manualshive.com logo in svg

Cisco CVR100W, Руководство администратора, Страница: 110 / 150

Поделиться
Скачать
Cisco CVR100W Скачать руководство пользователя страница 110

Configuring VPN

Configuring Advanced VPN Setup

Cisco CVR100W Wireless-N VPN Router Administration Guide

108

6

Policy Type

Choose one of the following options: 

Auto Policy: 

Some parameters for the VPN 

tunnel are generated automatically. This 
requires using the IKE (Internet Key Exchange) 
protocol to perform negotiations between the 
two VPN endpoints.

Manual Policy: 

All settings (including the keys) 

for the VPN tunnel are manually input for each 
endpoint. No third-party server or organization 
is involved.

Remote Endpoint

Select the type of identifier that you want to provide 
for the gateway at the remote endpoint: 

IP Address

 or 

FQDN

. Then enter the identifier in the space provided. 

Redundancy 
Endpoint

Check 

Enable

 to enable the redundancy gateway 

feature so that the CVR100W can connect to a backup 
VPN endpoint when the primary VPN connection fails. 

If you enable this feature, specify the IP address or 
FQDN of the remote redundancy endpoint or the router 
to which the CVR100W will connect when the primary 
VPN connection fails. 

Rollback enable

Check to switch to the primary VPN connection by 
disabling the backup VPN connection when the 
primary VPN connection has recovered from a failure. 

NOTE

DPD should be enabled if you want to use the 

Redundant Endpoint feature for IPsec VPN connection.

Local Traffic Selection

Local IP

Select the type of identifier that you want to provide 
for the local peer: 

Single: 

Limits the policy to one host. Enter the IP 

address of the local host that will be part of the 
VPN in 

IP Address

 field. 

Subnet:

 Allows an entire subnet to connect to 

the VPN. Enter your local network address in the 

IP Address

 field, and enter the subnet mask in 

the 

Subnet Mask

 field. 

Содержание CVR100W

Страница 1: ...Cisco Small Business CVR100W Wireless N VPN Router ADMINISTRATION GUIDE ...

Страница 2: ...Cisco and or its affiliates in the U S and other countries To view a list of Cisco trademarks go to this URL www cisco com go trademarks Third party trademarks mentioned are the property of their respective owners The use of the word partner does not imply a partnership relationship between Cisco and any other company 1110R ...

Страница 3: ...13 Installing the CVR100W 13 Placement Tips 13 Wall Mounting 14 Connecting the CVR100W 14 Getting Started with the Configuration 15 Changing the Default Administrative Password 16 Using the Connection Status Page 18 Using the Getting Started Page 19 Returning to the Connection Status Page 20 Changing Your Preferred Language 20 Viewing the Help Files 20 Verifying the Hardware Installation 20 Connec...

Страница 4: ...k 38 Configuring WAN Settings 38 Configuring Automatic Configuration DHCP 39 Configuring PPPoE 39 Configuring Static IP 40 Configuring Optional Settings 41 Cloning the MAC Address 42 Configuring LAN Settings 43 Configuring Basic LAN Settings 43 IPv4 43 Configuring DHCP 44 Configuring VLAN 45 Configuring Static DHCP 47 Configuring a DMZ Host 48 Configuring Routing 48 Configuring Operating Mode 48 C...

Страница 5: ...Configuring IPv6 to IPv4 Tunneling 61 Viewing IPv6 Tunnel Status 61 Configuring Router Advertisement 61 Configuring Advertisement Prefixes 63 Chapter 4 Configuring Wireless Network 65 Wireless Security 65 Wireless Security Tips 65 General Network Security Guidelines 67 CVR100W Wireless Networks 67 Configuring Basic Wireless Settings 68 Configuring Wireless Radio Settings 68 Configuring Wireless Ne...

Страница 6: ...iguring Internet Access Rules 94 Configuring Single Port Forwarding 95 Configuring Port Range Forwarding 96 Configuring Port Range Triggering 97 Chapter 6 Configuring VPN 98 VPN Tunnel Types 98 Remote Access with Cisco QuickVPN 98 Site to Site VPN 99 Configuring VPN Clients 99 Creating and Managing QuickVPN Users 99 Importing VPN Client Settings 100 Configuring Basic VPN Setup 101 Viewing Default ...

Страница 7: ...S Port Based Settings 116 Configuring CoS Settings 117 Configuring DSCP Settings 117 Chapter 8 Administering Your CVR100W 119 Configuring Password Complexity 120 Configuring Administrator Account Settings 121 Configuring Remote Management 122 Configuring Port Management 123 Configuring Do Not Disturb Mode 124 Configuring System Time 124 Configuring Bonjour 125 Using Diagnostic Tools 126 Network To...

Страница 8: ...ctory Defaults 132 Running the Setup Wizard 133 Chapter 9 Using Cisco Simple Connect 136 About Cisco Simple Connect 136 Configuring Cisco Simple Connect 138 Connecting to CSC Wireless Network 140 Customizing Your QR Code 141 Appendix A Using Cisco QuickVPN 143 Before You Begin 143 Installing the Cisco QuickVPN Software 144 Using the Cisco QuickVPN Software 144 Appendix B Where to Go From Here 148 ...

Страница 9: ...Changing the Default Administrative Password Using the Connection Status Page Using the Getting Started Page Verifying the Hardware Installation Connecting to Your Wireless Network Product Overview Thank you for choosing the Cisco CVR100W Wireless N VPN Router The CVR100W provides simple affordable secure business class connectivity to the Internet for small office home office SOHO and remote prof...

Страница 10: ...R100W incorporates a Stateful Packet Inspection SPI based firewall with Denial of Service DoS protection URL filtering and access control by schedule to help keep business assets safe Up to three client to gateway VPN tunnels can be established by using QuickVPN to allow mobile or remote workers to securely access your corporate resources through encrypted virtual links Users connecting through a ...

Страница 11: ...i Fi Multimedia Power Save WMM PS for quality of service QoS The CVR100W also supports 802 1p Differentiated Services Code Point DSCP and class of service CoS for wired QoS which can improve the quality of your network when using delay sensitive Voice over IP VoIP applications and bandwidth intensive video streaming applications Virtual Networks The CVR100W supports multiple Service Set Identifier...

Страница 12: ... Button This button turns on or turns off all lights This button does not affect the normal operation of the CVR100W When this button is on all lights on the front panel are off and the Do Not Disturb Mode light on the back panel is solid green When this button is off all lights on the front panel are on and the Do Not Disturb Mode light on the back panel is off WPS Button This button configures w...

Страница 13: ...ff when the WPS connection is configured or there is no WPS connection Wireless Solid blue when the wireless module is enabled with 100 Wi Fi power Solid amber when the wireless module is enabled with 50 Wi Fi power Flashes blue when the CVR100W is sending or receiving data on the wireless module Off when the wireless module is disabled WAN Solid blue when the CVR100W is connected to the Internet ...

