Cisco Small Business RV315W Administration Manual Download Page 1

Page: 1 / 109

Cisco Small Business

RV315W Broadband Wireless VPN Router

ADMINISTRATION

GUIDE

Summary of Contents for Small Business RV315W

Page 1: ...Cisco Small Business RV315W Broadband Wireless VPN Router ADMINISTRATION GUIDE ...

Page 2: ...Cisco and or its affiliates in the U S and other countries To view a list of Cisco trademarks go to this URL www cisco com go trademarks Third party trademarks mentioned are the property of their respective owners The use of the word partner does not imply a partnership relationship between Cisco and any other company 1110R ...

Page 3: ...ment does cause harmful interference to radio or television reception which can be determined by turning the equipment off and on the user is encouraged to try to correct the interference by one of the following measures Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to whic...

Page 4: ... with the Configuration 13 Before You Begin 13 Logging in to the Configuration Utility 13 Using the Help System 14 Performing Basic Configuration Tasks 14 Changing the Default Administrator Password 14 Upgrading Your Firmware After Your First Login 15 Backing Up Your Configuration 15 Chapter 2 Using the Setup Wizard 17 Starting the Setup Wizard 17 Configuring WAN Connection 17 Configuring Default ...

Page 5: ...ault Route of the Physical WAN Interface 41 Configuring Multi WAN 41 Configuring WAN1 LAN0 Interface 43 Configuring LAN 43 Configuring LAN Interface Settings 44 Configuring VLAN Settings 45 Configuring WLAN 46 Configuring Wireless Radio Settings 46 Configuring Wireless Network Settings 47 Configuring 3G Wireless Connection 53 Chapter 5 Networking 56 Configuring DDNS 56 Configuring Port Forwarding ...

Page 6: ...outing 65 Viewing the Routing Table 66 Configuring IGMP 67 Chapter 6 VPN 68 Viewing IPsec VPN Status 68 Configuring IPsec VPN Policies 69 Setting Up a Site to Site VPN 69 Setting Up a PC to Site VPN 73 Chapter 7 Quality of Service QoS 76 Configuring Bandwidth Management 76 Configuring Flow Control Policies 77 Configuring Session Limits 79 Chapter 8 Security 80 Configuring the Firewall 80 Configuri...

Page 7: ...ttings 91 Managing System Configuration 92 Upgrading the Firmware 93 Using Diagnostic Utilities 94 Ping 94 Traceroute 95 HTTP Get 95 DNS Query 95 Configuring System Time 96 Configuring TR 069 Settings 96 Configuring SNMP 98 Configuring Remote Management 99 Configuring Remote Access Protocols and Ports 99 Configuring Trusted Remote Hosts 100 Configuring SSH 100 Log Management 102 Configuring Log Se...

Page 8: ... Product Overview Mounting the RV315W Connecting the RV315W Getting Started with the Configuration Performing Basic Configuration Tasks Product Overview Thank you for choosing the Cisco RV315W Broadband Wireless VPN Router The RV315W provides routing switching security wireless 3G Virtual Private Network VPN quality of service QoS and flow control capabilities for small businesses Before you use t...

Page 9: ...em Flashes green when the RV315W is attempting to connect to the Internet the RV315W cannot connect to the Internet or the system is upgrading the firmware Solid red when the system has problems Flashes red when the system is overloaded such as the CPU utilization or the memory utilization exceeds the limitation Off when there is no Internet connection WAN0 Solid green when the RV315W is connected...

Page 10: ...er the LAN0 port Off when the LAN0 port has no connection LAN1 8 The numbered lights correspond to the LAN ports on the back panel of the RV315W Solid green when the RV315W is connected to a device through the corresponding port LAN1 to 8 but there is no traffic over that port Flashes green when the RV315W is sending or receiving data over the corresponding LAN port Off when the corresponding LAN ...

Page 11: ...ding or receiving data on the wireless module Off when the wireless module is disabled VPN Solid green when there are active VPN tunnels Flashes green once per two seconds when the RV315W is attempting to establish a VPN tunnel or the attempt of establishing a new VPN tunnel fails Off when there is no VPN connection NMS Solid green when the RV315W is connected to an upper level Network Management ...

Page 12: ...0 port can be set to a secondary WAN interface WAN1 or an additional LAN interface LAN0 LAN1 8 Ports These ports provide a LAN connection to network devices such as PCs print servers or switches RESET The RESET button has two functions Reboot Press the RESET button for at least 1 but no more than 5 seconds with a paper clip or a pencil tip to reboot the unit Restore to Factory Defaults Press and h...

Page 13: ...rheating do not operate it in an area that exceeds an ambient temperature of 104 F 40 C Air Flow Be sure that there is adequate air flow around the RV315W Mechanical Loading Be sure that the RV315W is level and stable to avoid any hazardous conditions Place the RV315W horizontally on a flat surface so that it sits on its four rubber feet Wall Mounting The RV315W can be wall mounted The wall mounti...

