Cisco RV215W Administration Manual

Wireless-n vpn firewall

Hide thumbs Also See for RV215W:

Administration manual (149 pages)

Quick start manual (9 pages)

Quick start manual (2 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

page of 140

/ 140
Contents
Table of Contents
Bookmarks

Table of Contents

Quick Links

Download this manual See also: Administration Manual

R E V I E W D R A F T

—

C I S C O C O N F I D E N T I A L

ADMINISTRATION

GUIDE

Cisco Small Business

RV215W Wireless-N VPN Firewall

Table of Contents

Summary of Contents for Cisco RV215W

Page 1 R E V I E W D R A F T — C I S C O C O N F I D E N T I A L ADMINISTRATION GUIDE Cisco Small Business RV215W Wireless-N VPN Firewall...
Page 2: Table Of Contents
Configuring Static IP Configuring PPPoE Configuring PPTP Configuring L2TP Configuring Optional Settings Configuring the LAN Settings Changing the Default Cisco RV215W IP Address Configuring DHCP Configuring VLANs Configuring Static DHCP Viewing DHCP Leased Clients Configuring a DMZ Host Configuring RSTP...
Page 3 Failover and Recovery Chapter 3: Configuring the Wireless Network Wireless Security Wireless Security Tips General Network Security Guidelines Cisco RV215W Wireless Networks Configuring Basic Wireless Settings Editing the Wireless Network Settings Configuring the Security Mode Configuring MAC Filtering Configuring Time of Day Access...
Page 4 Viewing Default Values Configuring Advanced VPN Parameters Managing IKE Policies Managing VPN Policies Adding or Editing IKE Policies Adding or Editing VPN Policies Configuring Certificate Management Configuring VPN Passthrough Chapter 6: Configuring Quality of Service (QoS) Cisco RV110W Administration Guide...
Page 5 Configuring Bandwidth Configuring Bandwidth Priority Configuring QoS Port-Based Settings Configuring CoS Settings Configuring DSCP Settings Chapter 7: Administering Your Cisco RV215W Setting Password Complexity Configuring User Accounts Setting the Session Timeout Value Configuring Simple Network Management (SNMP) Configuring SNMP System Information...
Page 6 Contents Running the Setup Wizard Chapter 8: Viewing the Cisco RV215W Status Viewing the Dashboard Viewing the System Summary Viewing the Wireless Statistics Viewing the VPN Status Viewing the IPSec Connection Status Viewing Logs Viewing Connected Devices Viewing Port Statistics...
Page 7: Configuring The Wan Settings
Draft Version 1—Cisco Confidential Getting Started The Getting Started page displays the most common Cisco RV215W configuration tasks. Use the links on this page to jump to the relevant configuration page. This page appears every time you start the Device Manager. To change this behavior, check Don’t show on start up.
Page 8: Saving Changes
Click to visit Cisco online support forums. Saving Changes When you finish making changes on a configuration page, click Save to save the changes in Flash memory, or click Cancel to undo your changes. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 9 To connect a device (such as a computer) to your wireless network, configure the wireless connection on the device with the wireless security information you configured for the Cisco RV215W by using the Setup Wizard. The following steps are provided as an example; it might be necessary to configure your device differently.
Page 10: Viewing The Dashboard
Firmware Version—Firmware version the device is currently running. • Serial Number—Serial number of the device. Resource Utilization • CPU—CPU utilization. • Memory—Memory utilization. • Current Time—Time of day. • System Up Time—How long the system has been running. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 11 To view the WAN settings, click details. For more information see Configuring the Settings. WAN (Internet) Information • IPv4 Address—IPv4 address of the router WAN port. • IPv6 Address—IPv6 address of the router WAN port, if IPv6 is enabled. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 12: Viewing The System Summary
In some cases, an older language pack may be used with a newer firmware image. The router will check the language pack version to see if it is compatible with the current firmware version. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 13 IP addresses on the . • DNS 1—IP address of the primary DNS server. • DNS 2—IP address of the secondary DNS server. Wireless Summary • SSID 1—Public name of the first wireless network. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 14 The Wireless Statistics page shows wireless statistics for the device radio. To view wireless statistics, choose Status > Wireless Statistics. To change the refresh rate, choose a refresh rate from the Refresh Rate drop- down menu. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 15 The username of the VPN user associated with the QuickVPN or PPTP tunnel. Remote IP Displays the IP address of the remote QuickVPN client. This could be a NAT/Public IP if the client is behind the NAT router. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 16 Viewing the IPSec Connection Status The IPSec Connection status shows the status of active VPN policies on the Cisco RV215W. (These policies are configured on the VPN > Advanced VPN Setup page.) To view the IPSec connection status: Choose Status > IPSec Connection Status.