Страница 14: ...e to Factory Defaults If you are experiencing extreme problems with the CVR100W and have tried all other troubleshooting measures press and hold in the RESET button for more than five seconds This reboots the unit and restores the factory defaults The settings that you have previously made to the CVR100W are lost 12VDC The 12VDC port is where you connect the supplied power adapter 12V 0 5 A Power ...

Страница 15: ... the CVR100W You can place your CVR100W on a desktop or mount it on a wall Placement Tips Ambient Temperature To prevent the CVR100W from overheating do not operate it in an area that exceeds an ambient temperature of 104 F 40 C Air Flow Be sure that there is adequate air flow around the CVR100W Mechanical Loading Be sure that the CVR100W is level and stable to avoid any hazardous conditions Place...

Страница 16: ...product label at the bottom of the CVR100W See Connecting to Your Wireless Network for more information STEP 1 Power off all equipment including the cable or DSL modem the PC that you will use to connect to the CVR100W and the CVR100W itself STEP 2 Connect the supplied power adapter to the 12VDC port on the back panel of the CVR100W Plug the other end of the power adapter into an electrical outlet...

Страница 17: ...sample configuration is illustrated here Getting Started with the Configuration The Setup Wizard and web based Configuration Utility are supported on Microsoft Internet Explorer 6 0 or later Mozilla Firefox 3 0 or later Apple Safari 3 0 or later and Google Chrome 5 0 or later To log in to web based Configuration Utility and complete the initial configuration by using the Setup Wizard STEP 1 Start ...

Страница 18: ... recommended Passwords should not contain dictionary words from any language or be the default password They should contain a mixture of uppercase and lowercase letters numbers and symbols Passwords must be at least 8 but no more than 64 characters in length After the Setup Wizard is complete the Connection Status page appears See Using the Connection Status Page for more information Changing the ...

Страница 19: ...ount Settings To enter a new password in the Change Password window STEP 1 Enter the following information Old Password Enter the current password New Password Enter a new password Confirm Password Enter the new password again for confirmation Password Strength Meter Displays the strength of the password that you entered Red Password fails to meet the minimum complexity requirements Yellow Passwor...

Страница 20: ...ws whether the WAN port obtains an IP address successfully or not If the WAN port is connected to the Internet the network addressing mode that you use to connect to the Internet will be displayed IP IP address of the WAN port that is accessible from the Internet Mask Subnet mask for the WAN port Gateway Default gateway for the WAN port DNS IP addresses for the primary DNS server and the secondary...

Страница 21: ...nge the administrator username and password See Configuring Administrator Account Settings Launch Setup Wizard Click this link to launch the Setup Wizard Configure WAN Settings Click this link to open the Networking WAN Internet Setup page See Configuring WAN Settings Configure LAN Settings Click this link to open the Networking LAN LAN Configuration page See Configuring LAN Settings Configure Wir...

Страница 22: ...n about a configuration page click the Help link near the top right corner of the page Verifying the Hardware Installation To verify the hardware installation complete the following tasks Check the light states They are described in Getting to Know the CVR100W Device Status System Summary Click this link to open the Status System Summary page See Viewing System Summary Wireless Status Click this l...

Страница 23: ... shared key are provided on the product label at the bottom of the CVR100W The following steps are provided as an example you may need to configure your device differently For instructions that are specific to your device consult its documentation STEP 1 Open the wireless connection settings window or program for your device Your computer may have special software installed to manage wireless conn...

Страница 24: ...ng Connected Devices Viewing DHCP Leased Clients Viewing Port Statistics Viewing Wireless Statistics Viewing Guest Network Status Viewing VPN Status Viewing Logs Viewing IPsec Connection Status Viewing CSC Information Viewing NETSTAT Information Viewing the Dashboard The Dashboard page displays information about the CVR100W and its current settings To view the Dashboard STEP 1 Choose Status Dashbo...

Страница 25: ...eet click Close The port s connection information includes The Dashboard page displays the following information Summary Type Type of the port Interface Shows if it is a WAN or a LAN interface Link Status Shows if the port is connected or disconnected Speed Status Speed and duplex settings of the port Auto Negotiation Shows if the Auto Negotiation is enabled or disabled on this port Statistics TX ...

Страница 26: ...y Alert Critical Error Warning To view complete logs click details See Viewing Logs for more information To configure the logging settings click manage logging See Configuring Logging for more information LAN Local Network Interface To view complete LAN settings click details See Configuring LAN Settings for more information MAC Address MAC address of the CVR100W IPv4 Address Local IPv4 address of...

Страница 27: ...AN port IPv4 Address IPv4 address of the WAN port IPv6 Address IPv6 address of the WAN port if IPv6 is enabled State Shows if the WAN port is active or inactive for routing If the WAN port is active for routing the WAN state shows Up If the WAN port is inactive for routing the WAN state shows Down NOTE The state Down means that the network detection fails Wireless Displays the status of all four p...

Страница 28: ...CVR100W WAN IP WAN address of the CVR100W When the WAN port is configured to obtain an IP address from your ISP using Dynamic Host Configuration Protocol DHCP you can click Release to release its IP address or click Renew to obtain a new IP address Gateway IP address of default network gateway Mode Displays Gateway if NAT is enabled or Router DNS 1 Primary DNS server IP address of the WAN port DNS...

Страница 29: ...tatus Connected Devices STEP 2 To specify the types of interfaces to display choose an option from the View according to interface type drop down menu You can choose one of the following options DNS 1 IP address of the primary DNS server Wireless Summary SSIDx Name of the wireless network Security Security setting for the wireless network Firewall Setting Status DoS Denial of Service Shows if DoS ...

Страница 30: ...reless Displays a list of all wireless devices connected to the CVR100W Wired Displays a list of all devices connected through the Ethernet ports on the CVR100W WDS Displays a list of all Wireless Distribution System WDS devices connected to the CVR100W Name Name of the device connected to the CVR100W IP Address IP address of the connected device MAC Address MAC address of the connected device Typ...

Страница 31: ...m To show the bytes in kilobytes KB and the numerical data in round up form check Show Simplified Statistic Data and click Save STEP 4 To reset the port statistics counters click Clear Counters The Port Statistics table displays the data transfer statistics for the WAN LAN and WLAN ports IP Address IP Address of the connected device MAC Address MAC Address of the connected device Static DHCP Bindi...

Страница 32: ...tic Data and click Save STEP 4 To reset the wireless statistics counters click Clear Counters The Wireless Statistics table displays the following information Dropped Number of the received and sent packets that were dropped Multicast Number of multicast packets sent over this radio Collisions Number of signal collisions that occurred on this port A collision occurs when the port tries to send dat...

Страница 33: ...mit You can also manually terminate the guest connection at any time To view guest network status STEP 1 Choose Status Guest Network Status The Guest Network Status table displays the following information Error Number of received and sent packet errors for each SSID and total number of received and sent packet errors for all SSIDs Dropped Number of received and sent packets dropped by each SSID a...