Page 14: ...15W NOTE The wireless module of the RV315W is enabled by default You can connect one PC with an Ethernet cable or through a wireless connection to perform the initial configuration Use the default wireless network name SSID and pre shared key that are provided on the product label at the bottom of the RV315W to connect the PC to your wireless network for the first time STEP 1 Power off all equipme...

Page 15: ... supplied with the unit Using a different power adapter could damage the unit STEP 5 Power on all connected devices including the cable or DSL modem and the PC and wait until the connections are active STEP 6 Power on the RV315W STEP 7 To connect the PC to your wireless network for the first time you can configure the wireless connection using the default SSID name and pre shared key that are prov...

Page 16: ... you power on the PC your PC becomes a DHCP client of the RV315W and receives an IP address in the 192 168 1 xxx range STEP 2 Start a web browser In the address bar enter the default IP address of the RV315W 192 168 1 1 STEP 3 When the login page appears choose the language that you prefer to use in the utility and enter the username and password The default username is cisco The default password ...

Page 17: ...The default administrator account cisco has full privilege to set the configuration and read the system status For security purposes we recommend that you change the default administrator password after your first login To change the default administrative password STEP 1 Click System Management User Management The User Management page opens STEP 2 Check the default administrator account cisco and...

Page 18: ...an active WAN connection STEP 3 In the Locate select the upgrade file area click Browse to locate and select the downloaded firmware image from your local PC STEP 4 Click Upgrade After the new firmware image is validated the system first overwrites the secondary firmware with the new version in the flash and then reboots with the new firmware image The new firmware image becomes the primary firmwa...

Page 19: ...Getting Started Performing Basic Configuration Tasks Cisco RV315W Broadband Wireless VPN Router Administration Guide 16 1 STEP 3 Select where to locate the configuration file and then click Save ...

Page 20: ... Setup Wizard launches STEP 2 If you are an expert you can exit the Setup Wizard and click the menu in the left hand navigation pane to configure the specific feature directly If you want to continue click Next to proceed to the WAN Configuration page Or you can click Exit to exit the Setup Wizard Configuring WAN Connection From the WAN Configuration page you can configure the WAN connection by us...

Page 21: ...g table provides the configuration instruction for each Internet connection type Confirm that you have proper network information from your ISP or a peer router to configure the RV315W to access the Internet Connection Type Configuration DHCP Connection type often used with cable modems Choose this option if your ISP dynamically assigns an IP address on connection and enter the following informati...

Page 22: ...mplete the following fields IP Address Enter the IP address of the WAN port that can be accessible from the Internet Subnet Mask Enter the IP address of the subnet mask Default Gateway Enter the IP address of default gateway Primary DNS Server DNS servers map Internet domain names to IP addresses Enter the IP address of the primary DNS server You can get the DNS server address from your ISP Second...

Page 23: ...e IP address of the primary DNS server Secondary DNS Server Optional Enter the IP address of the secondary DNS server Keep Alive Choose one of the following options Connect on Demand Let the RV315W disconnect from the Internet after a specified period of inactivity Idle Time This option is recommended if your ISP fees are based on the time that you spend online If you choose this option enter the ...

Page 24: ...e DNS server or click Disable to disable this feature Primary DNS Server Enter the IP address of the primary DNS server Secondary DNS Server Optional Enter the IP address of the secondary DNS server Keep Alive Choose one of the following options Connect on Demand Let the RV315W disconnect from the Internet after a specified period of inactivity Idle Time This option is recommended if your ISP fees...

Page 25: ...the default LAN settings of the RV315W STEP 8 Enter the following information VLAN Select a VLAN from the drop down menu See Configuring VLAN Settings for more information on configuring the VLANs IP Address Enter the subnet IP address of the default LAN Subnet Mask Enter the subnet mask of the default LAN DHCP Server Click Enable to allow the RV315W to act as a DHCP server and assign IP addresses...

Page 26: ...lected SSID STEP 10 Enter the following information Current SSID Select the SSID as the default wireless access point of the RV315W SSID Name Displays the name of the selected SSID You can edit the SSID name Enter a unique name for the SSID for identification Enable Current SSID Click Enable to enable this SSID or click Disable to disable the SSID Security Mode Choose the security mode and configu...

Page 27: ...r size keys provide stronger encryption which makes the key more difficult to crack Passphrase If you want to generate WEP keys by using a Passphrase enter any alphanumeric phrase between 4 to 63 characters and then click Generate to generate 4 unique WEP keys Select one key to use as the key that devices must have to use the wireless network Key Index Choose a key index as the default transmit ke...

Page 28: ... incorporates Message Integrity Code MIC to provide protection against hackers AES uses symmetric 128 bit block data encryption If you choose this option enter the following information WPA Pre Shared Key The Pre shared Key PSK is the shared secret key for WPA Enter a string of at least 8 characters to a maximum of 63 characters Show Password Check to show the pre shared key in plaintext WPA Key R...

