manualshive.com logo in svg

Cisco Small Business RV215W, Руководство администратора, Страница: 112 / 149

Поделиться
Скачать
Cisco Small Business RV215W Скачать руководство пользователя страница 112

Configuring VPN

Configuring Certificate Management

Cisco RV215W Wireless-N VPN Firewall Administration Guide

112

9

 

PFS Key Group—

Check the 

Enable

 box to enable Perfect Forward 

Secrecy (PFS) to improve security. While slower, this protocol helps to 
prevent eavesdroppers by ensuring that a Diffie-Hellman exchange is 
performed for every phase-2 negotiation. 

Select IKE Policy—

Choose the IKE policy that will define the 

characteristics of phase 1 of the negotiation. Click 

View

 to view or edit the 

existing IKE policy that is configured on the device.

Configuring Certificate Management

The device uses digital certificates for IPsec VPN authentication and SSL 
validation (for HTTPS). You can generate and sign your own certificates using 
functionality available on the device. 

Generating a New Certificate

You can generate a new certificate to replace the existing certificate on the 
device.

To generate a certificate: 

STEP 1

Choose 

VPN

 > 

Certificate Management.

STEP  2

Click the 

Generate a New Certificate

 button.

STEP  3

Click 

Generate Certificate

Importing Certificates

You can import certificate previously saved to a file using 

Export for Admin

 

button.

To import a certificate:

STEP 1

Choose 

VPN

 > 

Certificate Management.

STEP  2

Click the 

Import Certificate From a File

 button.

STEP  3

Click 

Browse

 and locate the certificate file.

STEP  4

Click 

Install Certificate

.

Содержание Small Business RV215W

Страница 1: ...Cisco RV215W Wireless N VPN Firewall ADMINISTRATION GUIDE ...

Страница 2: ...filiates in the U S and other countries To view a list of Cisco trademarks go to this URL www cisco com go trademarks Third party trademarks mentioned are the property of their respective owners The use of the word partner does not imply a partnership relationship between Cisco and any other company 1110R ...

Страница 3: ...Viewing Wireless Statistics 19 Viewing the VPN Status 20 Viewing the IPSec Connection Status 21 Viewing Logs 22 Viewing Connected Devices 23 Viewing Port Statistics 23 Viewing the Guest Network Status 24 Viewing the Mobile Network Status 25 Chapter 6 Configuring Networking 26 Configuring the WAN Settings 27 Configuring the Wired WAN Connections 27 Configuring DHCP 27 Configuring Static IP 27 Confi...

Страница 4: ... RSTP 44 Port Management 45 Cloning the MAC Address 46 Configuring Routing 47 Configuring the Operating Mode 47 Configuring Dynamic Routing 48 Configuring Static Routing 49 Viewing the Routing Table 50 Configuring Dynamic DNS 50 Configuring the IP Mode 52 Configuring IPv6 53 Configuring the IPV6 WAN Connection 53 Configuring IPv6 LAN Connections 57 Configuring IPv6 Static Routing 59 Configuring Ro...

Страница 5: ...reless Settings 78 Configuring WDS 81 Configuring WPS 82 Chapter 8 Configuring the Firewall 84 Cisco RV215W Firewall Features 84 Configuring Basic Firewall Settings 85 Configuring Remote Management 88 Configuring Universal Plug and Play 89 Managing Firewall Schedules 89 Adding or Editing a Firewall Schedule 89 Configuring Services Management 90 Configuring Access Rules 91 Adding Access Rules 92 Cr...

Страница 6: ...ing Advanced VPN Parameters 106 Managing IKE Policies 106 Adding or Editing IKE Policies 107 Managing VPN Policies 109 Adding or Editing VPN Policies 109 Configuring Certificate Management 112 Configuring VPN Passthrough 114 Chapter 10 Configuring Quality of Service QoS 116 Configuring Bandwidth Management 116 Configuring Bandwidth 117 Configuring Bandwidth Priority 117 Configuring QoS Port Based ...

Страница 7: ...134 Backing Up and Restoring the System 135 Backing Up the Configuration Settings 136 Restoring the Configuration Settings 137 Copying the Configuration Settings 138 Generating an Encryption Key 138 Upgrading Firmware or Changing the Language 139 Upgrading Firmaware Automatically 139 Upgrading Firmware Manually 140 Changing the Language 141 Restarting the Cisco RV215W 141 Restoring the Factory Def...

Страница 8: ...RV215W Wireless N VPN Firewall Administration Guide 8 Contents Using the Cisco QuickVPN Software 146 Appendix B Where to Go From Here 149 ...

Страница 9: ...ck Start Guide CAUTION Use the 12V 1 67a power supply provided with the device Using a different power supply could cause poor performance or damage the device To verify the hardware installation and connection to the Internet complete the following tasks STEP 1 Check the LED states For more information see Cisco RV215W Wireless N VPN Firewall Quick Start Guide provided with the device STEP 2 Conn...

Страница 10: ...e and this message appears because the device is not known to your computer STEP 3 Click Continue to this website or the option shown on your particular web browser to go to the web site The login page displays STEP 4 Enter the user name and password The default user name is cisco The default password is cisco Passwords are case sensitive STEP 5 Click Log In Setup Wizard starts STEP 6 Follow the o...

Страница 11: ...co QuickVPN Software The device supports up to four wireless networks You can only set up one wireless network or SSID by using Setup Wizard To configure additional wireless networks using Device Manager see Configuring the Wireless Network Using the Getting Started Page The Getting Started page displays the most common device configuration tasks Use the links on this page to jump to the relevant ...

Страница 12: ...rade Router Firmware Open the Firmware Language Upgrade page to update the router firmware or language pack See Upgrading Firmware or Changing the Language Add VPN Clients Opens the VPN Clients page to manage virtual private networks See VPN Clients Configure Remote Management Access Opens the Basic Settings page to enable the basic features of the router See Configuring Basic Firewall Settings Sy...

Страница 13: ... to the client device consult the device documentation STEP 1 Open the wireless connection settings window or program for your device Your computer might have special software installed to manage wireless connections or you might find the wireless connections under the Control Panel in the Network Connections or Network and Internet window The location depends on your operating system STEP 2 Enter...

Страница 14: ... Dashboard The Dashboard page provides important router information To view the Dashboard choose Status Dashboard To change the refresh rate of the statistics and parameter values displayed select the frequency from the Refresh Rate drop down menu To display an interactive view of the router back panel click Show Panel View The back panel view shows you the ports that are connected to a device lit...

Страница 15: ...e of day System Up Time How long the system has been running Syslog Summary Indicates whether logging is enabled for these event categories Emergency Alert Critical Error Warning To view the logs click details For more information see Viewing Logs To manage logs click manage logging For more information see Configuring Logging Settings LAN Local Network Interface MAC Address The MAC address of the...