Page 17: Viewing Logs
If you made any changes, click Save. STEP 3 Viewing Logs The View Logs page displays the Cisco RV215W logs. To view the logs, choose Status > View Logs. To display the latest log entries, click Refresh Logs. To filter logs or specify the severity of logs to display, check the boxes next to the log type and click Go.
Page 18: Viewing Connected Devices
All—All devices connected to the router. Wireless—All devices connected through the wireless interface. Wired—All devices connected through the Ethernet ports on the router. WDS—All Wireless Distribution System (WDS) device connected to the router. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 19: Viewing Port Statistics
The guest network statistics displays information about the wireless guest network configured on the Cisco RV215W. To view the guest network status, choose Status > GuestNet Status. The following information is displayed: • Host Name—Device connected to the guest network. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 20 Viewing the Mobile Status The mobile network statistics about the mobile 3G/4G network and communication device (dongle) configured on the Cisco RV215W. To view the mobile network status, choose Status > Mobile Network. The following information is displayed: •...
Page 21 Viewing the Status Viewing the Mobile Status Draft Version 2—Cisco Confidential Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 22: Configuring Static Ip
From the Internet Connection Type drop-down menu, choose Static IP. STEP 2 Enter this information: STEP 3 Internet IP Address IP address of the firewall WAN port. Subnet mask Subnet mask of the firewall WAN port. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 23: Configuring Pppoe
When you select this option, the Internet connection is always on. In the redial period field, enter the number of seconds after which the Cisco RV215W attempts to reconnect if it is disconnected. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 24: Configuring Pptp
Draft Version 2—Cisco Confidential Authentication Type Auto-negotiation—The server sends a configuration request specifying the security algorithm set on it. Then, the Cisco RV215W sends back authentication credentials with the security type sent by the server. PAP—Password Authentication Protocol (PAP), used by Point-to-Point Protocol to connect to the ISP.
Page 25: Configuring L2Tp
Click Save. STEP 4 Configuring L2TP To configure the L2TP settings: Choose Networking > WAN. STEP 1 From the Internet Connection Type drop-down menu, choose L2TP. STEP 2 Enter this information: STEP 3 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 26 ISP. CHAP—Challenge Handshake Authentication Protocol (CHAP) is used to connect to the ISP. MS-CHAP or MS-CHAPv2—Microsoft Challenge Handshake Authentication Protocol is used to connect to the ISP. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 27: Configuring Optional Settings
STEP 2 Configuring a Mobile Network Use the Mobile Network page to configure the Cisco RV215W to connect to a Mobile Broadband USB modem that is connected to its USB interface. To display the Mobile Network window, click Networking > WAN > Mobile Network.
Page 28 Please set APN manually (because the device is unable to determine the access point name) • Searching for service... • no SIM card • SIM locked • SIM busy • SIM ready • pin code needed • pin code error • Card is locked Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 29 Authentication used by your service provider. The value can be changed by choosing the authentication type from the drop-down list. The default is Auto. If you do not know which type of authentication to use, select Auto. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 30 3G and 4G usage has exceeded a given percentage. • The device fails over to the backup pathway and recovers. • At every interval specified while a 3G or 4G connection is active. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 31: Setting Failover And Recovery
While both an Ethernet and a USB modem connection might be available, only one connection at a time can be used to establish a WAN link. Whenever one WAN connection fails, the Cisco RV215W attempts to bring up another connection on another interface. This feature is called Failover. When the primary WAN connection is restored, it reverts the that path and drops the backup connection.
Page 32: Configuring The Lan Settings
Also, instead of using a DNS server that maps Internet domain names (for example, www.cisco.com) to IP addresses, you can use a Windows Internet Naming Service (WINS) server. A WINS server is the equivalent of a DNS server, but uses the NetBIOS protocol to resolve hostnames.
Page 33: Configuring Dhcp
STEP 3 Enable Allows the to act as the DHCP server in the network. Disable Disables DHCP on the when you want to manually configure the IP addresses of all of your network devices. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 34: Configuring Vlans