Page 29: ...r the following information WPA Pre Shared Key The Pre shared Key PSK is the shared secret key for WPA Enter a string of at least 8 characters to a maximum of 63 characters Show Password Check to show the pre shared key in plaintext WPA Key Renewal Timeout Enter a value to set the interval at which the key is refreshed for clients associated to this SSID A value of zero 0 indicates that the key is...

Page 30: ...the interval at which the key is refreshed for clients associated to this SSID A value of zero 0 indicates that the key is not refreshed The default value is 3600 seconds WPA Encryption Choose AES or TKIP AES as the encryption algorithm for data encryption The default is TKIP AES RADIUS Server IP Address Enter the IP address of the RADIUS server RADIUS Server Port Enter the port number of the prim...

Page 31: ...AES encryption mechanism for data encryption and requires the use of a RADIUS server to authenticate users If you choose this option enter the following information WPA Key Renewal Timeout Enter a value to set the interval at which the key is refreshed for clients associated to this SSID A value of zero 0 indicates that the key is not refreshed The default value is 3600 seconds WPA Encryption Choo...

Page 32: ...zard Completing the Setup Wizard Cisco RV315W Broadband Wireless VPN Router Administration Guide 29 2 STEP 13 If the configuration is correct click Finish to apply the settings and complete the Setup Wizard configuration ...

Page 33: ...ess Connection LAN Interfaces WLAN Connection DHCP Clients Application Information Processes Information Refresh Rate Click System Summary The System Summary page opens Device Information The Device Information area displays the following information Product Name Product name of the unit Device Model Product model of the unit VID Version ID of the unit Serial Number Serial number of the unit Hardw...

Page 34: ...hows if the physical WAN interface is active or inactive for routing WAN Connection Name Connection name through the WAN interface or its WAN subinterface IP Address IP address of the WAN interface or its WAN subinterface 3G Wireless Connection The 3G Wireless Connection area displays the following information 3G Wireless Network Displays whether the RV315W is connected to a 3G wireless network or...

Page 35: ...ware Version Hardware version of the 3G USB dongle Firmware Version Software version that the 3G USB dongle is currently using PRL Version PRL version of the 3G USB dongle UIM Card Information Displays information of the UIM card that is detected by the 3G USB dongle UIM Card Status Current status of the UIM card IMSI IMSI number of the UIM card Voltage Current voltage of the UIM card 3G Network I...

Page 36: ...ted on the RV315W SSID Name of the wireless access point Status Shows if the wireless access point is enabled or disabled Number of Connected Devices Number of the client stations that are connected to the wireless access point DHCP Clients The DHCP Clients area displays information for all DHCP servers defined on the RV315W and its DHCP clients To see complete details for all clients that are con...

Page 37: ...rocesses area displays information for active Internet connections To see complete details for active Internet connections STEP 1 Click Details The following information is displayed Proto The protocol TCP UDP or raw used by the socket Recv Q The count of bytes not copied by the user program connected to this socket Send Q The count of bytes not acknowledged by the remote host Local Address Addres...

Page 38: ...iting for the socket to close LAST_ACK The remote end has shut down and the socket is closed Waiting for acknowledgement LISTEN The socket is listening for incoming connections Such sockets are not included in the output unless you specify the listening l or all a option CLOSING Both sockets are shut down but we still do not have all our data sent UNKNOWN The state of the socket is unknown STEP 2 ...

Page 39: ... is configured to receive a public IP address from your ISP automatically through DHCP Depending on the requirements of your ISP you may need to modify the WAN settings to ensure the Internet connectivity Viewing WAN Connection Information Click Port Settings WAN WAN Interface Settings The WAN Interface Settings page opens This page displays the following information Parameter Description Port Por...

Page 40: ... or its subinterface STEP 1 Click Port Settings WAN WAN Interface Settings The WAN Interface Settings page opens STEP 2 To add a WAN subinterface on a physical WAN interface click Add Subinterface STEP 3 Choose either Route Mode or Bridge Mode for a WAN subinterface from the Internet Connection Type drop down menu NOTE The Route Mode is always selected for a physical WAN interface STEP 4 If Route ...

Page 41: ...dary DNS Server Enter the IP address of the secondary DNS server PPPoE Choose this option if your ISP provides you with client software username and password and use the necessary PPPoE information from your ISP to complete the PPPoE configuration Username Enter the username that is required to log into the ISP Password Enter the password that is required to log into the ISP Service Name Enter the...

Page 42: ...at is required to log into the L2TP server Enable DNS Server Click Enable to enable the DNS server or click Disable to disable this feature Primary DNS Server Enter the IP address of the primary DNS server Secondary DNS Server Enter the IP address of the secondary DNS server Keep Alive Choose one of the following options Connect on Demand Let the RV315W disconnect from the Internet after a specifi...