Страница 16: ...e router WAN port if IPv6 is enabled State State of the wired WAN connection up or down To view the WAN settings click details For more information see Configuring the Wired WAN Connections Wireless Networks Lists the status of the four wireless network SSIDs To view the router wireless settings click details For more information see Viewing Wireless Statistics VPN QuickVPN Users Number of QuickVP...

Страница 17: ...er will check the language pack version to see if it is compatible with the current firmware version Language MD5 Checksum The MD5 checksum of the language pack CPU Model Chipset of CPU currently used Serial Number Serial number of the device System Up Time How long the system has been running Current Time Time of day PID VID Product ID and version ID of the device IPv4 Configuration LAN IP LAN IP...

Страница 18: ...ss of the secondary DNS server Wireless Summary SSID 1 Public name of the first wireless network Security Security setting for SSID 1 SSID 2 Public name of the second wireless network Security Security setting for SSID 2 SSID 3 Public name of the third wireless network Security Security setting for SSID 3 SSID 4 Public name of the fourth wireless network Security Security setting for SSID 4 Firewa...

Страница 19: ...d Statistic Data and click Save By default byte data is displayed in bytes and other numerical data is displayed in long form To reset the wireless statistics counters click Clear Count Also the counters are reset when the device is rebooted The Wireless Statistics page displays this information SSID Name The name of the wireless network Packet Number of received and sent wireless packets reported...

Страница 20: ...e of the VPN user associated with the QuickVPN PPTP tunnel Remote IP Displays the IP address of the remote QuickVPN client This could be a NAT Public IP if the client is behind the NAT router Status Displays the current status of the QuickVPN client OFFLINE means that the QuickVPN tunnel is not initiated or established by the VPN user ONLINE means that the QuickVPN tunnel initiated or established ...

Страница 21: ...numerical data in rounded up form check Show Simplified Statistic Data Policy Name Name of the VPN policy for which data is displayed Local or Remote Displays the local and remote IP addresses Start Time and End Time Displays the start and end times of the IPsec connections Duration Displays the elapsed time for which the connection is or was active Packet Displays the received Rx and transmitted ...

Страница 22: ...gs The event severity levels are listed from the highest severity to the lowest severity as follows Emergency System is not usable Alert Action is needed Critical System is in a critical condition Error System is in error condition Warning System warning occurred Notification System is functioning properly but a system notice occurred Informational Device information Debugging Provides detailed in...

Страница 23: ...splay select a value from the Filter drop down menu All All devices connected to the router Wireless All devices connected through the wireless interface Wired All devices connected through the Ethernet ports on the router WDS All Wireless Distribution System WDS device connected to the router Viewing Port Statistics The Port Statistics page displays port detailed activity To view port statistics ...

Страница 24: ... connected device Time Left Time remaining that the device can be connected to the guest network Time limits are configured in the Wireless Basic Settings Guest Net Settings page Action Actions you can perform on the connected device for example disconnect Interface Name of the network interface Packet Number of received sent packets Byte Number of received sent bytes of information per second Err...

Страница 25: ... address assigned to the USB device Subnet Mask Subnet mask of the USB device Default Gateway IP address of the default gateway Connection Up Time How long the link has been up Current Session Usage Volume of data being received Rx and transmitted Tx on the mobile link Manufacturer Card manufacturer name Card Model Card model number Card Firmware Card firmware version SIM Status Subscriber identif...

Страница 26: ...iguring Networking This chapter describes how to configure the device network settings Configuring the WAN Settings Configuring the LAN Settings Cloning the MAC Address Configuring Routing Port Management Configuring Dynamic DNS Configuring the IP Mode Configuring IPv6 ...

Страница 27: ...Internet Service Provider ISP uses the Dynamic Host Control Protocol DHCP to assign you an IP address you receive an IP address that is dynamically generated each time you log in To configure the DHCP WAN settings STEP 1 Choose Networking WAN STEP 2 From the Internet Connection Type drop down menu select Automatic Configuration DHCP STEP 3 Click Save Configuring Static IP If your ISP assigned you ...

Страница 28: ... Static DNS 2 IP address of the secondary DNS server Username The username assigned by the ISP Password The password assigned by the ISP Connect on Demand Select this option if your ISP charges based on the amount of time that you are connected When you select this option the Internet connection is on only when traffic is present If the connection is idle that is no traffic is flowing the connecti...

Страница 29: ...tials with the security type sent by the server PAP Password Authentication Protocol PAP used by Point to Point Protocol to connect to the ISP CHAP Challenge Handshake Authentication Protocol CHAP requires that both the client and server know the plaintext of the secret to use ISP services MS CHAP or MS CHAPv2 The Microsoft version of CHAP used to access ISP services Internet IP Address IP address...

Страница 30: ...on Demand enter the number of minutes after which the connection shuts off in the Max Idle Time field Keep Alive When you select this option the Internet connection is always on In the redial period field enter the number of seconds after which the device attempts to reconnect if it is disconnected Authentication Type Choose the authentication type Auto negotiation The server sends a configuration...

Страница 31: ...the connection is idle that is no traffic is flowing the connection is closed If you click Connect on Demand enter the number of minutes after which the connection shuts off in the Max Idle Time field Keep Alive When you select this option the Internet connection is always on In the redial period field enter the number of seconds after which the device attempts to reconnect if it is disconnected A...

Страница 32: ... that is connected to its USB interface To display the Mobile Network window choose Networking WAN Mobile Network Host Name Host name of the device Domain Name Domain name for your network MTU The maximum transmission unit MTU is the size of the largest packet that can be sent over the network The standard MTU value for Ethernet networks is usually 1500 bytes For PPPoE connections the value is 149...

Страница 33: ... time Max Idle Time If your Internet connection is terminated due to inactivity the modem automatically establishes a connection when a user attempts to access the Internet In the Max Idle Time field enter the number of minutes of idle time that can elapse before the Internet connection terminates Choosing Keep Alive keeps the connection up at all times To connect or disconnect your modem connecti...

Страница 34: ...d Description Access Point Name APN Internet network that the mobile device is connecting to Enter the access point name provided by your mobile network service provider If you do not know the name of the access point contact your service provider Dial Number Dial number provided by your mobile network service provider for the Internet connection User Name Password User name and password provided ...

Страница 35: ...n the Monthly Bandwidth Cap field enter the maximum amount of data in megabytes that is allowed to pass before the device takes an action such as sending an email to an administrator Service Type The most commonly available type of mobile data service connection based on your area service signal If your location supports only one mobile data service you can limit your preferred option reducing con...