VLANs can group endpoints without regard to the physical location of the equipment or users. The has a default VLAN (VLAN 1) that cannot be deleted. You can create up to four other VLANs on the . Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 35 VLAN is first created. Click Save. STEP 4 To edit the settings of a VLAN, select the VLAN and click Edit. To delete a selected VLAN, click Delete. Click Save to apply changes. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 36: Configuring Static Dhcp
A and F (inclusive). To edit the settings of a static DHCP client, select the client and click Edit. To delete a selected DHCP client, click Delete. Click Save to apply the changes. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 37: Viewing Dhcp Leased Clients
LAN IP address, but it cannot be identical to the IP address given to the LAN interface of this gateway. To configure DMZ: Choose Networking > LAN > DMZ Host. STEP 1 Check Enable to enable DMZ on the network. STEP 2 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 38: Configuring Rstp
The max age is the time period that the router waits to receive a hello message. If the max age is reached, the router tries to change the spanning tree. Enter a number from 6 to 40. The default is 20. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 39: Port Management
You can configure the speed and flow control settings of the LAN ports. To configure port speeds and flow control: Choose Networking > Port Management. STEP 1 Configure this information: STEP 2 Port The port number. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 40: Cloning The Mac Address
For example, some ISPs register your computer NIC card MAC address when the service is first installed. When you place a router behind the cable modem or DSL modem, the MAC address from the WAN port is not recognized by the ISP. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 41: Configuring Routing
Gateway (Recommended) Click this button to set the to act as a gateway. Keep this default setting if the is hosting your network connection to the Internet and is performing the routing functions. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 42: Configuring Dynamic Routing
The version of RIP used to send routing updates to other routers on the network depends on the configuration settings of the other routers. RIPv2 is backward compatible with RIPv1. RIP Recv Packet Version Choose the RIP Receive Packet Version. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 43: Configuring Static Routing
Select the interface to which packets for this route are sent: • LAN & Wireless—Click this button to direct packets to the LAN and wireless network. • Internet (WAN)—Click this button to direct packets to the Internet (WAN). Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 44: Configuring Inter-Vlan Routing
To configure DDNS: Choose Networking > Dynamic DNS. STEP 1 From the DDNS Service drop-down menu, choose Disable to disable this service STEP 2 or choose the DDNS service to use. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 45 (Read-only) Status is displayed if the DDNS update has completed successfully or if the account update information sent to the DDNS server failed. To test the DDNS configuration, click Test Configuration. STEP 5 Click Save. STEP 6 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 46: Configuring The Ip Mode
In the Domain and IP fields, enter up to five domain-to-IP mappings. The 6to4 tunneling feature is typically used when a site or end user wants to connect to the IPv6 Internet using the existing IPv4 network. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 47: Configuring Ipv6
To configure the to use a static IPv6 address: Choose Networking > IPv6 > IPv6 WAN Configuration. STEP 1 In the WAN Connection Type field, select Static IPv6. STEP 2 Enter this information: STEP 3 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 48 Enter the following information (you may need to contact your ISP to obtain your STEP 3 PPPoE login information): Username Enter your username assigned to you by the ISP. Password Enter your password assigned to you by the ISP. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 49 MS-CHAP or MS-CHAPv2—The uses Microsoft Challenge Handshake Authentication Protocol when connecting with the ISP. Service Name Your ISP may configure a service name that is needed to log onto the PPPoE server. If so, enter it here. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 50: Configuring Ipv6 Lan Settings
The standard MTU value for Ethernet networks is usually 1500 bytes. For PPPoE connections, the value is 1492 bytes. Unless a change is required by your ISP, Cisco recommends that you choose Auto. The default MTU size is 1500 bytes.
Page 51 All hosts in the network have the identical initial bits for their IPv6 address; you set the number of common initial bits in the network addresses in this field. Click Save. STEP 3 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 52 ISP IPv6 network. Client Lease Time Enter the client lease time. Enter the duration (in seconds) for which IPv6 addresses are leased to endpoints on the LAN. Click Save. STEP 3 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 53: Configuring Ipv6 Static Routing