Page 43: ... for IPTV traffic Other Use for other purposes STEP 6 If Bridge Mode is selected enter the following information Enable NAT Click Enable to enable NAT or click Disable to disable NAT Disable this feature if the WAN connection is only used for management purpose Enable VLAN Click Enable to enable VLAN if your ISP uses the VLAN ID to identify the users and specify the VLAN ID and the 802 1p priority...

Page 44: ...rt on the back panel is set to a secondary WAN port WAN1 To configure Multi WAN STEP 1 Click Port Settings WAN Multi WAN The Multi WAN page opens STEP 2 In the Multi WAN area enter the following information WAN Failover Click Enable to enable the WAN Failover feature or click Disable to disable it When WAN Failover is enabled the RV315W diverts all Internet traffic to the backup link if a failure ...

Page 45: ... WAN Interfaces area specify the priorities for the WAN interfaces including the 3G USB port Interface Name of the WAN interface Status Connection status of the WAN interface Priority Choose the priority of the WAN interface from the drop down menu STEP 5 In the WAN Interface Details area view the following information of the WAN interfaces Interface Name of the WAN interface IP Address IP address...

Page 46: ...Save to save your settings CAUTION Changing the port type of the WAN1 LAN0 interface requires the RV315W to be rebooted Note that changing the port type from WAN1 to LAN0 will reboot the RV315W with the factory default settings The previous settings that you made on the RV315W will be lost Configuring LAN A virtual LAN VLAN is a group of endpoints in a network that are associated by function or ot...

Page 47: ...a DHCP server and assign IP addresses to all devices that are connected to the VLAN Any new DHCP client joining the VLAN is assigned an IP address of the DHCP pool Click Disable to disable the DHCP server on the RV315W Start IP Enter the starting IP address of the DHCP pool if you enable the DHCP service End IP Enter the ending IP address of the DHCP pool if you enable the DHCP service Gateway Add...

Page 48: ...VLAN Settings Use the VLAN Settings page to create new VLANs and assign physical LAN ports and or wireless interfaces to the specified VLANs To create a new VLAN STEP 1 Click Port Settings LAN VLAN Settings The VLAN Settings page opens STEP 2 To create a new VLAN select the Add radio button and enter a unique identification number for the VLAN in the VLAN ID field VLAN1 and VLAN2 are reserved by d...

Page 49: ...lt Wireless Network Mode Choose one of the following options 802 11b g n mixed Choose this option if you have Wireless N Wireless B and Wireless G devices in your network This is the default setting recommended 802 11b g mixed Choose this option if you have Wireless B and Wireless G devices in your network 802 11b Choose this option if you have only Wireless B devices in your network 802 11g Choos...

Page 50: ... Wireless page opens The Wireless Basic and Security Settings area displays the following information for a wireless network SSID Name of the SSID Security Mode Security settings of the SSID Status Shows whether the SSID is enabled or disabled STEP 2 To enable a SSID check the corresponding SSID and click Enable STEP 3 To disable a SSID check the corresponding SSID and click Disable STEP 4 To edit...

Page 51: ...hat can simultaneously connect to this SSID Enter a value in the range of 0 to 30 The default value is zero 0 which indicates that there is no limit for this SSID Security Mode Choose one of the following security modes for the SSID and configure the corresponding security settings For security purposes we strongly recommend that you use WPA2 for wireless security Security Mode Configuration Disab...

Page 52: ... is Open System Encryption Choose the encryption type 64 bits 10 hex digits 64 bits 5 ASCII 128 bits 26 hex digits or 128 bits 13 ASCII The default is 64 bits 10 hex digits The larger size keys provide stronger encryption thus making the key more difficult to crack Passphrase If you want to generate WEP keys by using a Passphrase enter any alphanumeric phrase between 4 to 63 characters and then cl...

Page 53: ...essage Integrity Code MIC to provide protection against hackers AES uses symmetric 128 bit block data encryption If you choose this option enter the following information WPA Pre Shared Key The Pre shared Key PSK is the shared secret key for WPA Enter a string of at least 8 characters to a maximum of 63 characters Show Password Check to show the pre shared key in plaintext WPA Key Renewal Timeout ...

Page 54: ...g information WPA Pre Shared Key The Pre shared Key PSK is the shared secret key for WPA Enter a string of at least 8 characters to a maximum of 63 characters Show Password Check to show the pre shared key in plaintext WPA Key Renewal Timeout Enter a value to set the interval at which the key is refreshed for clients associated to this SSID A value of zero 0 indicates that the key is not refreshed...

Page 55: ...rval at which the key is refreshed for clients associated to this SSID A value of zero 0 indicates that the key is not refreshed The default value is 3600 seconds Encryption Algorithm Choose either AES or TKIP AES as the encryption algorithm for data encryption The default is TKIP AES RADIUS Server IP Address Enter the IP address of the RADIUS server RADIUS Server Port Enter the port number of the...