Страница 34: ... Shows if the device is connected to the Internet using the CVR100W Username Username of the VPN user associated with the QuickVPN tunnel Remote IP IP address of the remote QuickVPN client This could be a NAT Public IP if the client is behind the NAT router Status Current status of QuickVPN client OFFLINE means that the QuickVPN tunnel is not initiated or established by the VPN user ONLINE means t...

Страница 35: ...t them For example choosing Error logs automatically includes emergency alert and critical logs in addition to Error logs The event severity levels are listed from the highest severity to the lowest severity as follows The System Log table displays the following information Emergency System is not usable Alert Action is needed Critical System is in a critical condition Error System is in error con...

Страница 36: ...ction status STEP 1 Choose Status IPSec Connection Status STEP 2 From the Refresh Rate drop down menu choose a refresh rate This action causes the page to reread the status and statistics from the CVR100W and refresh the page STEP 3 Optional By default byte data is displayed in bytes and other numerical data is displayed in long form To show the bytes in kilobytes KB and the numerical data in roun...

Страница 37: ... Status CSC Information The following information for each CSC wireless client is displayed STEP 2 Click Disconnect to manually terminate a CSC wireless connection Duration Elapsed time for which the connection is or was active Packet Received Rx and transmitted Tx packets on the connection Byte Received Rx and transmitted Tx bytes on the connection State State of the connection for example active...

Страница 38: ...tails for active Internet connections click Status NETSTAT The following information is displayed Proto The protocol TCP UDP or raw used by the socket Recv Q The count of bytes not copied by the user program connected to this socket Send Q The count of bytes not acknowledged by the remote host Local Address Address and port number of the local end of the socket Foreign Address Address and port num...

Страница 39: ... is closed and the connection is shutting down FIN_WAIT2 The connection is closed and the socket is waiting for a shutdown from the remote end TIME_WAIT The socket is waiting after close to handle packets still in the network CLOSED The socket is not being used CLOSE_WAIT The remote end has shut down waiting for the socket to close LAST_ACK The remote end has shut down and the socket is closed Wai...

Страница 40: ...s Configuring WAN properties for an IPv4 network differs depending on which type of Internet connection that you have The Internet Setup page allows you to configure how to connect the WAN interface to the Internet The CVR100W supports four types of Internet connections Configuring Automatic Configuration DHCP Configuring PPPoE Configuring Static IP Configuring Optional Settings Sometimes you may ...

Страница 41: ...e Configuring PPPoE To configure the PPPoE settings STEP 1 Choose Networking WAN Internet Setup STEP 2 From the Internet Connection Type drop down menu choose PPPoE STEP 3 In the PPPoE Settings area enter the following information you may need to contact your ISP to obtain your PPPoE login information Username Enter your username assigned to you by the ISP Password Enter your password assigned to ...

Страница 42: ...his option the Internet connection is always on If you click Keep Alive enter the number of seconds that the CVR100W attempts to reconnect after it is disconnected in the Redial period field Authentication Type Choose the authentication type Auto Negotiation The server sends a configuration request specifying the security algorithm set on it Then the CVR100W sends back authentication credentials w...

Страница 43: ... Gateway Enter the IP address of the default gateway Static DNS 1 Enter the IP address of the primary DNS server Static DNS 2 Enter the IP address of the secondary DNS server Host Name Enter the host name of the CVR100W Domain Name Enter the domain name for your network MTU The Maximum Transmit Unit MTU is the size of the largest packet that can be sent over the network The standard MTU value for ...

Страница 44: ... cable modem or DSL modem the MAC address from the CVR100W s WAN port is not recognized by the ISP In this case to configure your CVR100W to be recognized by the ISP clone the MAC address of the WAN port to be the same as your computer s MAC address To configure a MAC address clone STEP 1 Choose Networking WAN MAC Address Clone STEP 2 In the MAC Address Clone field check Enable to enable MAC addre...

Страница 45: ...ave After the CVR100W s LAN IP address is changed your PC is no longer connected to the CVR100W STEP 4 To reconnect your PC to the CVR100W do one of the following If DHCP is configured on the CVR100W release and renew your PC s IP address Manually assign an IP address to your PC The address must be on the same subnet as the CVR100W For example if you change the CVR100W s IP address to 10 0 0 1 ass...

Страница 46: ...168 1 100 to 192 168 1 149 If you need to set any host with a static IP address use an IP address from the 192 168 1 2 to 192 168 1 99 IP address pool This prevents conflicts with the default IP address pool To configure the DHCP settings STEP 1 Choose Networking LAN LAN Configuration STEP 2 Optional Select the VLAN that you want to edit from the drop down menu STEP 3 In the DHCP Server field sele...

Страница 47: ...N Configuration STEP 2 Click Add Row STEP 3 Enter the following information Starting IP Address Enter the first address in the IP address pool Any new DHCP client joining the LAN is assigned an IP address in this range the ending IP address in the pool is determined by the value that you enter in the Maximum Number of DHCP Users field Maximum Number of DHCP Users Enter the maximum number of DHCP c...

Страница 48: ...LAN ID 2 is reserved cannot be used VLAN ID 3 is reserved for the guest network Description Enter a description to identify the VLAN Port 1 You can associate VLANs on the CVR100W to the LAN ports on the device By default all 4 ports belong to VLAN1 You can edit these ports to associate them with other VLANs Choose the outgoing frame type for each port Untagged The port is an untagged member of the...

Страница 49: ...ave to apply your changes Description Enter a description of the client IP Address Enter the IP address of the device The assigned IP address should be outside the pool of the DHCP addresses configured The DHCP pool is treated as a generic pool and all reserved IPs should be outside this pool Static DHCP assignment means that the DHCP server assigns the same IP to the defined MAC address every tim...

Страница 50: ...tack on any of the DMZ nodes the LAN is not necessarily vulnerable You must configure a fixed static IP address for the endpoint that you designate as the DMZ host You should assign the DMZ host an IP address in the same subnet as the CVR100W s LAN IP address but it cannot be identical to the IP address given to the LAN interface of this gateway To configure DMZ STEP 1 Choose Networking LAN DMZ Ho...

Страница 51: ...r routers The router determines the network packets route based on the fewest number of hops between the source and the destination NOTE RIP is disabled by default on the CVR100W To configure dynamic routing STEP 1 Choose Networking Routing STEP 2 In the Dynamic Routing area configure the following settings Gateway Recommended Click this radio button to set the CVR100W to act as a gateway Keep thi...

Страница 52: ...cols Static routes can be used together with dynamic routes CAUTION Be careful not to introduce routing loops in your network To configure static routing STEP 1 Choose Networking Routing STEP 2 In the Static Routing area choose a route entry from the Route Entries drop down menu To delete the route entry click Delete This Entry STEP 3 Configure the following settings for the selected route entry R...