Страница 36: ...s the backup connection This feature is called Recovery STEP 1 Choose Networking WAN Failover Recovery STEP 2 Choose if your primary network connection is an ethernet WAN connection or a mobile network connection using a 3G USB dongle STEP 3 Click the Failover to Secondary Enable radio button to enable the device to failover from the primary network connection and restore connectivity using the se...

Страница 37: ...ection Validation Site field choose the location to ping during failover and recovery validation You can choose the device s gateway DNS or a custom IP address as the validation site If you choose a custom site enter the IPv4 or IPv6 address By default the device pings the default gateway to validate failover STEP 10 To troubleshoot your 3G mobile network connection click the 3G Diagnostic Enable ...

Страница 38: ...cludes the IP address of the WINS server in the DHCP configuration that the device sends to DHCP clients If the device is connected to a modem or device that has a configured network on the same subnet 192 168 1 x the device automatically changes the LAN subnet to a random subnet based on 10 x x x so there is no conflict with the subnet on the WAN side of the device Changing the Device Management ...

Страница 39: ...dresses and provides DNS server addresses With DHCP enabled the device assigns IP addresses to network devices on the LAN from a pool of IPv4 addresses The device tests each address before it is assigned to avoid duplicate addresses on the LAN The default IP address pool is 192 168 1 100 to 192 168 1 149 To set a static IP address on a network device use an IP address outside the pool For example ...

Страница 40: ...out regard to the physical location of the equipment or users The device has a default VLAN VLAN 1 that cannot be deleted You can create up to four other VLANs on the device DHCP Relay Relays the IP addresses assigned by a another DHCP server to the network devices Starting IP Address The first address in the IP address pool Any DHCP client joining the LAN is assigned an IP address in this range M...

Страница 41: ...rames received on the interface Description A description that identifies the VLAN Inter VLAN Routing Allows an end station in one VLAN to communicate with an end station in another VLAN Port 1 Port 2 Port 3 Port 4 You can associate VLANS on the device to the LAN ports on the device By default all LAN ports belong to VLAN1 You can edit these ports to associate them with other VLANS Choose the outg...

Страница 42: ...and click Edit To delete a selected DHCP client click Delete Click Save to apply the changes Description Description of the client IP Address IP address of the device The IP address assigned should be outside the pool of the DHCP addresses Static DHCP assignment means the DHCP server assigns the same IP address to a defined MAC address every time the device is connected to the network The DHCP ser...

Страница 43: ...ddress Configuring a DMZ Host The device supports demilitarized zones DMZ A DMZ is a subnetwork that is open to the public but behind the firewall A DMZ allows you to redirect packets going to your WAN port IP address to a particular IP address in your LAN We recommended that you place hosts that must be exposed to the WAN such as web or e mail servers in the DMZ network You can configure firewall...

Страница 44: ... Networking LAN RSTP STEP 2 Configure the following settings System Priority Choose the system priority from the drop down menu You can choose from a system priority from 0 to 61440 in increments of 4096 Valid values are 0 4096 8192 12288 16384 20480 24576 28672 32768 40960 45056 49152 53248 57344 and 61440 The lower the system priority the more likely the device is to become the root in the spann...

Страница 45: ...ocking to forwarding state Enter a number from 4 to 30 The default is 15 Force Version Select the default protocol version to use Select Normal use RSTP or Compatible compatible with old STP The default is Normal Protocol Enable Check to enable RSTP on the associated port RSTP is disabled by default Edge Check to specify that the associated port is an edge port end station Uncheck to specify that ...

Страница 46: ...d to the port this field displays Down Mode Choose from the drop down menu one of the following port speeds Auto Negotiation The device and the connected device choose a common speed 10Mbps Half 10 Mbps in both directions but only one direction at a time 10Mbps Full 10 Mbps in both directions simultaneously 100Mbps Half 100 Mbps in both directions but only one direction at a time 100Mbps Full 100 ...

Страница 47: ...he device WAN port do one of the following To set the MAC address of the WAN port to your PC MAC address click Clone My PC s MAC To specify a different MAC address enter it in the MAC Address field STEP 4 Click Save Configuring Routing Configure the routing options Configuring the Operating Mode To configure the device operating mode STEP 1 Choose Networking Routing STEP 2 In the Operating Mode fi...

Страница 48: ...rk packets route based on the fewest number of hops between the source and the destination RIP is disabled by default NOTE RIP is disabled by default on the device To configure dynamic routing STEP 1 Choose Networking Routing STEP 2 Configure the following settings Router For advanced users only Click this button to set the device to act as a router Select this option if the device is on a network...

Страница 49: ...o reach peer routers that do not support dynamic routing protocols Static routes can be used together with dynamic routes The device supports up to 30 static routes Be careful not to introduce routing loops in your network To configure static routing STEP 1 Choose Networking Routing STEP 2 From the Route Entries drop down menu choose a route entry To delete the route entry click Delete This Entry ...

Страница 50: ...e is displayed with the fields configured in the Networking IPv6 pages Configuring Dynamic DNS Dynamic DNS DDNS is an Internet service that allows routers with varying public IP addresses to be located using Internet domain names To use DDNS you must set up an account with a DDNS provider such as DynDNS com TZO com 3322 org or noip com The router notifies dynamic DNS servers of changes in the WAN ...

Страница 51: ...ount Password Password of the DDNS account Verify Password TZO com DynDNS com and noip com Password confirmation of the DDNS account Host Name DynDNS com 3322 org and noip com Host name of the DDNS server Domain Name TZO com Name of the domain that is used to access the network Update Interval Choose one of the following options to set the frequency with which to update the IP addess and the domai...

Страница 52: ...rom the IP Mode drop down menu choose one of the following options Internet IP Address Read only Internet IP address of the device Status Read only Indicates that the DDNS update has completed successfully or the account update information sent to the DDNS server failed LAN IPv4 WAN IPv4 Use IPv4 on the LAN and WAN ports LAN IPv6 WAN IPv4 Use IPv6 on the LAN ports and IPv4 on the WAN ports LAN IPv...

Страница 53: ...n 6 IPv6 is a version of the Internet Protocol IP intended to succeed Internet Protocol version 4 IPv4 Configuring WAN properties for an IPv6 network depends on the type of Internet connection that you have Configuring the IPV6 WAN Connection You can configure the device to be a DHCPv6 client of the ISP for this WAN or to use a static IPv6 address provided by the ISP To configure IPv6 WAN settings...