Some ISPs require static routes to build your routing table instead of using dynamic routing protocols. Static routes do not require CPU resources to exchange routing information with a peer router. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 54 This feature is useful if the network that the route connects to is not available when you added the route. When the network becomes available, you can enable the route. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 55: Configuring Routing (Ripng)
IPv6 Internet using the existing IPv4 network. To configure 6-to-4 tunneling: Select Networking > IPv6 > Tunneling. STEP 1 In the 6 to 4 Tunneling field, check Enable. STEP 2 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 56: Viewing Ipv6 Tunnel Status
STEP 2 This page displays information about the automatic tunnel set up through the dedicated WAN interface. The table shows the name of tunnel and the IPv6 address that is created on the device. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 57: Configuring Router Advertisement
Maximum Router Advertisement Interval (MaxRtrAdvInterval). MinRtrAdvInterval = 0.33 * MaxRtrAdvInterval RA Flags Check Managed to use the administered/stateful protocol for address auto configuration. Check Other to use the administered/stateful protocol of other, non-address information auto configuration. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 58: Configuring Advertisement Prefixes
The default is 3600 seconds. Click Save. STEP 3 Configuring Advertisement Prefixes To configure the RADVD available prefixes: Choose Networking > IPv6 > Advertisement Prefixes. STEP 1 Click Add Row. STEP 2 Enter this information: STEP 3 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 59 Prefix Lifetime Enter the prefix lifetime, or the length of time over which the requesting router is allowed to use the prefix. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 60: Chapter 3: Configuring The Wireless Network
For wireless products such as access points, routers, and gateways, you are asked for a password when you want to change their settings. These devices have a default password. The default password is often cisco. Hackers know these default values and may try to use them to access your wireless device and change your network settings.
Page 61: General Network Security Guidelines
Combine letters and numbers to avoid using standard words that can be found in the dictionary. General Network Security Guidelines Wireless network security is useless if the underlying network is not secure. Cisco recommends that you take the following precautions: •...
Page 62: Cisco Rv215W Wireless Networks
Disabled Disabled Isolation with SSID Enabled Enabled Enabled Enabled Enabled Disabled Disabled Disabled Hardware Button 1. When using the Setup Wizard, select Best Security or Better Security to protect the from unauthorized access. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 63: Configuring Basic Wireless Settings
In the Wireless Channel field, choose the wireless channel from the drop-down STEP 5 menu. In the AP Management VLAN field, choose VLAN 1 if you are using the default STEP 6 settings. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 64: Editing The Wireless Network Settings
Editing the Wireless Network Settings The Wireless Table in the Basic Settings page (Wireless > Basic Settings) lists the settings of the four wireless networks supported on the Cisco RV215W. To configure wireless network settings: Check the box for the networks you want to configure.
Page 65: Configuring The Security Mode
SSID. WMM (Wi-Fi Multimedia) Check this box to enable WMM. WPS Hardware Button Check this box to map the Cisco RV215W WPS button on the front panel to this network. Click Save. STEP 4 Configuring the Security Mode...
Page 66 802. 1 1i standard. WPA2 supports AES encryption and this option uses Preshared Key (PSK) for authentication. • WPA2-Personal Mixed—Allows both WPA and WPA2 clients to connect simultaneously using PSK authentication. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 67 The WPA Enterprise, WPA2 Enterprise, and the WPA2 Enterprise Mixed security modes allow you to use RADUIS server authentication. • WPA-Enterprise—Allows you to use WPA with RADIUS server authentication. • WPA2-Enterprise—Allows you to use WPA2 with RADIUS server authentication. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 68 In the Key Renewal field, enter the duration of time (600–7200 seconds) between STEP 9 key renewals. The default value is 3600. Click Save to save your settings. STEP 10 Click Back to go back to the Basic Settings page. STEP 11 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 69: Configuring Mac Filtering
Click Add to MAC to add the selected devices in the Client List Table to the STEP 7 MAC Address Table. Click Save to save your settings. STEP 8 Click Back to go back to the Basic Settings page. STEP 9 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 70: Configuring Time Of Day Access