Page 56: ... mechanism for data encryption and requires the use of a RADIUS server to authenticate users If you choose this option enter the following information WPA Key Renewal Timeout Enter a value to set the interval at which the key is refreshed for clients associated to this SSID A value of zero 0 indicates that the key is not refreshed The default value is 3600 seconds Encryption Algorithm Choose eithe...

Page 57: ...ervice provider Dial String Enter the dial string provided by the 3G wireless network service provider Connect Mode Choose either Auto or Manual to dial in the 3G wireless network Keep Alive If the dial method is set to Auto choose one of the following options Keep Alive Keep the connection always on regardless of the level of activity This option is recommended if you pay a flat fee for your Inte...

Page 58: ...he following options to dial in the wireless network Auto Automatically dial in the 3G wireless network or 4G wireless network 3G Only Only dial in the 3G wireless network 4G Only Only dial in the 4G wireless network NOTE You should first check the types of wireless network supported by your 3G USB dongle and then determine which wireless network you want to dial in Status Shows whether the RV315W...

Page 59: ...net service that allows routers with varying public IP addresses to be located using Internet domain names If your ISP has not provided you with a static IP and your WAN connection is configured to use DHCP to obtain an IP address dynamically then DDNS provides the domain name to map the dynamic IP address for your website To use DDNS you must set up an account with a DDNS provider such as DynDNS ...

Page 60: ...cally private network based on the port number on which it was received at the gateway from the originating host Configuring Single Port Forwarding To add a single port forwarding rule STEP 1 Click Networking Port Forwarding Single Port Forwarding The Single Port Forwarding page opens STEP 2 Enter the following information Interface Choose a WAN interface or the 3G interface for this single port f...

Page 61: ... click Disable to disable this rule STEP 3 Click Add Configuring Port Range Forwarding To add a port range forwarding rule STEP 1 Click Networking Port Forwarding Port Range Forwarding The Port Range Forwarding page opens STEP 2 Enter the following information Interface Choose a WAN interface or the 3G interface for this port range forwarding rule Protocol Choose either TCP or UDP protocol for thi...

Page 62: ... IP range Ports are also not left open when not in use which provides a level of security that port forwarding does not offer To add a port triggering rule STEP 1 Click Networking Port Triggering The Port Triggering page opens STEP 2 Enter the following information WAN Port Choose the WAN interface for this port triggering rule LAN Port Choose the LAN port for this port triggering rule Protocol Ch...

Page 63: ...dware DMZ features The software DMZ allows you to expose an internal host such as the web or email server to the WAN The hardware DMZ sets the LAN8 port on the back panel to a DMZ port This feature is only available when you use Static IP or DHCP to connect to the Internet Configuring Software DMZ To configure software DMZ STEP 1 Click Networking DMZ Software DMZ The Software DMZ page opens STEP 2...

Page 64: ...are DMZ rule STEP 5 Enter the following information Status Click Enable to enable this DMZ rule or click Disable to disable this DMZ rule Public IP Enter the public IP address WAN Port Choose a WAN interface for this DMZ rule STEP 6 Click Save to save your settings Configuring UPnP Universal Plug and Play UPnP allows for automatic discovery of devices that can communicate with your RV315W To enabl...

Page 65: ...d TX or received RX traffic for other ports Mirror Source Port Check the ports that are monitored The port that you set as a TX destination port cannot be selected as a monitored port STEP 4 Click Save to save your settings Configuring Routing This section provides information on configuring the routing mode between WAN and LAN viewing the routing table and configuring the static routing dynamic r...

Page 66: ...age opens STEP 2 In the Inter VLAN Routing area click Enable to enable inter VLAN routing STEP 3 Click Save to save your settings Configuring Static Routing To configure static routes specify the IP address and related information for the destination STEP 1 Click Networking Routing Basic Routing The Basic Routing page opens STEP 2 In the Static Routes area click Add to add a new static route STEP ...

Page 67: ...te a policy based routing rule STEP 3 Enter the following information Policy based Routing Rule Name Enter a unique name of the policy based routing rule for identification Interface Choose an interface for the policy based routing rule Source IP Address Enter the source IP address for outbound traffic Subnet Mask Enter the subnet mask of the source network Destination IP Address Enter the destina...

Page 68: ... the other routers The RV315W determines the network packets route based on the fewest number of hops between the source and the destination To configure dynamic routing STEP 1 Click Networking Routing RIP The RIP page opens STEP 2 In the RIP Basic Settings area enter the following information RIP Status Click Enable to enable RIP or click Disable to disable it By default RIP is disabled RIP Versi...

Page 69: ...uthentication STEP 4 If you choose Network for routing in the RIP Advertisement By area you can manually add RIP networks in the RIP Networks area Click Add to add a new RIP network STEP 5 Enter the IP address of the RIP network in the Network Address field STEP 6 Click Save to save your settings Viewing the Routing Table To open the Routing Table page click Networking Routing Routing Table The fo...