Страница 54: ...working IPv6 IPv6 WAN Configuration STEP 2 From the WAN Connection Type menu select Static IPv6 STEP 3 Enter this information STEP 4 Click Save IPv6 Address IPv6 address of the WAN port IPv6 Prefix Length Length of the IPv6 prefix typically defined by the ISP The IPv6 network subnet is identified by the initial bits of the address called the prefix All hosts in the subnetwork have the identical pr...

Страница 55: ... information it might be necessary to contact your ISP to obtain your PPPoE login information Username Username assigned to you by the ISP Password Password assigned to you by the ISP Connect on Demand If your ISP charges based on the amount of time that you are connected select the radio button When selected the Internet connection is active only when traffic is present If the connection is idle ...

Страница 56: ...he ISP Service Name Name that your ISP might require to log onto the PPPoE server MTU The maximum transmission unit MTU or the size of the largest packet that can be sent over the network Unless a change is required by your ISP we recommend that you choose Auto The standard MTU value for Ethernet networks is 1500 bytes For PPPoE connections the value is 1492 bytes If your ISP requires a custom MTU...

Страница 57: ...vice you must first set the IP mode to one of the following modes LAN IPv6 WAN IPv4 LAN IPv6 WAN IPv6 LAN IPv4 IPv6 WAN IPv4 LAN IPv4 IPv6 WAN IPv4 IPv6 See Configuring the IP Mode for more information on how to set the IP mode To configure IPv6 LAN settings STEP 1 Choose Networking IPv6 IPv6 LAN Configuration STEP 2 Enter the following information to configure the IPv6 LAN address IPv6 Address En...

Страница 58: ...the number of common initial bits in the network addresses in this field DHCP Status Check to enable the DHCPv6 server When enabled the device assigns an IP address within a specified range and provides additional information to any LAN endpoint that requests DHCP addresses Domain Name Optional Domain name of the DHCPv6 server Server Preference Server preference level of this DHCP server DHCP adve...

Страница 59: ...mic routing protocols Static routes do not require CPU resources to exchange routing information with a peer router You can also use static routes to reach peer routers that do not support dynamic routing protocols Static routes can be used together with dynamic routes Be careful not to introduce routing loops in your network To create a static route STEP 1 Choose Networking IPv6 IPv6 Static Routi...

Страница 60: ...s sent every 30 seconds If the router receives no routing updates from a neighbor after 180 seconds the routes learned from the neighbor are considered as unreachable After another 240 seconds if no routing update is received the router removes these routes from the routing table On the device RIPng is disabled by default Prefix Length Number of prefix bits in the IPv6 address that define the dest...

Страница 61: ...ts to be transmitted over an IPv6 network 6 to 4 Tunneling 6 to 4 tunneling is typically used when a site or end user wants to connect to the IPv6 Internet using the existing IPv4 network To configure 6 to 4 tunneling STEP 1 Select Networking IPv6 Tunneling STEP 2 In the 6 to 4 Tunneling field check Enable STEP 3 Choose the type of tunneling 6to4 or 6RD Rapid Deployment STEP 4 For 6RD Tunneling ch...

Страница 62: ...o display the most up to date information This page displays information about the automatic tunnel set up through the dedicated WAN interface The table shows the name of tunnel and the IPv6 address that is created on the device Configuring Router Advertisement The Router Advertisement Daemon RADVD on the device listens for router solicitations in the IPv6 LAN and responds with router advertisemen...

Страница 63: ...er Advertisement Interval MaxRtrAdvInterval MinRtrAdvInterval 0 33 MaxRtrAdvInterval RA Flags Check Managed to use the administered stateful protocol for address auto configuration Check Other to use the administered stateful protocol of other non address information auto configuration Router Preference Choose low medium or high from the drop down menu The default is medium The router preference p...

Страница 64: ...an be sent over the network The MTU is used in RAs to ensure all nodes on the network use the same MTU value when the LAN MTU is not well known Router Life Time Router lifetime value or the time in seconds that the advertisement messages exists on the route The default is 3600 seconds IPv6 Prefix Type Choose one of the following types 6to4 Allows IPv6 packets to be transmitted over an IPv4 network...

Страница 65: ...ments are sent IPv6 Prefix If you choose Global Local as the IPv6 prefix type enter the IPv6 prefix The IPv6 prefix specifies the IPv6 network address IPv6 Prefix Length If you choose Global Local as the IPv6 prefix type enter the prefix length The prefix length variable is a decimal value that indicates the number of contiguous higher order bits of the address that make up the network portion of ...

Страница 66: ...ce Because wireless networking operates by sending information over radio waves it can be more vulnerable to intruders than a traditional wired network Wireless Security Tips You cannot physically prevent someone from connecting to your wireless network but you can take the following steps to keep your network secure Change the default wireless network name or SSID Wireless devices have a default ...

Страница 67: ...mbers and letters assigned to every networking device With MAC address filtering enabled wireless network access is provided solely for wireless devices with specific MAC addresses For example you can specify the MAC address of each computer in your network so that only those computers can access your wireless network Enable encryption Encryption protects data transmitted over a wireless network W...

Страница 68: ...ork and individually password protect sensitive files Change passwords on a regular basis Install anti virus software and personal firewall software Disable file sharing peer to peer to prevent applications from using file sharing without your consent Cisco RV215W Wireless Networks The device provides four virtual wireless networks or four SSIDs Service Set Identifier ciscosb1 ciscosb2 ciscosb3 an...

Страница 69: ...these options from the drop down menu Wireless Isolation with SSID Disabled Disabled Disabled Disabled WMM Enabled Enabled Enabled Enabled WPS Hardware Button Enabled Disabled Disabled Disabled 1 When using Setup Wizard select Best Security or Better Security to protect the device from unauthorized access SSID Name ciscosb1 ciscosb2 ciscosb3 ciscosb4 B G N Mixed Choose this option if you have Wire...

Страница 70: ...security purposes You might need to change the management VLAN to limit access to the device Device Manager STEP 7 Optional In the U APSD WMM Power Save field check Enable to enable the Unscheduled Automatic Power Save Delivery U APSD feature also referred to as WMM Power Save that allows the radio to conserve power U APSD is a power saving scheme optimized for real time applications such as VoIP ...

Страница 71: ...k the Edit button STEP 3 Configure these settings STEP 4 Click Save Enable SSID Click On to enable the network SSID Name Enter the name of the network SSID Broadcast Check this box to enable SSID broadcast If SSID broadcast is enabled the wireless router advertises its availability to wireless equipped devices in the range of the router VLAN Choose the VLAN associated with the network Wireless Iso...

Страница 72: ...pears STEP 3 In the Select SSID field choose the SSID for which to configure the security settings STEP 4 From the Security Mode menu choose WEP STEP 5 In the Authentication Type field choose one of the following options Open System This is the default option Shared Key Select this option if your network administrator recommends this setting If you are unsure select the default option In both case...