Страница 53: ...ng information on your network click Show IPv4 Routing Table in the Routing Table area STEP 3 To view the IPv6 routing information on your network click Show IPv6 Routing Table in the Routing Table area Enter Route Name Enter the name of the route Destination LAN IP Enter the IP address of the destination LAN Subnet Mask Enter the subnet mask of the destination network Gateway Enter the IP address...

Страница 54: ...he DDNS Service drop down menu choose Disable to disable this service or choose the DDNS service to use STEP 3 If you do not have a DDNS account click the URL of the service to visit the selected DDNS service s website so that you can create an account STEP 4 Configure the following information Destination LAN IP IPv4 IP address of the destination LAN Subnet Mask IPv4 Subnet mask of the destinatio...

Страница 55: ...22 org Enter the host name of the DDNS server Internet IP Address 3322 org Internet IP address of the CVR100W Status 3322 org Displays the status if the DDNS update has completed successfully or if the account update information sent to the DDNS server failed Domain Name oray org Displays the domain name of the account User Level oray org Displays the user level of the account Status oray org Disp...

Страница 56: ... Save Configuring IPv6 Configuring IPv6 WAN Settings Configuring WAN properties for an IPv6 network depends on the type of internet connection that you have You can configure the CVR100W to be a DHCPv6 client of the ISP for this WAN or to use a static IPv6 address provided by the ISP Setting the IP Mode To configure IPv6 WAN settings on your CVR100W you must first set the IP mode to LAN IPv6 WAN I...

Страница 57: ...IPv6 address STEP 1 Choose Networking IPv6 Configuration IPv6 WAN Configuration STEP 2 In the WAN Connection Type field click the Static IPv6 radio button STEP 3 In the Static IP Address area enter the following information IPv6 Address Enter the IPv6 address of the WAN port IPv6 Prefix Length Enter the IPv6 prefix length defined by the ISP The IPv6 network subnet is identified by the initial bits...

Страница 58: ...WAN IPv4 LAN IPv6 WAN IPv6 LAN IPv4 IPv6 WAN IPv4 LAN IPv4 IPv6 WAN IPv4 IPv6 See Configuring IP Mode for more information Configuring IPv6 LAN Settings To configure IPv6 LAN settings STEP 1 Choose Networking IPv6 Configuration IPv6 LAN Configuration STEP 2 In the IPv6 area enter the following information to configure the IPv6 LAN address Static DNS 1 Enter the IP address of the primary DNS server...

Страница 59: ...its for their IPv6 address you set the number of common initial bits in the network s addresses in this field DHCP Status Check to enable the DHCPv6 server If enabled the CVR100W assigns an IP address within the specified range plus additional specified information to any LAN endpoint that requests DHCP served addresses Domain Name Enter the domain name of the DHCPv6 server Server Preference Enter...

Страница 60: ...e Networking IPv6 Configuration IPv6 LAN Configuration STEP 2 In the IPv6 Address Pools table click Add Row STEP 3 Enter the following information STEP 4 Click Save STEP 5 To edit the settings of a pool select the pool and click Edit To delete a selected pool click Delete Click Save to apply your changes Client Lease Time Enter the client lease time Enter the duration for which IPv6 addresses are ...

Страница 61: ...er with dynamic routes Be careful not to introduce routing loops in your network To create an IPv6 static route STEP 1 Choose Networking IPv6 Configuration IPv6 Static Routing STEP 2 In the IPv6 Static Routing table click Add Row STEP 3 Enter the following information Name Enter the route s name Destination Enter the IPv6 address of the destination host or net work for this route Prefix Length Ent...

Страница 62: ... is greater than or equal to 16 the destination network or host is unreachable By default the routing update is sent every 30 seconds If the router receives no routing updates from a neighbor after 180 seconds the routes learned from the neighbor are considered as unreachable After another 240 seconds if no routing update is received the router removes these routes from the routing table On the CV...

Страница 63: ...el status STEP 1 Choose Networking IPv6 Configuration IPv6 Tunnels Status This page displays information about the automatic tunnel set up through the dedicated WAN interface The table shows the name of tunnel and the IPv6 address that is created on the device STEP 2 Click Refresh to refresh the data on this page Configuring Router Advertisement The Router Advertisement Daemon RADVD on the CVR100W...

Страница 64: ... the Minimum Router Advertisement Interval MinRtrAdvInterval and Maximum Router Advertisement Interval MaxRtrAdvInterval MinRtrAdvInterval 0 33 MaxRtrAdvInterval RA Flags Check Managed to use the administered stateful protocol for address auto configuration Check Other to use the administered stateful protocol of other non address information auto configuration Router Preference Choose low medium ...

Страница 65: ...TU is not well known Router Life Time Enter the router lifetime value or the time in seconds that the advertisement messages exists on the route The default is 3600 seconds IPv6 Prefix Type Choose one of the following types 6to4 6to4 is a system that allows IPv6 packets to be transmitted over an IPv4 network It is used when an end user wants to connect to the IPv6 Internet using their existing IPv...

Страница 66: ...ecifies the IPv6 network address IPv6 Prefix Length If you choose Global Local as the IPv6 prefix type enter the prefix length The prefix length variable is a decimal value that indicates the number of contiguous higher order bits of the address that make up the net work portion of the address Prefix Lifetime Enter the prefix lifetime or the length of time over which the requesting router is allow...

Страница 67: ...ll so small businesses and homes with high speed Internet access are adopting them at a rapid pace Because wireless networking operates by sending information over radio waves it can be more vulnerable to intruders than a traditional wired network Wireless Security Tips You cannot physically prevent someone from connecting to your wireless network but you can take the following steps to keep your ...

Страница 68: ...ability to enable MAC address filtering The MAC address is a unique series of numbers and letters assigned to every networking device With MAC address filtering enabled wireless network access is provided solely for wireless devices with specific MAC addresses For example you can specify the MAC address of each computer in your network so that only those computers can access your wireless network ...

Страница 69: ...following precautions Password protect all computers on the network and individually password protect sensitive files Change passwords on a regular basis Install anti virus software and personal firewall software Disable file sharing peer to peer to prevent applications from using file sharing without your consent CVR100W Wireless Networks The CVR100W provides four virtual wireless networks or fou...

Страница 70: ...3 In the Wi Fi Power field select the Wi Fi power on your network STEP 4 In the Wireless Network Mode field choose one of these options from the drop down menu SSID Isolation Disabled Disabled Disabled Enabled WMM Enabled Enabled Enabled Enabled WPS Hardware Button Enabled Disabled Disabled Disabled SSID Name cisco xxxx cisco SSID2 cisco SSID3 cisco guest B G N Mixed Choose this option if you have...

Страница 71: ...STEP 8 Optional In the U APSD WMM Power Save field check Enable to enable the Unscheduled Automatic Power Save Delivery U APSD feature also referred to as WMM Power Save that allows the radio to conserve power U APSD is a power saving scheme optimized for real time applications such as VoIP transferring full duplex data over WLAN By classifying outgoing IP traffic as Voice data these types of appl...