Page 70: ...etwork IGMP Snooping constrains IPv4 multicast traffic at Layer 2 by configuring Layer 2 LAN ports dynamically to forward IPv4 multicast traffic only to those ports that want to receive it To configure IGMP STEP 1 Click Networking IGMP The IGMP page opens STEP 2 Enter the following information IGMP Version Choose either IGMP v1 or IGMP v2 IGMP Proxy Click Enable to enable IGMP Proxy so that the RV...

Page 71: ...ure IPsec VPN that allows remote workers to access your network resources Refer to the following sections Viewing IPsec VPN Status Configuring IPsec VPN Policies Viewing IPsec VPN Status Use the IPsec VPN page to view the status of all IPsec VPN connections To view information for an IPsec VPN connection STEP 1 Click VPN IPsec VPN The IPsec VPN page opens The IPsec VPN Connections area displays th...

Page 72: ...d by the IPsec VPN policy Connection Status Shows whether the IPsec VPN tunnel is connected or disconnected STEP 2 Click Add to add an IPsec VPN policy or click Edit to edit the settings of an existing IPsec VPN policy See Configuring IPsec VPN Policies STEP 3 Click Delete to delete an existing IPsec VPN policy Configuring IPsec VPN Policies An IPsec VPN policy is used to establish a VPN connectio...

Page 73: ...tive automatically when the connection of the remote gateway fails Click Enable to enable this feature and enter the following information Primary Enter the IP address or hostname of the primary remote gateway Backup Enter the IP address or hostname of the secondary remote gateway Switch from backup to primary Click Enable to enable this feature or click Disable to disable it Enabling this feature...

Page 74: ...If you choose this option enter the IP address and subnet mask protected by the IPsec VPN Flow based If you choose this option enter the source IP address wildcard and destination IP address wildcard STEP 6 In the Advanced VPN Settings area specify advanced VPN settings of the IPsec VPN policy 1st Phase Enter the following information Exchange Mode Choose either Main Mode or Aggressive Mode The ma...

Page 75: ...able it If you enable PFS a DH exchange is performed for every phase 2 negotiation PFS is desired on the keying channel of the VPN connection SA Lifetime Enter the values for the time based SA lifetime and the flow based SA lifetime DPD Click Enable to enable Dead Peer Detection DPD or click Disable to disable it DPD is a method of detecting a dead Internet Key Exchange IKE peer This method uses I...

Page 76: ... Policy Name Enter a unique name for the IPsec VPN policy STEP 4 In the Gateway Information area specify the local and remote gateway settings VPN Failover Click Enable to enable the VPN Failover feature or click Disable to disable this feature Interface If VPN Failover is disabled on your RV315W choose a WAN interface that traffic passes through over the IPsec VPN tunnel Connection Type Choose PC...

Page 77: ...st Phase Enter the following information Exchange Mode Choose either Main Mode or Aggressive Mode The main mode has a higher priority than the aggressive mode Authentication Algorithm Specify the authentication algorithm for the VPN header There are two hash algorithms supported by the RV315W SHA1 and MD5 The default is SHA1 Encryption Algorithm Choose the algorithm used to negotiate the security ...

Page 78: ...nnection SA Lifetime Enter the values for the time based SA lifetime and the flow based SA lifetime DPD Click Enable to enable DPD or click Disable to disable it DPD is a method of detecting a dead IKE peer This method uses IPsec traffic patterns to minimize the number of messages required to confirm the availability of a peer DPD is used to reclaim the lost resources in case a peer is found dead ...

Page 79: ...EP 1 Click QoS Bandwidth Control The Bandwidth Control page opens STEP 2 Check Enable to limit the upstream bandwidth on the WAN interface STEP 3 Click Save to save your settings STEP 4 Click Edit to modify the rate limit settings for that WAN interface STEP 5 In the Rate Limit field enter the amount of maximum bandwidth in Kbps for upstream traffic allowed on the WAN interface The values range fr...

Page 80: ...trol Policies The Flow Control Policies page opens STEP 2 Click Add to create a new flow control policy The Flow Control Policy Settings page opens STEP 3 Enter the following information Policy Name Enter a unique name for the flow control policy Policy Type Choose one of the following options for flow control Destination Port Controls flow based on the specified destination port If you choose thi...

Page 81: ...oose this option enter the starting and ending IP addresses in the Start Address and End Address fields and choose a LAN interface from the LAN Interface drop down menu Application Queue Choose an interface queue to which this flow control policy applies Enable Tag Click Enable to prioritize network traffic or click Disable to disable this feature Tag Value Choose one of the following options to p...

Page 82: ...n Limits page opens STEP 2 Click Enable to limit the number of connection sessions or click Disable to disable this feature STEP 3 If you enable this feature enter the following information IP based Limit Limits the sessions based on IP address If you choose this option enter the maximum number of connection sessions allowed on each IP address and or the range of IP addresses Port based Limit Limi...