Страница 73: ... standard 802 11i standardized by the Wi Fi Alliance and was intended as an intermediate measure to take the place of WEP while the 802 11i standard was being prepared WPA Personal supports Temporal Key Integrity Protocol TKIP and Advanced Encryption Standard AES encryption WPA2 Personal Recommended WPA2 is the implementation of the security standard specified in the final 802 11i standard WPA2 su...

Страница 74: ...ewals The default value is 3600 STEP 9 Click Save to save your settings STEP 10 Click Back to go back to the Basic Settings page Configuring WPA Enterprise WPA2 Enterprise and WPA2 Enterprise Mixed The WPA Enterprise WPA2 Enterprise and the WPA2 Enterprise Mixed security modes allow you to use RADUIS server authentication WPA Enterprise Allows you to use WPA with RADIUS server authentication WPA2 ...

Страница 75: ...t or deny access to the wireless network based on the MAC hardware address of the requesting device For example you can enter the MAC addresses of a set of computers and only allow those computers to access the network You can configure MAC Filtering for each network or SSID To configure MAC filtering STEP 1 In the Wireless Table Wireless Basic Settings check the box for the network you want to co...

Страница 76: ...g when users can access the network To configure Time of Day Access STEP 1 In the Wireless Table Wireless Basic Settings check the box for the network you want to configure STEP 2 Click Time of Day Access The Time of Day Access page appears STEP 3 In the Active Time field check Enable to enable Time of Day Access STEP 4 In the Start Time and Stop Time fields specify the time of day period when acc...

Страница 77: ... and click Save Set Up the Guest Network STEP 1 In the Management Interface choose Wireless Basic Settings STEP 2 In the Wireless Table choose the SSID or network that you want to designate as the guest network STEP 3 Click Edit Change the SSID name to reflect the guest designation for example guest net STEP 4 Check the SSID Broadcast box so that the network will appear as an available wireless co...

Страница 78: ... need to configure QoS In the Available Bandwidth field enter the percentage of bandwidth to allocate to the guest network STEP 7 Click Save Configuring Advanced Wireless Settings Advanced wireless settings should be adjusted only by an expert administrator incorrect settings can reduce wireless performance To configure advanced wireless settings STEP 1 Choose Wireless Advanced Settings The Advanc...

Страница 79: ...n transmit at all wireless rates The Basic Rate is not the actual rate of data transmission If you want to specify the device rate of data transmission configure the Transmission Rate setting Transmission Rate The rate of data transmission should be set depending on the speed of your wireless network You can select from a range of transmission speeds or you can select Auto to have the device autom...

Страница 80: ... 500 milliseconds The default value is 100 DTIM Interval This value between 1 and 255 indicates the interval of the Delivery Traffic Indication Message DTIM A DTIM field is a countdown field informing clients of the next window for listening to broadcast and multicast messages When the device has buffered broadcast or multicast messages for associated clients it sends the next DTIM with a DTIM Int...

Страница 81: ...d on one SSID only To configure a WDS STEP 1 Choose Wireless WDS STEP 2 Check the Allow wireless signal to be repeated by a repeater box to enable WDS STEP 3 To manually enter the MAC address of a repeater click Manual or choose Auto to have the router automatically detect remote access points RTS Threshold If you encounter inconsistent data flow enter only minor reductions The default value of 23...

Страница 82: ...er to your client device documentation for additional instructions on setting up WPS on your client device To configure WPS STEP 1 Choose Wireless WPS The Wi Fi Protected Setup page appears STEP 2 Select the wireless network on which to enable WPS from the SSID drop down menu STEP 3 Check WPS Enable to enable WPS To disable WPS uncheck the box STEP 4 Configure the WPS on client devices in one of t...

Страница 83: ...ork Configuring WPS Cisco RV215W Wireless N VPN Firewall Administration Guide 83 7 After you configure WPS the following information appears at the bottom of the WPS page Wi Fi Protected Setup Status Network Name SSID and Security ...

Страница 84: ...d applying rules that th e device uses to selectively block and allow inbound and outbound Internet traffic You then specify how and to what devices the rules apply To do so you must define the following Services or traffic types examples web browsing VoIP other standard services and also custom services that you define that the router should allow or block Direction for the traffic by specifying ...

Страница 85: ...ault all access from the insecure WAN side is blocked from accessing the secure LAN except in response to requests from the LAN or DMZ To allow outside devices to access services on the secure LAN you must create a firewall rule for each service If you want to allow incoming traffic you must make the router s WAN port IP address known to the public This is called exposing your host How you make yo...

Страница 86: ...ment Port See Configuring Remote Management IPv4 Multicast Passthrough IGMP Proxy Check Enable to enable multicast passthrough for IPv4 IPv6 Multicast Passthrough IGMP Proxy Check Enable to enable multicast passthrough for IPv6 UPnP Allow Users to Configure Allow Users to Disable Internet Access See Configuring Universal Plug and Play Block Java Check to block Java applets Java applets are small p...

Страница 87: ...X content Similar to Java applets ActiveX controls are installed on a Windows computer while running Internet Explorer A malicious ActiveX control can be used to compromise or infect computers Enabling this setting blocks ActiveX applets from being downloaded Click Auto to automatically block ActiveX or click Manual and enter a specific port on which to block ActiveX Block Proxy Check to block pro...

Страница 88: ...c on the device Remote Management Check Enable to enable remote management Remote Access Choose the type of web access that can be used to connect to the firewall HTTP or HTTPS secure HTTP Remote Upgrade To allow remote upgrades of the device check Enable Allowed Remote IP Address Click the Any IP Address button to allow remote management from any IP address or enter a specific IP address in the a...

Страница 89: ...dules You can create firewall schedules to apply firewall rules on specific days or at specific times of the day Adding or Editing a Firewall Schedule To create or edit a schedule STEP 1 Choose Firewall Schedule Management STEP 2 Click Add Row STEP 3 In the Name field enter a unique name to identify the schedule This name is available on the Firewall Rule Configuration page in the Select Schedule ...

Страница 90: ...ou create a firewall rule you can specify a service that is controlled by the rule Common types of services are available for selection and you can create your own custom services The Services Management page allows you to create custom services against which firewall rules can be defined Once defined the new service appears in the List of Available Custom Services table To create a custom service...

Страница 91: ...inbound policy for traffic flowing from the non secure zone to the secure zone is always blocked and cannot be changed To configure the default outbound policy STEP 1 Choose Firewall Access Rules STEP 2 Choose Allow or Deny Note Ensure that IPv6 support is enabled on the device to configure an IPv6 firewall See Configuring IPv6 STEP 3 Click Save Reordering Access Rules The order in which access ru...

