 Replies
View Related