Page 83: ...wall settings STEP 1 Click Security Firewall The Firewall page opens STEP 2 In the Firewall area click Enable to enable the firewall feature recommended or click Disable to disable this feature STEP 3 In the Block Proxy area check to block proxy servers A proxy server or proxy allows computers to route the connections to other computers through the proxy thus circumventing certain firewall rules F...

Page 84: ...the site to be accessed properly Blocking cookies can cause many websites to not function properly STEP 7 In the Filter Port field enter the port number that is used for filtering HTTP traffic The firewall only monitors and controls the website visits through this HTTP port STEP 8 Click Save to save your settings Configuring DoS Protection Use the DoS Protection page to specify how to protect your...

Page 85: ...ttings STEP 1 Click Security Content Filtering The Content Filtering page opens STEP 2 Specify the type of filtering Blacklist Select this option to block HTTP access to websites in the blacklist and allow HTTP access for other websites Whitelist Select this option to allow HTTP access to websites in the whitelist and block HTTP access for other websites STEP 3 To add a content filtering rule ente...

Page 86: ...tions Blacklist Permits all traffic from LAN to WAN and only blocks traffic that matches the access control policies Whitelist Blocks all traffic from LAN to WAN and only permits traffic that matches the access control policies STEP 3 In the Access Control Policies area click Add to create a new access control policy The Access Control Policy Settings page opens STEP 4 Enter the following informat...

Page 87: ...Filtering MAC address filtering permits and blocks network access from specific devices through the use of MAC address list To configure MAC address filtering STEP 1 Click Security MAC Address Filtering The MAC Address Filtering page opens STEP 2 In the Filter Policy area choose one of the following filtering policies Deny Network Access The MAC addresses in the list are denied and all other MAC a...

Page 88: ...e this ensures that traffic from the specified IP address is not spoofed To prevent ARP attacks and configure the IP MAC binding settings STEP 1 Click Security ARP Attack Protection The ARP Attack Protection page opens STEP 2 Enter the following information ARP Attack Protection Click Enable to enable ARP Attack Protection or click Disable to disable this feature Enable Auto Learning Click Enable ...

Page 89: ...er the IP address that you want to bind with a MAC address MAC Address Enter the MAC address STEP 6 Click Save to save your settings Configuring ALG The RV315W can function as an Application Level Gateway ALG to allow certain NAT incompatible applications to operate properly through the RV315W To configure ALG STEP 1 Click Security Application Level Gateway The Application Level Gateway page opens...

Page 90: ...m diagnostics and logs system time settings and other settings Refer to the following sections Rebooting the RV315W Configuring Password Complexity Configuring User Accounts Restoring Factory Default Settings Managing System Configuration Upgrading the Firmware Using Diagnostic Utilities Configuring System Time Configuring TR 069 Settings Configuring SNMP Configuring Remote Management Log Manageme...

Page 91: ...The RV315W can enforce the minimum password complexity requirements for password changes Use the Password Complexity page to define the password complexity settings on the RV315W To define the minimum password complexity settings STEP 1 Click System Management Password Complexity The Password Complexity page opens STEP 2 In the Password Complexity Settings area click Enable to enable the password ...

Page 92: ... User Accounts Use the User Management page to manage the user accounts You can view information of the users on the RV315W change user s password and add or delete normal users Viewing User Information The RV315W predefines an administrative account cisco and a guest user guest The usernames of the system administrator cisco and the guest user guest cannot be modified but their passwords can be c...

Page 93: ...Management The User Management page opens STEP 2 In the Add Local User area enter the following information Username Enter the username for the user Password Enter the password for the user Passwords are case sensitive By default passwords should not contain dictionary words from any language or be the default password They should contain a mixture of uppercase and lowercase letters numbers and sy...

Page 94: ...P 1 Click System Management User Management The User Management page opens STEP 2 In the Local User List area check the corresponding user and click Delete STEP 3 Click OK to delete it from the local user database Restoring Factory Default Settings To restore the RV315W to the factory default settings you can press and hold the RESET button on the back panel for more than 5 seconds or perform the ...

Page 95: ...ou have previously made to the RV315W are lost Managing System Configuration This section describes how to work with the configuration You can perform the following tasks to maintain system configuration Back up the settings currently used on your RV315W Restore your settings from a saved configuration file Upload the configuration to an upper level Network Management System NMS To manage system c...

Page 96: ... website and upgrade your firmware to a newer version CAUTION During a firmware upgrade do NOT turn off the device shut down the PC remove the cable or interrupt the process in any way until the operation is complete This process should take several minutes including the reboot process Interrupting the upgrade process at specific points when the flash is being written to can corrupt the flash memo...