Страница 92: ...he Connection Type field choose the source of originating traffic Outbound LAN WAN Choose this option to create an outbound rule Inbound WAN LAN Choose this option to create an inbound rule Inbound WAN DMZ Choose this option to create an inbound rule STEP 4 From the Action drop down menu choose the action Always Block Always block the selected type of traffic Always Allow Never block the selected ...

Страница 93: ... STEP 6 Optional Click Configure Services to go to the Service Management page to configure the services before applying access rules to them See Configuring Services Management for more information STEP 7 In the Source IP field select the users to which the firewall rule applies Any The rule applies to traffic originating on any host in the local network Single Address The rule applies to traffic...

Страница 94: ... the LAN or DMZ to the WAN the system requires rewriting the source or destination IP address of incoming IP packets as they pass through the firewall STEP 9 In the QoS Priority field assign a priority to IP packets of this service The priorities are defined by QoS Level 1 lowest 2 3 4 highest STEP 10 In the Rule Status field check the box to enable the new access rule STEP 11 Click Save Creating ...

Страница 95: ...edule If you chose Block by schedule or Allow by schedule click Configure Schedules to create a schedule See Managing Firewall Schedules STEP 6 Choose a schedule from the drop down menu STEP 7 Optional Apply the access policy to specific PCs to allow or block traffic coming from specific devices a In the Apply Access Policy to the Following PCs table click Add Row b From the Type drop down menu ch...

Страница 96: ... port forwarding rules NOTE Port forwarding is not appropriate for servers on the LAN because there is a dependency on the LAN device making an outgoing connection before incoming ports are opened Some applications require that they receive data on a specific port or range of ports in order to function properly when external devices connect to them The router must send all incoming data for that a...

Страница 97: ... the Enable field check the Enable box to enable the rule STEP 9 Click Save Configuring Port Range Forwarding To add a port range forwarding rule STEP 1 Choose Firewall Port Range Forwarding STEP 2 In the Application field enter the name of the application for which to configure port forwarding STEP 3 In the External Port field specify the port number that will trigger this rule when a connection ...

Страница 98: ...ing does not offer NOTE Port triggering is not appropriate for servers on the LAN since there is a dependency on the LAN device making an outgoing connection before incoming ports are opened Some applications require that when external devices connect to them they receive data on a specific port or range of ports in order to function properly The router must send all incoming data for that applica...

Страница 99: ...he port number or range of port numbers used by the remote system to respond to the request it receives If the incoming connection uses only one port then specify the same port number in both fields STEP 5 In the Interface drop down menu choose Both Ethernet 3G Ethernet or 3G STEP 6 In the Enable field check the Enable box to enable the rule STEP 7 Click Save ...

Страница 100: ...or a remote worker and a gateway router You can create different types of VPN tunnels depending on the needs of your business Several scenarios are described below Read these descriptions to understand the options and the steps required to set up your VPN Remote access using PPTP In this scenario a remote user with a Microsoft computer connects to a PPTP server at your site to access network resou...

Страница 101: ...n securely access the corporate network The site to site VPN is configured in the VPN Basic VPN Setup page VPN Clients VPN client software is required to establish a VPN tunnel between the router and remote endpoint Your device supports Cisco QuickVPN and PPTP VPN clients Configuring PPTP Point to Point Tunneling Protocol PPTP is a network protocol that enables the secure transfer of data from a r...

Страница 102: ...le remote management to open port 443 for SSL See Configuring Basic Firewall Settings Configuring NetBIOS over VPN To enable NetBIOS over VPN STEP 1 In the NetBIOS over VPN field check the box to allow NetBIOS broadcasts to travel over the VPN tunnel By default the NetBIOS feature is available to client policies STEP 2 Click Save Creating and Managing PPTP Users To create PPTP users STEP 1 In the ...

Страница 103: ...sers STEP 1 In the VPN Client Setting Table click Add Row STEP 2 Enter this information STEP 3 Click Save To edit settings for a QuickVPN user check the box and click Edit Make changes and click Save To delete a QuickVPN user check the box click Delete and click Save For more information about QuickVPN see Appendix A Using the Cisco QuickVPN Software Enable Check to enable the user Username Enter ...

Страница 104: ...ort CAUTION Importing VPN client settings deletes existing settings To import VPN client settings STEP 1 Click Browse to locate the file STEP 2 Click Import to load the file STEP 3 When prompted to delete existing VPN user settings and import the settings in the CSV file click Yes Configuring Basic Site to Site IPsec VPN Settings The device supports site to site VPN for a single gateway to gateway...

Страница 105: ...WAN IP address or the FQDN for the redundancy endpoint Local WAN Internet IP Address Enter the public IP address or domain name of the local endpoint device STEP 5 In the Secure Connection Remote Accessibility fields enter the following information Remote LAN Local Network IP Address Enter the private network LAN address of the remote endpoint This is the IP address of the internal network at the ...

Страница 106: ...VPN Parameters The Advanced VPN Setup page allows you to configure advanced VPN parameters such as IKE and other VPN policies These policies control how the device initiates and receives VPN connections with other endpoints Managing IKE Policies The Internet Key Exchange IKE protocol dynamically exchanges keys between two IPsec hosts You can create IKE policies to define the security parameters su...

Страница 107: ...ng IKE policies configure the following settings Policy Name Enter a unique name for the policy for identification and management purposes Exchange Mode Choose one of the following options Main Negotiates the tunnel with higher security but is slower Aggressive Establishes a faster connection but with lowered security Local Identifier Local IKE identifier Remote Identifier Remote IKE identifier Re...

Страница 108: ...ally on both sides of the IKE policy SA Lifetime Enter the interval in seconds after which the Security Association becomes invalid Dead Peer Detection Check the Enable box to enable this feature or uncheck the box to disable it Dead Peer Detection DPD is used to detect whether the peer is alive or not If the peer is detected as dead the router deletes the IPsec and IKE Security Association If you...

Страница 109: ...Adding or Editing VPN Policies To create an Auto VPN Policy you need to first create an IKE policy and then add the corresponding Auto Policy for that IKE Policy When adding or editing a VPN policy you can configure the following settings Policy Name Enter a unique name to identify the policy Policy Type Choose one of the following options Auto Policy Some parameters for the VPN tunnel are generat...

Страница 110: ...Subnet Allows an entire subnet to connect to the VPN Enter the network address in the Start IP Address field and enter the Subnet Mask in the Subnet Mask field Enter the subnet s network IP address in the Start Address field Enter the subnet mask such as 255 255 255 0 in the Subnet Mask field The field automatically displays a default subnet address based on the IP address IMPORTANT Make sure that...