, add a new VLAN for the guest network. For example, STEP 2 click Add Row and enter the following: VLAN ID—Enter a number for the VLAN (for example, 4). • Description—Enter a name for the VLAN (for example, guest-net). • Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 71 . (QoS must be enabled first; click the link to the Bandwidth Available Bandwidth Management page if you need to configure QoS.) In the field, enter the percentage of bandwidth to allocate to the guest network. Click Save. STEP 7 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 72: Configuring Advanced Wireless Settings
All, when the can transmit at all wireless rates. The Basic Rate is not the actual rate of data transmission. If you want to specify the rate of data transmission, configure the Transmission Rate setting. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 73 The Beacon Interval value indicates the frequency interval of the beacon. A beacon is a packet broadcast by the to synchronize the wireless network. Enter a value between 40 and 3,500 milliseconds. The default value is 100. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 74 Platform sends RTS frames to a particular receiving station and negotiates the sending of a data frame. After receiving an RTS, the wireless station responds with a CTS frame to acknowledge the right to begin transmission. Click Save. STEP 3 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 75: Configuring Wds
Click Connecto add the MAC addresses of the selected access points to the MAC field. Or enter the MAC addresses of up to three access points to use as repeaters in the MAC 1, MAC 2, and MAC 3 fields. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 76: Configuring Wps
A client device requires a PIN number from this router, use the router PIN number indicated. After you configure WPS, the following information appears at the bottom of the WPS page: Wi-Fi Protected Setup Status, Network Name (SSID), and Security. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 77: Chapter 4: Configuring The Firewall
LAN, such as chat rooms or games. You can block just certain groups of PCs on your network from being accessed by the WAN or public DMZ network. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 78: Configuring Basic Firewall Settings
Block WAN Request Blocks ping requests to the from the WAN. Web Access Choose the type of web access that can be used to connect to the firewall: HTTP or HTTPS (secure HTTP). Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 79 Enabling this setting blocks Java applets from being downloaded. Click Auto to automatically block Java, or click Manual and enter a specific port on which to block Java. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 80 Enabling this feature blocks proxy servers. Click Auto to automatically block proxy servers, or click Manual and enter a specific port on which to block proxy servers. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 81: Configuring Remote Management
When remote management is enabled, the router is accessible to anyone who CAUTION knows its IP address. Because a malicious WAN user can reconfigure the and misuse it, it is highly recommended that you change the administrator and any guest passwords before continuing. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 82: Configuring Universal Plug And Play
Under Scheduled Time of Day, select the time of day that you want the schedule STEP 5 to apply. You can either choose All Times, or choose Specific Time. If you choose Specific Time, enter the start and end times. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 83: Configuring Services Management
In the End Port field, enter the last TCP or UDP port of the range that the service STEP 6 uses. Click Save. STEP 7 To edit an entry, select the entry and click Edit. Make your changes, then click Save. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 84: Configuring Access Rules
Move to. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 85: Adding Access Rules
File Transfer Protocol (FTP) • Hyptertext Transfer Protocol (HTTP) • Secure Hypertext Transfer Protocol (HTTPS) • Trivial File Transfer Protocol (TFTP) • Internet Message Access Protocol (IMAP) • Network News Transport Protocol (NNTP) Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 86 Address Range—The rule applies to traffic originating from an IP address located in a range of addresses. Enter the starting IP address in the Start field, and the ending IP address in the Finish field. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 87: Creating An Internet Access Policy
To create a Internet access policy: Choose Firewall > Internet Access Policy. STEP 1 Click Add Row. STEP 2 In the Status field, check Enable. STEP 3 Enter a policy name for identification and management purposes. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 88 From the Type drop-down menu, choose how to block a website (by specifying the URL or by specifying a keyword that appears in the URL). c. In the Value field, enter the URL or keyword used to block the website. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 89: Configuring Port Forwarding
Choose Firewall > Single Port Forwarding. A pre-existing list of applications is STEP 1 displayed. In the Application field, enter the name of the application for which to configure STEP 2 port forwarding. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 90: Configuring Port Range Forwarding