Page 97: ... connection STEP 3 In the Locate select the upgrade file area click Browse to locate and select the downloaded firmware image from your local PC STEP 4 Click Upgrade After the new firmware image is validated the new image is written to flash and the RV315W is automatically rebooted with the new firmware Using Diagnostic Utilities Use the following diagnostic utilities to access configuration of th...

Page 98: ...racing HTTP Get Use the HTTP Get page to query the URL information of a website STEP 1 Click System Management Diagnostic Utilities HTTP Get The HTTP Get page opens STEP 2 Enter the IP address or URL of the website STEP 3 Click Start DNS Query Use the DNS Query page to retrieve the IP address of any server on the Internet STEP 1 Click System Management Diagnostic Utilities DNS Query The DNS Query ...

Page 99: ...ton to automatically synchronize the date and time with the specified NTP servers and then enter the following information NTP Server 1 Enter the IP address or domain name of the primary NTP server NTP Server 2 Enter the IP address or domain name of the secondary NTP server STEP 4 Click Save to save your settings Configuring TR 069 Settings TR 069 is a DSL Forum specification for CPE WAN Managemen...

Page 100: ...s feature Send Interval Enter the interval in seconds to send the inform packets The default is 43200 seconds Request Connection Port Enter the port number used to request the connection to TR 069 Download Request Optional Specify the type of download request and then click Send to send the corresponding download request to the TR 069 server Firmware Request to download the firmware of the RV315W ...

Page 101: ...ou enable SNMP specify the SNMP version The RV315W provides support for network monitoring using SNMP Versions 1 2c and 3 By default SNMP v1 2 is selected System Contact Enter the name of the contact person for your RV315W System Name Enter the device name for easy identification of your RV315W System Location Enter the physical location of your RV315W Security Username Enter the name of the admin...

Page 102: ...er Host Enter the IP address or domain name of the remote host that is used to receive the SNMP traps STEP 3 Click Save to save your settings Configuring Remote Management You can access web based Configuration Utility from the LAN side by using the RV315W LAN IP address and HTTP or from the WAN side by using the RV315W WAN IP address and HTTPS HTTP over SSL or HTTP You can also remotely access th...

Page 103: ...lowed to access the RV315W remotely Only the trusted hosts can access the RV315W remotely by using HTTP or HTTPS from the WAN side To specify the trusted hosts STEP 1 Click System Management Remote Management Trusted Remote Hosts The Trusted Remote Hosts page opens STEP 2 Select the Any IP Address radio button to allow all hosts from the WAN side to access the RV315W remotely STEP 3 Or select the ...

Page 104: ...t the SSH client can connect to the RV315W Remote Support Password Enter the password to access the RV315W from SSH shell This password will be expired in one hour You need to set a new password again on this page if it expires Show Password Check to show the password in plaintext STEP 4 Click Save to save your settings STEP 5 Click Collect Device Status Information to collect system configuration...

Page 105: ...ystem Management Logs Log Settings STEP 2 In the Local Buffer Size field specify the size for the local log buffer The default is 200 Kilobytes STEP 3 To save logs to a USB storage device specify the following information in the USB area File Name Enter the name for the syslog file saved on the USB storage device Log Size Enter the maximum size for the syslog file saved on the USB storage device N...

Page 106: ... Save to save your settings Configuring Log Facilities Use the Log Facilities page to specify which system messages are logged based on the facility and determine where to save logs and whether to send logs to a specified email address on schedule NOTE Before you configure the log facilities make sure that you set the log settings on the Log Settings page See Configuring Log Settings for more info...

Page 107: ...ion For example If you choose Critical the events listed under the Critical Emergency and Alert categories are logged Local Check to save logs to the local syslog daemon USB Check to save logs to a USB storage device You must first insert a USB storage device in the USB port on the back panel of the RV315W Email Notification Check to send logs to the specified email address on schedule You must fi...

Page 108: ... STEP 3 Click Download All Logs to download all logs saved in the local syslog daemon for debugging purposes STEP 4 Click Clear Logs to clean up all logs saved in the local syslog daemon Configuring Firewall Logs Use the Firewall Logs page to log firewall events You can specify the severity level of firewall events to be logged To configure firewall logging settings STEP 1 Click System Management ...

Page 109: ...llbizsupport Cisco Small Business Support and Resources www cisco com go smallbizhelp Phone Support Contacts www cisco com go sbsc Cisco Small Business Firmware Downloads www cisco com go smallbizfirmware Select a link to download firmware for Cisco Small Business Products No login is required Cisco RV315W Technical Documentation www cisco com go rv315w Cisco Partner Central for Small Business Par...

Search results

Summary of Contents for Small Business RV315W

Reviews:

Related manuals for Small Business RV315W

Brands by name

Popular brands

Cisco Small Business RV315W, Administration Manual

Search results

Summary of Contents for Small Business RV315W

Reviews:

Related manuals for Small Business RV315W

Brands by name

Popular brands