Страница 111: ...the integrity key for ESP with Integrity mode for the inbound policy The length of the key depends on the algorithm chosen MD5 16 characters SHA 1 20 characters SHA2 256 32 characters Key Out Enter the integrity key for ESP with Integrity mode for the outbound policy The length of the key depends on the algorithm chosen as shown above For an Auto policy type enter the settings in the Auto Policy P...

Страница 112: ...agement The device uses digital certificates for IPsec VPN authentication and SSL validation for HTTPS You can generate and sign your own certificates using functionality available on the device Generating a New Certificate You can generate a new certificate to replace the existing certificate on the device To generate a certificate STEP 1 Choose VPN Certificate Management STEP 2 Click the Generat...

Страница 113: ... Admin Device Manager saves the admin pem file in the C Documents and Settings userid My Documents Downloads To export the certificate to an external USB drive click Export to USB for Admin Exporting Certificates for Client You can export certificates for clients to your computer or to an external location on a USB drive The certificate for the client allows QuickVPN users to securely connect to t...

Страница 114: ...ss through the device To configure VPN passthrough STEP 1 Choose VPN VPN Passthrough STEP 2 Choose the type of traffic to allow to pass through the firewall STEP 3 Click Save IPsec Check Enable to allow IP security tunnels to pass through the device PPTP Check Enable to allow PPTP tunnels to pass through the device L2TP Check Enable to allow Layer 2 Tunneling Protocol L2TP tunnels to pass through ...

Страница 115: ...Configuring VPN Configuring VPN Passthrough Cisco RV215W Wireless N VPN Firewall Administration Guide 115 9 ...

Страница 116: ...ns users or data flows or guarantees a level of performance to a data flow This guarantee is important when the network capacity is insufficient Especially for real time streaming multimedia applications such as voice over IP online games and IP TV which often require fixed bit rates and are delay sensitive and in networks where the capacity is a limited resource for example in cellular data commu...

Страница 117: ...eld check Enable The maximum bandwidth provided by your ISP appears in the Bandwidth section STEP 3 In the Bandwidth Table enter the following information for the WAN interface STEP 4 Click Save Configuring Bandwidth Priority In the Bandwidth Priority Table you can assign priorities to services to manage bandwidth usage To configure bandwidth priority STEP 1 Choose QoS Bandwidth Management STEP 2 ...

Страница 118: ...te an entry from the table check the relevant box click Delete and click Save To add a new service definition click the Service Management button You can define a new service to use for all firewall and QoS definitions See Configuring Services Management Enable Check to enable bandwidth management for this service Service Choose the service to prioritize Direction Choose the direction of the traff...

Страница 119: ...rt in the Ethernet QoS Port Based Settings table enter this information Trust Mode Choose one of the following options from the drop down menu Port This setting enables the port based on QoS You can then set the traffic priority for a particular port The traffic queue priority starts at the lowest priority of 1 and ends with the highest priority of 4 DSCP Differentiated Services Code Point DSCP En...

Страница 120: ...Ethernet or 3G radio button STEP 3 For each CoS priority level in the CoS Settings Table choose a priority value from the Traffic Forwarding Queue drop down menu Trust Mode Choose one of the following options from the drop down menu Port This setting enables the port based on QoS You can then set the traffic priority for a particular port The traffic queue priority starts at the lowest priority of...

Страница 121: ...can use the DSCP Settings page to configure DSCP to QoS queue mapping To configure DSCP to QoS queue mapping STEP 1 Choose QoS DSCP Settings STEP 2 Choose the Ethernet or 3G radio button STEP 3 Choose whether to only list RFC values or to list all DSCP values in the DSCP Settings Table by clicking the relevant button STEP 4 For each DSCP value in the DSCP Settings Table choose a priority level fro...

Страница 122: ...ting Password Complexity page123 Configuring User Accounts page124 Setting the Session Timeout Value page125 Configuring Simple Network Management SNMP page 125 Using Diagnostic Tools page 128 Configuring Logging page 130 Configuring Bonjour page134 Configuring Date and Time Settings page 134 Backing Up and Restoring the System page135 Upgrading Firmware or Changing the Language page139 Restarting...

Страница 123: ...ssword Length Enter the minimum password length 0 to 64 characters Minimum number of character classes Enter a number representing one of the following character classes Uppercase letters Lowercase letters Numbers Special characters available on a standard keyboard By default passwords must contains characters from at least three of these classes The new password must be different than the current...

Страница 124: ...ccount must be active STEP 3 Optional To edit the administrator account under Administrator Account Setting check Edit Administrator Settings To edit the guest account under Guest Settings check Edit Guest Settings Enter the following information STEP 4 To import user names and passwords from a CSV file a In the Import User Name Password field click Browse b Locate the file and click Open c Click ...

Страница 125: ...y logged in permanently STEP 3 In the Guest Inactivity Timeout field enter the number in minutes before a session times out due to inactivity Choose never to allow the administrator to stay logged in permanently STEP 4 Click Save Configuring Simple Network Management SNMP Simple Network Management Protocol SNMP lets you monitor and manage your router from an SNMP manager SNMP provides a remote mea...

Страница 126: ...evice user accounts Admin and Guest To configure SNMPv3 settings STEP 1 Choose Administration SNMP STEP 2 Under SNMPv3 User Configuration configure the following settings SysContact Enter the name of the contact person for this firewall for example admin or John Doe SysLocation Enter the physical location of the firewall for example Rack 2 4th Floor SysName Enter a name for easy identification of ...

Страница 127: ...Pv3 security level No Authentication and No Privilege Does not require any Authentication and Privacy Authentication and No Privilege Submit only Authentication algorithm and password Authentication and Privilege Submit Authentication privacy algorithm and password Authentication Algorithm Server Select the type of authentication algorithm MD5 or SHA Authentication Password Enter the authenticatio...

Страница 128: ...etwork You can also use the Ping tool to test connectivity to the Internet by pinging a fully qualified domain name for example www cisco com To use PING STEP 1 Choose Administration Diagnostics Network Tools STEP 2 In the IP Address Domain Name field enter the device IP address or a fully qualified domain name such as www cisco com to ping STEP 3 Click Ping The ping results appear These results t...

Страница 129: ...eroute results appear STEP 4 Click Close when done Performing a DNS Lookup You can use the Lookup tool to find out the IP address of host for example a Web FTP or Mail server on the Internet To retrieve the IP address of a Web FTP Mail or any other server on the Internet type the Internet Name in the text box and click Lookup If the host or domain entry exists you will see a response with the IP a...