In the IP Address field, enter the IP address of the host on the LAN side to which STEP 7 the specific IP traffic will be forwarded. In the Enable field, check the Enable box to enable the rule. STEP 8 Click Save. STEP 9 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 91: Configuring Port Range Triggering
If the incoming connection uses only one port, then specify the same port number in both fields. In the Enable field, check the Enable box to enable the rule. STEP 5 Click Save. STEP 6 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 92: Chapter 5: Configuring Vpn
Choose QuickVPN as the user protocol. See Importing VPN Client Settings. 2. Instruct users to obtain the free Cisco QuickVPN software from Cisco.com, and install it on their computers. To enable access via Cisco QuickVPN on this router, you must enable remote management to open port 443 for SSL.
Page 93: Vpn Clients
Choose VPN > VPN Clients. STEP 1 Do the following: STEP 2 PPTP Server Check to enable the PPTP server. IP Address for PPTP Enter the IP address of the PPTP server. Server Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 94: Configuring Netbios Over Vpn
VPN tunnel. By default, the NetBIOS feature is available to client policies. Click Save. STEP 2 Creating and Managing PPTP Users To create PPTP users: In the VPN Client Setting Table, click Add Row. STEP 1 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 95: Creating And Managing Quickvpn Users
Protocol Choose QuickVPN from the drop-down menu. Click Save. STEP 3 To edit the settings of a QuickVPN user, check its box and click Edit. When you are done making changes, click Save. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 96: Importing Vpn Client Settings
Click Browse to locate the file. STEP 1 Click Import to load the file. STEP 2 When prompted, to delete existing VPN user settings and import the settings in STEP 3 the CSV file, click Yes. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 97: Configuring Basic Vpn Settings (Site-To-Site Vpn)
You could have a router like the Cisco RV220W that supports ten site-to-site VPN tunnels and have an at each remote site to provide secure connectivity.
Page 98: Viewing Default Values
The default values used in the basic VPN settings are those proposed by the VPN consortium and they assume you are using a pre-shared key, or password, that is known to both the and the router on the other end (for example, a Cisco RV220W). To view the default values: Choose VPN >...
Page 99: Configuring Advanced Vpn Parameters
Adding or Editing IKE Policies. (Note: If you have a VPN connection already configured, you cannot add another without deleting the existing VPN connection.) Click Save. STEP 3 Managing VPN Policies To manage VPN policies: Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 100: Adding Or Editing Ike Policies
Policy Name—Enter a unique name for the policy for identification and management purposes. • Exchange Mode—Choose one of the following options: Main—This mode negotiates the tunnel with higher security, but is slower. Aggressive—This mode establishes a faster connection, but with lowered security. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 101 IPsec and IKE Security Association. If you enable this feature, also enter these settings: DPD Delay—Enter the interval, in seconds, between consecutive DPD R-U-THERE messages. DPD R-U-THERE messages are sent only when the IPsec traffic is idle. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 102: Adding Or Editing Vpn Policies
Start IP Address field, and enter the Subnet Mask in the Subnet Mask field. Enter the subnet’s network IP address in the Start Address field. Enter the subnet mask, such as 255.255.255.0, in Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 103 DES—8 characters 3DES—24 characters AES-128—16 characters AES-192—24 characters AES-256—32 characters • Key-Out—Enter the encryption key of the outbound policy. The length of the key depends on the encryption algorithm chosen, as shown above. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 104 Select IKE Policy—Choose the IKE policy that will define the characteristics of phase 1 of the negotiation. Click View to view or edit the existing IKE policy that is configured on the . Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 105: Configuring Certificate Management
If the configuration is reset to the factory default settings, this certificate can be imported and restored on the router. To export a certificate for Admin: Choose VPN > Certificate Management.. STEP 1 Click Export for Admin. STEP 2 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 106: Configuring Vpn Passthrough
Cisco RV215W. PPTP Check Enable to allow PPTP tunnels to pass through the Cisco RV215W. L2TP Check Enable to allow Layer 2 Tunneling Protocol (L2TP) tunnels to pass through the Cisco RV215W. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 107 Configuring VPN Configuring VPN Passthrough Draft Version 1—Cisco Confidential Click Save. STEP 3 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 108: Chapter 6: Configuring Quality Of Service (Qos)