Страница 72: ...AC Filter Read Only Displays whether MAC Filter is enabled or disabled Refer to the Configuring MAC Address Filtering section to enable or disable this feature on the SSID CSC Only applicable for SSID1 SSID2 and SSID3 Check to set this SSID as the Cisco Simple Connect CSC wireless access point Refer to the Configuring Cisco Simple Connect section for more information about the Cisco Simple Connect...

Страница 73: ...standard was being prepared WPA Personal supports Temporal Key Integrity Protocol TKIP and Advanced Encryption Standard AES encryption WPA2 Personal Recommended WPA2 is the implementation of the security standard specified in the final 802 11i standard WPA2 supports AES encryption and this option uses Pre shared Key PSK for authentication WPA2 Personal Mixed Allows both WPA and WPA2 clients to con...

Страница 74: ...em or Shared Key if your network administrator recommends this setting If you are unsure select the default option Open System In both cases the wireless client must provide the correct shared key password to access the wireless network Encryption Choose the encryption type 10 64 bit 10 hex digits Provides a 40 bit key 26 128 bit 26 hex digits Provides a 104 bit key which offers stronger encryptio...

Страница 75: ... to 63 ASCII characters or 64 hexadecimal digits Show Password Check to show the password in plaintext Key Renewal Enter the duration of time 600 to 7200 seconds between key renewals The default value is 3600 WPA Enterprise WPA2 Enterprise or WPA2 Enterprise Mixed Encryption For WPA Enterprise choose one of the following options TKIP AES Choose TKIP AES to ensure compatibility with older wireless ...

Страница 76: ...C Filtering page opens STEP 3 In the Wireless MAC Filtering field check Enable to enable MAC address filtering for this SSID STEP 4 In the Connection Control field choose the type of access to the wireless network Prevent Select this option to prevent devices with the MAC addresses listed in the MAC Address Table from accessing the wireless network This option is selected by default Permit Select ...

Страница 77: ...Start Time and Stop Time fields specify the time of day period when access to the network is allowed STEP 5 Click Save STEP 6 Click Back to go back to the Basic Settings page Configuring Guest Net The SSID4 default name cisco guest is used for guest access The guests can access the Internet through this SSID and the internal network security would not be affected To configure the Guest Net setting...

Страница 78: ...s access point can only access the Internet through the CVR100W When configuring Cisco Simple Connect note the following Only SSID1 SSID2 or SSID3 can be set as the CSC wireless access point Enabling Cisco Simple Connect on a SSID does not affect the normal operation of other SSIDs SSID1 must be set as the CSC wireless access point when WDS is enabled on the CVR100W The VLAN to which the CSC wirel...

Страница 79: ... enable Cisco Simple Connect for the first time Generally you can enter the SSID name that is provided on your CSC Simple card in this field If you want to customize the name of the CSC wireless access point enter a new SSID name in this field NOTE When you customize a new name of the CSC wireless access point you are asked to regenerate and print the QR code of the CSC card See Customizing Your Q...

Страница 80: ...work Settings for more information STEP 7 Click Save STEP 8 Click Edit CSC to limit the time to access the Internet for all associated CSC wireless clients STEP 9 Enter the following information STEP 10 Click Save See Connecting to CSC Wireless Network for more information about how to connect to the CSC wireless network and get the authority to access the Internet SSID Name Displays the current n...

Страница 81: ...Choose Wireless Advanced Settings The Advanced Settings page appears STEP 2 Configure these settings Frame Burst Check Enable to enable this feature to provide your wireless networks with greater performance depending on the manufacturer of your wireless products If you are not sure how to use this option keep the default enabled WMM No Acknowledgement Check Enable to enable this feature Enabling ...

Страница 82: ...5 5 Mbps 11 Mbps 18 Mbps 24 Mbps and so on In addition to B and G speeds the CVR100W supports N speeds Other options are 1 2 Mbps for use with older wireless technology and All when the CVR100W can transmit at all wireless rates The Basic Rate is not the actual rate of data transmission If you want to specify the CVR100W s rate of data transmission configure the Transmission Rate setting Transmiss...

Страница 83: ...nsmit to the CVR100W in an environment with heavy 802 11b traffic This function boosts the CVR100W s ability to catch all Wireless N and Wireless G transmissions but will severely decrease performance The default is Auto Beacon Interval The Beacon Interval value indicates the frequency interval of the beacon A beacon is a packet broadcast by the CVR100W to synchronize the wireless network Enter a ...

Страница 84: ...mum size for a packet before data is fragmented into multiple packets If you experience a high packet error rate you may slightly increase the Fragmentation Threshold Setting the Fragmentation Threshold too low may result in poor network performance Only minor reduction of the default value is recommended In most cases it should remain at its default value of 2346 RTS Threshold If you encounter in...

Страница 85: ...he entries in the table In the Available Networks Table select up to three access points to use as repeaters To add the MAC addresses of the selected access points to the MAC fields below the table click Connect STEP 6 Click Save Configuring WPS You can configure WPS on the CVR100W to allow WPS enabled devices to more easily connect to the wireless network To enable WPS on your CVR100W STEP 1 Choo...

Страница 86: ...d in item 3 on the WPS page After you configure WPS the following information appears at the bottom of the WPS page Wi Fi Protected Setup Status Network Name SSID and Security The status of the WPS light on the front panel provides information about the WPS operation WPS Successfully Started WPS light turns on for 120 seconds WPS During Startup WPS light flashes 0 5 Hz for 30 seconds WPS Errors Oc...

Страница 87: ...figuring Port Range Triggering CVR100W Firewall Features Access Rules You can secure your network by creating and applying rules that the CVR100W uses to selectively block and allow inbound and outbound Internet traffic You then specify how and to what devices the rules apply To do so you must define the following Services or traffic types examples web browsing VoIP other standard services and als...

Страница 88: ... access specific local resources By default all access from the insecure WAN side is blocked from accessing the secure LAN except in response to requests from the LAN To allow outside devices to access services on the secure LAN you must create a firewall rule for each service If you want to allow incoming traffic you must make the CVR100W s WAN port IP address known to the public This is called e...

Страница 89: ...unction properly The CVR100W must send all incoming data for that application only on the required port or range of ports The CVR100W has a list of common applications and games with corresponding outbound and inbound ports to open You can also specify a port forwarding rule by defining the type of traffic TCP or UDP and the range of incoming and outgoing ports to open when enabled Configuring Bas...

Страница 90: ...n web pages that enable dynamic functionality of the page A malicious applet can be used to compromise or infect computers Enabling this setting blocks Java applets from being downloaded Click Auto to automatically block Java or click Manual Port and enter a specific port on which to block Java Block Cookies Check to block cookies Cookies are used to store session information by websites that usua...