Страница 130: ...id any issues with port mirroring DHCP leases can expire for a LAN host and can cause port mirroring to fail if a static IP address is not configured for the LAN host To configure port mirroring STEP 1 Choose Administration Diagnostics Port Mirroring STEP 2 In the Mirror Source field select the ports to mirror STEP 3 From the Mirror Port drop down menu choose a mirror port If you use a port for mi...

Страница 131: ...ct them For example choosing error logs automatically includes emergency alert and critical logs in addition to error logs The event severity levels are listed from the highest severity to the lowest severity as follows Emergency System is not usable Alert Action is needed Critical System is in a critical condition Error System is in error condition Warning System warning occurred Notification Sys...

Страница 132: ... logs that you want to capture To change log severity click Configure Severity In the Send E mail Logs by Schedule section choose if you want to send e mail Hourly Daily or Weekly If you choose Never logs are not sent If you chose a weekly schedule choose the day of the week to e mail the logs If you chose a daily or weekly schedule choose the time of day when the device must e mail the logs STEP ...

Страница 133: ... mail server requires authentication before accepting connections choose the type of authentication from the drop down menu None LOGIN PLAIN and CRAM MD5 E mail Authentication Username Enter the e mail authentication username example logging companyname com E mail Authentication Password Enter the e mail authentication password for example the password used to access the e mail account you have se...

Страница 134: ...AN allows devices present on the VLAN to discover Bonjour services available on the router such as HTTP HTTPS For example if a VLAN is configured with an ID of 2 devices and hosts present on VLAN 2 cannot discover Bonjour services running on the router unless Bonjour is enabled for VLAN 2 STEP 4 Click Save Configuring Date and Time Settings You can configure your time zone whether or not to adjust...

Страница 135: ... Adjust for Daylight Savings Time box This check box is enabled if you click Auto in the Set Date and Time field below Daylight Saving Mode Choose either By date you enter the specific date on which daylight saving mode starts or Recurring you enter the month week day of week and time on which daylight saving time starts Enter the appropriate information in the from and to fields Daylight Saving O...

Страница 136: ...ear STEP 3 To download the backup file to your computer click Download Startup configuration Select this option to download the startup configuration The startup configuration is the most current running configuration that the device uses If the router startup configuration has been lost use this page to copy the backup configuration to the startup configuration and keep all their previous configu...

Страница 137: ... Upload field select the configuration to upload Startup Configuration or Backup Configuration STEP 3 You can upload the configuration file from your PC or from an external USB device To upload from your computer click the PC radio button Click Browse to locate the file Select the file and click Open To upload from a location on a USB drive click the USB radio button Click Show USB to display all ...

Страница 138: ...the backed up configuration information to be copied to the startup configuration which restores all of the settings To copy a configuration for example to copy a startup configuration to the backup configuration STEP 1 Choose Administration Backup Restore Settings STEP 2 In the Copy field choose the source and destination configurations from the drop down menus STEP 3 Click Start to Copy Generati...

Страница 139: ...Upgrading Firmaware Automatically STEP 1 Choose Administration Firmware Language Upgrade STEP 2 In the Automatic Firmware Upgrade section select how frequently you want the device to check for updates to the firmware in the Interval Check every field STEP 3 In the Automatically Upgrade field choose if you want to upgrade to the latest firmware immediately after a new version is detected or at a sp...

Страница 140: ... Firmware Manually STEP 1 Choose Administration Firmware Language Upgrade STEP 2 In the Manual Firmware Language Upgrade section click the Firmware Image radio button in the File Type field STEP 3 Download the latest firmware to your PC or to a USB device To download the latest version of the firmware from cisco com to a USB device click Start Download in Save to USB from cisco com STEP 4 To upgra...

Страница 141: ...ith the new firmware The System Information section displays the latest firmware Changing the Language To change the language STEP 1 Choose Administration Firmware Language Upgrade STEP 2 In the File Type field click the Language File button STEP 3 Click Browse to locate and select the language file STEP 4 Optionally to restore the device configuration parameters to factory default vaues select Re...

Страница 142: ...outer shut down the PC or use the router until the operation is complete This should take about a minute When the test light turns off wait a few more seconds before using the router To restore factory defaults to the router STEP 1 Choose Administration Restore Factory Defaults STEP 2 Click Default Running the Setup Wizard To run the Setup Wizard STEP 1 Choose Administration Setup Wizard STEP 2 Fo...

Страница 143: ...e to use third party VPN software This appendix includes the following sections Before You Begin Installing the Cisco QuickVPN Software Using the Cisco QuickVPN Software Before You Begin The QuickVPN program only works with a router that is properly configured to accept a QuickVPN connection You must perform the following steps STEP 1 Enable remote management See Configuring Basic Firewall Setting...

Страница 144: ...ware Installing from the CD ROM STEP 1 Insert the Cisco RV215W CD ROM into your CD ROM drive After the Setup Wizard begins click the Install QuickVPN link The License Agreement window appears License Agreement STEP 2 Click Yes to accept the agreement STEP 3 Click Browse and choose where to copy the files to for example C Cisco Small Business QuickVPN Client ...

Страница 145: ...W Wireless N VPN Firewall Administration Guide 145 A STEP 4 Click Next The Setup Wizard copies the files to the chosen location Copying Files Finished Installing Files STEP 5 Click Finish to complete the installation Proceed to Using the Cisco QuickVPN Software on page 146 ...

Страница 146: ...nloads link STEP 2 Enter Cisco RV215W in the search box and find the QuickVPN software STEP 3 Save the zip file to your PC and extract the exe file STEP 4 Double click the exe file and follow the on screen instructions Using the Cisco QuickVPN Software STEP 1 Double click the Cisco QuickVPN icon on your desktop or in the system tray The QuickVPN Login window appears STEP 2 In the Profile Name fiel...

Страница 147: ...d to create a tunnel you can create multiple profiles but only one tunnel can be active at a time STEP 7 To begin your QuickVPN connection click Connect The connection progress displays Connecting Provisioning Activating Policy and Verifying Network STEP 8 After your QuickVPN connection is established the QuickVPN tray icon turns green and the QuickVPN Status window appears The window displays the...

Страница 148: ... 10 Enter your password in the Old Password field Enter your new password in the New Password field Then enter the new password again in the Confirm New Password field STEP 11 Click OK to save your new password NOTE You can change your password only if the Allow User to Change Password box has been checked for that username ...

Страница 149: ... www cisco com en US support tsd_cisco_small_ business_support_ center_contacts html Software Downloads Login Required Go to tools cisco com support downloads and enter the model number in the Software Search box Product Documentation Wireless N VPN Firewall www cisco com en US products ps9923 tsd_products_support_series_home html Cisco Partner Central Partner Login Required www cisco com web part...

Отзывы:

Нет отзывов