(WAN). Configuring Bandwidth You can limit the bandwidth to reduce the rate at which the Cisco RV215W transmits data. You can also use a bandwidth profile to limit the outbound traffic, thus preventing the LAN users from consuming all of the bandwidth of the Internet link.
Page 109: Configuring Bandwidth Priority
To delete an entry from the table, check the relevant box and click Delete. Then, click Save. To add a new service definition, click the Service Management button. You can define a new service to use for all firewall and QoS definitions. See Configuring Services Management. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 110: Configuring Qos Port-Based Settings
Configuring QoS Port-Based Settings Draft Version 1—Cisco Confidential Configuring QoS Port-Based Settings You can configure QoS settings for every LAN port on the Cisco RV215W. The supports 4 priority queues that allow for traffic prioritization per physical switch port. To configure QoS settings for the Cisco RV215W LAN ports: Choose QoS >...
Page 111: Configuring Cos Settings
For each DSCP value in the DSCP Settings Table, choose a priority level from the STEP 3 Queue drop-down menu. This maps the DSCP value to the selected QoS queue. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 112 Configuring Quality of Service (QoS) Configuring DSCP Settings Draft Version 1—Cisco Confidential To restore the default DSCP settings, click Restore Default. Then, click Save. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 113: Setting Password Complexity
Draft Version 1—Cisco Confidential Administering Your Setting Password Complexity The Cisco RV215W can enforce minimum password complexity requirement for password changes. To configure password complexity settings: Choose Administration > Password Strength. STEP 1 In the Password Complexity Settings field, check Enable.
Page 114: Configuring User Accounts
Click Save. STEP 4 Configuring User Accounts The Cisco RV215W supports two user accounts for administering and viewing settings: an administrative user (default user name and password: “cisco”) and a “guest” user (default user name: “guest”). The guest account has read-only access. You can set and change the username and password for both the administrator and guest accounts.
Page 115: Setting The Session Timeout Value
In the Guest Inactivity Timeout field, enter the number, in minutes, before a STEP 3 session times out due to inactivity. Choose never to allow the administrator to stay logged in permanently. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 116: Configuring Simple Network Management (Snmp)
In the SNMP System Information section of the SNMP page, you can enable SNMP. Before you can use SNMP, install SNMP software on your computer. The Cisco RV215W supports only SNMPv3 for SNMP management. The Cisco RV215W supports SNNPv1/2/3 for SNMP trap messages. To enable SNMP: Choose Administration >...
Page 117: Editing Snmpv3 Users
Administering Your Configuring Simple Network Management (SNMP) Draft Version 1—Cisco Confidential Editing SNMPv3 Users You can configure SNMPv3 parameters for the two default Cisco RV215W user accounts (Admin and Guest). To configure SNMPv3 settings: Choose Administration > SNMP. STEP 1...
Page 118: Using Diagnostic Tools
Public community. SNMP Version Select the SNMP version: v1, v2c, or v3. Click Save. STEP 3 Using Diagnostic Tools The Cisco RV215W provides several diagnostic tools to help you troubleshoot network problems. • Network Tools • Configuring Port Mirroring Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 119 You can use the PING utility to test connectivity between this router and another device in the network. You can also use the Ping tool to test connectivity to the Internet by pinging a fully qualified domain name (for example, www.cisco.com). To use PING: Choose Administration >...
Page 120: Configuring Port Mirroring
STEP 2 From the Mirror Port drop-down menu, choose a mirror port. If you use a port for STEP 3 mirroring, do not use it for any other traffic. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 121: Configuring Logging
Administering Your Configuring Logging Draft Version 1—Cisco Confidential Configuring Logging The Cisco RV215W allows you to configure logging options. Configuring Logging Settings To configure logging: Choose Administration > Logging > Log Settings. STEP 1 In the Log Mode field, check Enable.
Page 122: Configuring The E-Mailing Of Logs
Save. Configuring the E-Mailing of Logs You can configure the Cisco RV215W to send logs by email. We recommend that you set up a separate email account for sending and receiving logs. You must first set up the severity of logs you want to capture; see...
Page 123 Otherwise, use the default (25). Return E-mail Address Enter the return email address that the Cisco RV215W will send messages to if logs from the router to the send-to email address are undeliverable. Send to E-mail...
Page 124: Configuring Bonjour
Click Save. STEP 6 Configuring Bonjour Bonjour is a service advertisement and discovery protocol. On the Cisco RV215W, Bonjour only advertises the default services configured on the device when Bonjour is enabled. To enable Bonjour: Choose Administration > Bonjour.