Страница 91: ...s ActiveX control can be used to compromise or infect computers Enabling this setting blocks ActiveX applets from being downloaded Click Auto to automatically block ActiveX or click Manual Port and enter a specific port on which to block ActiveX Block Proxy Check to block proxy servers A proxy server or proxy allows computers to route connections to other computers through the proxy thus circumven...

Страница 92: ... STEP 8 To edit an entry select the entry and click Edit Make your changes then click Save Configuring Service Management When you create a firewall rule you can specify a service that is controlled by the rule Common types of services are available for selection and you can create your own custom services The Service Management page allows you to create custom services against which firewall rule...

Страница 93: ...ol Default Access Control Policy You can configure the default access control policy for the traffic that is directed from the secure network LAN to the non secure network dedicated WAN optional To configure the default access control policy STEP 1 Choose Firewall Access Control Default Access Control Policy STEP 2 Choose Allow or Deny STEP 3 Click Save Configuring Access Rules All configured acce...

Страница 94: ... down menu choose the schedule to apply this rule Optional Click Configure Schedules to go to the Schedule Management page to configure the services before applying access rules to them STEP 6 From the Services drop down menu choose the service to allow or block for this rule Choose All Traffic to allow the rule to apply to all applications and services or choose a single application to block Doma...

Страница 95: ... The rule applies to traffic originating on a single IP address in the local network Enter the address in the Start IP field Address Range The rule applies to traffic originating from an IP address located in a range of addresses Enter the starting IP address in the Start IP field and the ending IP address in the Finish field STEP 9 In the Log field specify whether the packets for this rule should...

Страница 96: ...nable to enable the Internet access rule STEP 4 In the Enter Policy Name filed enter a policy name for identification and management purposes STEP 5 From the Action drop down menu choose the type of access restriction that you need Block All Block all Internet traffic Block URL Block Internet traffic to specified Internet sites Block All by Schedule Blocks all types of traffic according to a sched...

Страница 97: ...wn menu choose how to block a website by specifying the URL or by specifying a keyword that appears in the URL In the Value field enter the URL or keyword used to block the website For example to block the example com URL choose URL Address from the drop down menu and enter example com in the Value field To block a URL that has the keyword example in the URL choose Keyword from the drop down menu ...

Страница 98: ...le STEP 8 Click Save Configuring Port Range Forwarding To add a port range forwarding rule STEP 1 Choose Firewall Port Range Forwarding STEP 2 In the Service Name field enter the name of the service to configure port forwarding STEP 3 In the Start Port field specify the port number that begins the range of ports to forward STEP 4 In the End Port field specify the port number that ends the range of...

Страница 99: ...wall rules because a rule does not have to reference a specific LAN IP or IP range Ports are also not left open when not in use thereby providing a level of security that port forwarding does not offer To add a port triggering rule STEP 1 Choose Firewall Port Range Triggering STEP 2 In the Service Name field enter the name of the service to configure port triggering for STEP 3 In the Triggered Ran...

Страница 100: ... a gateway router You can create different types of VPN tunnels depending on the needs of your business Remote Access with Cisco QuickVPN For quick setup with basic VPN security settings distribute the Cisco QuickVPN software to your users who can then securely access your network resources Use this option if you want to simplify the VPN setup process You do not have to configure VPN policies Remo...

Страница 101: ...information on configuring site to site VPN Configuring VPN Clients This section describes how to create and manage the QuickVPN users Creating and Managing QuickVPN Users To create QuickVPN users STEP 1 Choose VPN VPN Clients STEP 2 In the VPN Client Settings table click Add Row STEP 3 Enter the following information STEP 4 Click Save STEP 5 To edit the settings of a QuickVPN user check the relat...

Страница 102: ...nt settings The file should contain one row for the headings and one or more rows for the VPN clients For example the following specifies the settings of two users to import CAUTION Importing VPN client settings deletes the existing settings To import VPN client settings STEP 1 Choose VPN VPN Clients STEP 2 Click Browse to locate a CSV file containing the VPN client settings STEP 3 Click Import to...

Страница 103: ... that supports ten site to site VPN tunnels and have a CVR100W at each remote site to provide secure connectivity Viewing Default VPN Settings The basic VPN setup sets most parameters to defaults as proposed by the VPN Consortium VPNC and assumes a pre shared key which greatly simplifies the setup To view the default VPN settings on your CVR100W STEP 1 Choose VPN Basic VPN Setup STEP 2 Click View ...

Страница 104: ...tegrity Algorithm SHA 1 SA Lifetime 1 Hours PFS Key Group DH Group 2 1024 bit Policy Name and Remote IP Type Policy Name Enter a unique name for the VPN policy The VPN policy name cannot be same as the username of an existing VPN client Pre Shared Key Enter the pre shared key or password that will be exchanged between the two routers It must be between 8 and 49 characters Endpoint Information Remo...

Страница 105: ...at the remote redundancy endpoint or the router to which the CVR100W will connect is identified by IP address or FQDN Redundancy WAN Internet IP Address Enter the public IP address or domain name of the remote redundancy endpoint Local WAN Internet IP Address Enter the public IP address or domain name of the local endpoint CVR100W Secure Connection Remote Accessibility Remote LAN Local Network IP ...

Страница 106: ... To configure NAT Traversal and NetBIOS on your CVR100W STEP 1 Choose VPN Advanced VPN Setup STEP 2 Enter the following information NAT Traversal Check Enable to apply the NAT settings for both the local network and the remote network communicating over the VPN tunnel This option is particularly useful in cases where both sides of a tunnel use either the same or overlapping subnets NetBIOS Check E...

Страница 107: ... policy click Add Row Other options To edit an IKE policy choose an entry and click Edit To delete an IKE policy choose an entry and click Delete NOTE You cannot delete an IKE policy if it is being used in a VPN policy You must first disable and delete the VPN policy in the VPN Policy table STEP 3 Enter the following information Policy Name Enter a unique name for the policy for identification and...

Страница 108: ...hentication algorithm for the VPN header MD5 SHA 1 or SHA2 256 Ensure that the authentication algorithm is configured identically on both sides of the VPN tunnel for example the CVR100W and the router to which it is connecting Pre Shared Key Enter the key in the space provided Note that the double quote character is not supported in the key Diffie Hellman DH Group Specify the DH Group algorithm wh...

Страница 109: ...hoose an entry and click Edit To delete a VPN policy choose an entry and click Delete To enable a VPN policy choose an entry and click Enable To disable a VPN policy and terminate the corresponding VPN connection if applicable choose an entry and click Disable NOTE If you have a VPN connection already configured you cannot add another without deleting the existing VPN connection STEP 3 Enter the f...

Страница 110: ...ay feature so that the CVR100W can connect to a backup VPN endpoint when the primary VPN connection fails If you enable this feature specify the IP address or FQDN of the remote redundancy endpoint or the router to which the CVR100W will connect when the primary VPN connection fails Rollback enable Check to switch to the primary VPN connection by disabling the backup VPN connection when the primar...

Страница 111: ...he IP Address field and enter the subnet mask in the Subnet Mask field IP Address Enter the IP address of the remote host if the Remote IP is set to Single or enter the remote network address if the Remote IP is set to Subnet Subnet Mask Enter the subnet mask such as 255 255 255 0 if the Remote IP is set to Subnet IMPORTANT Make sure that you avoid using overlapping subnets for remote or local tra...

Страница 112: ...hm used to verify the integrity of the data MD5 SHA 1 or SHA2 256 Key In Enter the integrity key for ESP with Integrity mode for the inbound policy The length of the key depends on the algorithm chosen MD5 16 characters SHA 1 20 characters SHA2 256 32 characters Key Out Enter the integrity key for ESP with Integrity mode for the outbound policy The length of the key depends on the algorithm chosen...

Страница 113: ...erate a new certificate to replace the existing certificate on the CVR100W To generate a certificate STEP 1 Choose VPN Certificate Management STEP 2 Click the Generate a New Certificate radio button STEP 3 Click Generate Certificate Integrity Algorithm Select the algorithm used to verify the integrity of the data PFS Key Group Check Enable to enable Perfect Forward Secrecy PFS to improve security ...

Страница 114: ... be stored in a safe place as a backup If the CVR100W s configuration is restored to the factory default settings this certificate can be imported and restored on the CVR100W To export a certificate for Admin STEP 1 Choose VPN Certificate Management STEP 2 Click Export Certificate for Admin The certificate for administrator admin pem will be saved to your local PC Exporting Certificates for Client...

Страница 115: ...through your CVR100W To configure VPN passthrough STEP 1 Choose VPN VPN Passthrough STEP 2 Choose the type of traffic to allow to pass through the CVR100W STEP 3 Click Save IPsec Passthrough Check Enable to allow IP security tunnels to pass through the CVR100W PPTP Passthrough Check Enable to allow Point to Point Tunneling Protocol PPTP tunnels to pass through the CVR100W L2TP Passthrough Check En...

Страница 116: ...lowing from the secure network LAN to the insecure network WAN Configuring Bandwidth You can limit the bandwidth to reduce the rate at which the CVR100W transmits data You can also use a bandwidth profile to limit the outbound traffic thus preventing the LAN users from consuming all of the bandwidth of the Internet link To set the upstream and downstream bandwidth STEP 1 Choose QoS Bandwidth Manag...

Страница 117: ...ings of an entry in the table check the relevant box and click Edit When you are done making changes click Save STEP 7 To delete an entry from the table check the relevant box and click Delete Then click Save STEP 8 To add a new service definition click Configure Services You can define a new service to use for all firewall and QoS definitions See Configuring Service Management for more informatio...

Страница 118: ...based QoS settings click Restore Default Then click Save Trust Mode Choose one of the following options from the drop down menu Port This setting enables the port based on QoS You can then set the traffic priority for a particular port The traffic queue priority starts at the lowest priority of 1 and ends with the highest priority of 4 DSCP Differentiated Services Code Point DSCP Enabling this fea...

Страница 119: ...lues mark traffic types with higher or lower traffic priority depending on the type of traffic STEP 3 Click Save STEP 4 To restore the default CoS settings click Restore Default Configuring DSCP Settings You can use the DSCP Settings page to configure DSCP to QoS queue mapping NOTE You first need to go to the QoS Port Based Settings page by clicking the link on this page to set the trust mode to D...

Страница 120: ...Configuring Quality of Service QoS Configuring DSCP Settings Cisco CVR100W Wireless N VPN Router Administration Guide 118 7 STEP 5 To restore the default DSCP settings click Restore Default ...

Страница 121: ...d other settings It includes the following sections Configuring Password Complexity Configuring Administrator Account Settings Configuring Remote Management Configuring Port Management Configuring Do Not Disturb Mode Configuring System Time Configuring Bonjour Using Diagnostic Tools Configuring Logging Backing Up and Restoring System Configuration Upgrading Firmware Rebooting the CVR100W Restoring...

Страница 122: ...er the minimum password length 0 to 64 characters The default is 8 characters Minimum number of character classes Enter a number representing one of the following character classes Uppercase letters Lowercase letters Numbers Special characters available on a standard keyboard By default passwords must contain characters from at least three of these classes The new password must be different than t...

Страница 123: ...ded STEP 5 Check Disable Password Strength Enforcement to disable password strength enforcement nor recommended Disabling password strength enforcement will increase your network security risk STEP 6 Click Save New Username Enter a new username Old Password Enter the current password New Password Enter the new password We recommended that you ensure that the password contains no dictionary words f...

Страница 124: ...able to enable remote management Enabling this feature allows you to remotely manage the CVR100W from the WAN side by using the CVR100W s WAN IP address STEP 4 In the Remote Access field select the way that you access web based Configuration Utility from a remote WAN network HTTP Check to allow you to access web based Configuration Utility from a remote WAN network by using the CVR100W s WAN IP ad...

Страница 125: ...current duplex mode and speed Flow Control Shows if flow control is enabled or disabled on the port STEP 2 To configure the duplex mode and speed of a port choose an option from the Mode drop down menu The available options are Auto Negotiation Lets the system and network determine the optimal port speed 10 Mbps Half Duplex or 100 Mbps Half Duplex The 10 100 Mbps port supports transmissions betwee...

Страница 126: ...ne whether or not to adjust for Daylight Savings Time and with which Network Time Protocol NTP server to synchronize the date and time The CVR100W then gets its date and time information from the NTP server To configure NTP and time settings STEP 1 Choose Administration Time Settings The current time is displayed STEP 2 Specify the time zone from the Time zone drop down menu STEP 3 In the Adjust f...

Страница 127: ...tocol On the CVR100W it only advertises the default services configured on the device when Bonjour is enabled To enable Bonjour STEP 1 Choose Administration Bonjour STEP 2 Check Enable to enable Bonjour STEP 3 To enable Bonjour for a VLAN listed in the Bonjour Interface Control table check the corresponding Enable Bonjour box You can enable Bonjour on specific VLANs Enabling Bonjour on a VLAN allo...

Страница 128: ...n the IP Address Domain Name field enter the device s IP address or a fully qualified domain name FQDN such as www cisco com to ping STEP 3 Click Ping The ping results appear These results tell you whether the device is reachable STEP 4 Click Close when done and return to the Network Tools page Using Traceroute The Traceroute utility displays all the routers present between the destination IP addr...

Страница 129: ...n the Internet Name field enter the Internet name of the host STEP 3 Click Look up The nslookup results appear STEP 4 Click Close when done and return to the Network Tools page Configuring Port Mirroring Port mirroring monitors network traffic by sending copies of all incoming and outgoing packets from one port to a monitoring port You can use port mirroring as a diagnostic or debugging tool espec...