Page 125: Configuring Date And Time Settings
“from” and “to” fields. Daylight Saving Offset Choose the offset from Coordinated Universal Time (UTC) from the drop-down menu. Set Date and Time Select how to set the date and time. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 126: Backing Up And Restoring The System
When the test light turns off, wait a few more seconds before using the firewall. Backing Up the Configuration Settings To backup or restore the configuration: Choose Administration > Backup/Restore Settings. STEP 1 Select the configuration to back up or to clear: STEP 2 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 127: Restoring The Configuration Settings
You can download the Startup Configuration to other Cisco RV215Ws for easy deployment. Mirror configuration Select this option to instruct the Cisco RV215W to back up the Startup Configuration after 24 hours of operation without any change in the startup configuration.
Page 128: Copying The Configuration Settings
Administering Your Backing Up and Restoring the System Draft Version 1—Cisco Confidential The Cisco RV215W uploads the configuration file and uses the settings it contains to update the Startup Configuration. Then the Cisco RV215W restarts and uses the new configuration.
Page 129: Upgrading Firmware Or Change The Language
STEP 3 Click Browse to locate and select the downloaded firmware. STEP 4 (Optional) To reset the Cisco RV215W to default factory settings after the firmware STEP 5 is upgraded, check Reset all configurations/settings to factory defaults. Resetting the Cisco RV215W to default factory settings erases all of your CAUTION configuration settings.
Page 130: Restarting The Cisco Rv215W
When the test light turns off, wait a few more seconds before using the router. To restore factory defaults to the router: Choose Administration > Restore Factory Defaults. STEP 1 Click Default. STEP 2 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 131: Running The Setup Wizard
Administering Your Running the Setup Wizard Draft Version 1—Cisco Confidential Running the Setup Wizard To run the Setup Wizard: Choose Administration > Setup Wizard. STEP 1 Follow the online instructions. STEP 2 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 132: Appendix A: Using Cisco Quickvpn
Draft Version 1—Cisco Confidential Using Cisco QuickVPN Overview This appendix explains how to install and use the Cisco QuickVPN software that can be downloaded from Cisco.com. QuickVPN works with computers running Windows 7, Windows XP, Windows Vista, or Windows 2000. (Computers using other operating systems will have to use third-party VPN software.)
Page 133: Installing The Cisco Quickvpn Software
Installing the Cisco QuickVPN Software Draft Version 1—Cisco Confidential Installing the Cisco QuickVPN Software Installing from the CD-ROM Insert the Cisco RV215W CD-ROM into your CD-ROM drive. After the Setup STEP 1 Wizard begins, click the Install QuickVPN link. The License Agreement window appears.
Page 134 The Setup Wizard copies the files to the chosen location. Copying Files Finished Installing Files Click Finish to complete the installation. Proceed to “Using the Cisco QuickVPN STEP 5 Software,” on page 142. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 135: Downloading And Installing From The Internet
Appendix B, “Where to Go From Here,” go to the Software Downloads link. STEP 1 Enter Cisco RV215W in the search box and find the QuickVPN software. STEP 2 Save the zip file to your PC, and extract the .exe file.
Page 136 To terminate the VPN tunnel, click Disconnect. To change your password, click Change Password. For information, click Help. If you clicked Change Password and have permission to change your own STEP 9 password, the Connect Virtual Private Connection window appears. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 137 Click OK to save your new password. STEP 11 You can change your password only if the Allow User to Change Password box NOTE has been checked for that username. See Creating and Managing QuickVPN Users. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 138: Appendix B: Where To Go From Here
Draft Version 1—Cisco Confidential Where to Go From Here Cisco provides a wide range of resources to help you obtain the full benefits of the Cisco Wireless-N VPN Firewall. Product Resources Support Cisco Small Business www.cisco.com/go/smallbizsupport Support Community Online Technical Support www.cisco.com/support...
Page 139 Draft Version 1—Cisco Confidential Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.
Page 140 Draft Version 1—Cisco Confidential Revised May 2012 Cisco RV215W Wireless-N VPN Firewall Administration Guide...

Cisco RV215W Administration Manual

Chapter 1 : Introduction

Chapter 2 : Configuring Networking

Chapter 8 : Viewing the Cisco RV215W Status

Chapter 3: Configuring the Wireless Network

Chapter 4: Configuring the Firewall

Chapter 5: Configuring VPN

Chapter 6: Configuring Quality of Service (Qos)

Chapter 7 : Administering Your Cisco RV215W

Appendix A: Using Cisco Quickvpn

Appendix B: Where to Go from here

Quick Links

Related Manuals for Cisco RV215W

Summary of Contents for Cisco RV215W

Table of Contents