Страница 130: ... In the Log Severity for Local Log field check the log severities for the events that you want to log For example If you check Critical all log messages listed under the Critical Emergency and Alert categories are saved to the local syslog daemon STEP 4 Click Save Emergency System is not usable Alert Action is needed Critical System is in a critical condition Error System is in error condition War...

Страница 131: ... field check which severity of events to log STEP 6 In the Enable field check the box to enable the remote syslog server STEP 7 Click Save STEP 8 To delete an entry in the Remote Log Server table select the entry and click Delete To edit an entry in the Remote Log Server table select the entry and click Edit Make your changes then click Save Backing Up and Restoring System Configuration You can ba...

Страница 132: ... STEP 1 Choose Administration Backup Restore Settings STEP 2 Click Backup Configuration Restoring Your Configuration from a Saved Configuration File You can restore the system configuration from a previously saved configuration file To restore the settings from a saved configuration file on your local PC STEP 1 Choose Administration Backup Restore Settings STEP 2 Click Browse to locate the configu...

Страница 133: ...Administration Firmware Upgrade The following information is displayed Device Model Displays the device model PID VID Displays the product ID and version ID Current Firmware Version Displays the firmware version that the CVR100W is currently using STEP 2 In the Download the latest firmware field click Download to download the latest version of the firmware from the specified website to your local ...

Страница 134: ...essions and the system will be down for several seconds Restoring the Factory Defaults To restore the CVR100W to the factory default settings you can press and hold the RESET button on the back panel for more than 5 seconds or perform the Reset to Factory Defaults operation from web based Configuration Utility CAUTION During a restore operation do not try to go online turn off the router shut down...

Страница 135: ...assword The administrative password protects your CVR100W from unauthorized access For security reasons you should change the password from its default setting Write this password down for future reference A blank password is not recommended Router Password Enter a new password Passwords should not contain dictionary words from any language They should contain a mixture of letters both uppercase a...

Страница 136: ...gns an IP address on connection PPPoE PPPoE uses Point to Point Protocol over Ethernet PPPoE to connect to the Internet Choose this option if your ISP provides you with client software username and password Use the necessary PPPoE information from your ISP to complete the PPPoE configuration Account Name Enter your username assigned to you by the ISP Password Enter your password assigned to you by...

Страница 137: ... the highest level of security that is supported by the devices in your network See Configuring Wireless Security for more information on configure the wireless security settings STEP 4 Click Next to continue The Confirm Setup Wizard Configuration page opens From this page you can see the summary information for all configuration STEP 5 If the configuration is correct click Save and Exit to comple...

Страница 138: ...Connect makes accessing wireless access points simple and allows you to expand more business applications See www cisco com go cn cvr100w for more information By default Cisco Simple Connect is disabled on the CVR100W You can set one of the SSIDs SSID1 SSID2 or SSID3 as the CSC wireless access point The wireless clients that are associated with the CSC wireless access point can only access the Int...

Страница 139: ... strongly recommend that you configure the CSC wireless access point with the highest level of security that is supported by the devices into your wireless network The wireless clients that are associated with the CSC wireless access point can only access the Internet They cannot manage and configure the CVR100W through web based Configuration Utility and access the CVR100W s local network resourc...

Страница 140: ...nerally you can enter the SSID name that is provided on your CSC card in this field If you want to customize the name of the CSC wireless access point enter a new SSID name in this field NOTE When you customize a new name of the CSC wireless access point you are asked to regenerate and print the QR code of the CSC card See Customizing Your QR Code for more information Security Mode By default the ...

Страница 141: ...C wireless access point See Configuring Wireless Network Settings for more information STEP 7 Click Save STEP 8 Click Edit CSC to limit the time to access the Internet for all wireless clients that are associated with the CSC wireless network STEP 9 Enter the following information STEP 10 Click Save SSID Name Displays the current name of the CSC wireless access point By default it is named as Cisc...

Страница 142: ...om Cisco com go to www cisco com go cn cvr100w open the Cisco Simple Connect tab and click the download link and then install it on your device Or Connect your device to the CSC wireless network You must first know the SSID name and password of the CSC wireless network and then open the web browser on your device to try to access a website The Cisco Simple Connect Hotspot opens Click the correspon...

Страница 143: ...ey The wireless clients need to rescan the new QR code that you print from the CVR100W Resources page to connect to the CSC wireless network STEP 1 Launch your web browser and access the CVR100W Resources page http www cisco com go cn cvr100w STEP 2 Click the Cisco Simple Connect 思科锐联 tab STEP 3 In the Customize QR Code 定制二维码 area enter the following information Wireless Security 连接类型 Displays the...

Страница 144: ...g Your QR Code Cisco CVR100W Wireless N VPN Router Administration Guide 142 9 The wireless clients can now use the CSC client application on their CSC enabled devices to interact with the new QR code and connect to the CSC wireless network ...

Страница 145: ...ftware This appendix includes the following sections Before You Begin Installing the Cisco QuickVPN Software Using the Cisco QuickVPN Software Before You Begin The QuickVPN program only works with the CVR100W that is properly configured to accept a QuickVPN connection You must perform the following steps STEP 1 Enable remote management See Configuring Remote Management for complete details STEP 2 ...

Страница 146: ...in the search box in the Downloads tab and find the QuickVPN software STEP 3 Save the zip file to your PC and extract the zip file STEP 4 Double click the exe file and follow the on screen instructions to install the Cisco QuickVPN software Using the Cisco QuickVPN Software To launch the Cisco QuickVPN software and establish the VPN connection with a remote VPN server STEP 1 Double click the Cisco...

Страница 147: ...eld enter the port number that the QuickVPN client uses to communicate with the remote VPN router or keep the default setting Auto STEP 6 To save this profile click Save To delete this profile click Delete For information click Help NOTE If there are multiple sites to which you need to create a tunnel you can create multiple profiles but only one tunnel can be active at a time STEP 7 To begin your...

Страница 148: ...n active To terminate the VPN tunnel click Disconnect To change your password click Change Password For information click Help STEP 9 If you clicked Change Password and have permission to change your own password the Connect Virtual Private Connection window appears STEP 10 Enter your password in the Old Password field Enter your new password in the New Password field Then enter the new password a...

Страница 149: ...ckVPN Software Cisco CVR100W Wireless N VPN Router Administration Guide 147 A NOTE You can change your password only if the Allow User to Change Password box has been checked for that username See Configuring VPN Clients for complete details ...

Страница 150: ...l Business Support and Resources www cisco com go smallbizhelp Phone Support Contacts www cisco com go sbsc Cisco Small Business Firmware Downloads www cisco com go smallbizfirmware Select a link to download firmware for Cisco Small Business Products No login is required Product Documentation Cisco CVR100W www cisco com go cvr100w Cisco Small Business Cisco Partner Central for Small Business Partn...

Отзывы:

Нет отзывов