Cisco CVR100W Router Manual PDF (Setup & Configuration Guide)

Page 86 / 150 Scroll up to view Page 81 - 85

Configuring Wireless Network

Configuring WPS

Cisco CVR100W Wireless-N VPN Router Administration Guide

84

4

•

If the client device has a WPS PIN number, enter the PIN number and click

Register

. After configuration is completed, click

OK

.

Refer to your client device or its documentation for further instructions.

•

If the client device requires a PIN number from the router, use the number

listed in item 3 on the WPS page.

After you configure WPS, the following information appears at the bottom of the

WPS page: Wi-Fi Protected Setup Status, Network Name (SSID), and Security.

The status of the WPS light on the front panel provides information about the WPS

operation.

WPS Successfully

Started

WPS light turns on for 120 seconds.

WPS During Startup

WPS light flashes (0.5 Hz) for 30 seconds.

WPS Errors

Occurred

WPS light flashes (1 Hz) for 30 seconds.

WPS Session

Overlap

WPS light flashes (0.1 Hz) in one second and turns off

next second for 120 seconds.

WPS Enabled or

Disabled

WPS light is off.

Page 87 / 150

5

Cisco CVR100W Wireless-N VPN Router Administration Guide

85

Configuring Firewall

This chapter describes how to configure the firewall settings. It includes the

following sections:

•

CVR100W Firewall Features

•

Configuring Basic Firewall Settings

•

Managing Firewall Schedules

•

Configuring Service Management

•

Configuring Access Control

•

Configuring Single Port Forwarding

•

Configuring Port Range Forwarding

•

Configuring Port Range Triggering

CVR100W Firewall Features

Access Rules

You can secure your network by creating and applying rules that the CVR100W

uses to selectively block and allow inbound and outbound Internet traffic. You then

specify how and to what devices the rules apply. To do so, you must define the

following:

•

Services or traffic types (examples: web browsing, VoIP, other standard

services and also custom services that you define) that the CVR100W

should allow or block.

•

Direction for the traffic by specifying the source and destination of traffic.

•

Schedules as to when the CVR100W should apply rules.

Page 88 / 150

Configuring Firewall

CVR100W Firewall Features

Cisco CVR100W Wireless-N VPN Router Administration Guide

86

5

•

Keywords (in a domain name or on a URL of a webpage) that the CVR100W

should allow or block.

•

MAC addresses of devices whose inbound access to your network that the

CVR100W should block.

•

Port triggers that signal the CVR100W to allow or block access to specified

services as defined by port number.

You can, for example, establish restricted-access policies based on time-of-day,

web addresses, and web address keywords. You can block Internet access by

applications and services on the LAN, such as chat rooms or games. You can block

just certain groups of PCs on your network from being accessed by the WAN.

Inbound (WAN to LAN) rules restrict access to traffic entering your network,

selectively allowing only specific outside users to access specific local resources.

By default, all access from the insecure WAN side is blocked from accessing the

secure LAN, except in response to requests from the LAN. To allow outside

devices to access services on the secure LAN, you must create a firewall rule for

each service.

If you want to allow incoming traffic, you must make the CVR100W's WAN port IP

address known to the public. This is called “exposing your host.” How you make

your address known depends on how the WAN ports are configured; for the

CVR100W, you may use the IP address if a static address is assigned to the WAN

port, or if your WAN address is dynamic, a DDNS (Dynamic DNS) name can be

used.

Outbound (LAN to WAN) rules restrict access to traffic leaving your network,

selectively allowing only specific local users to access specific outside resources.

The default outbound rule is to allow access from the secure zone (LAN) to

insecure WAN. To block hosts on the secure LAN from accessing services on the

outside (insecure WAN), you must create a firewall rule for each service.

Page 89 / 150

Configuring Firewall

Configuring Basic Firewall Settings

Cisco CVR100W Wireless-N VPN Router Administration Guide

87

5

Port Forwarding

Port forwarding is used to redirect traffic from the Internet from one port on the

WAN to another port on the LAN. Common services are available or you can define

a custom service and associated ports to forward.

!

CAUTION

Port forwarding is not appropriate for servers on the LAN, since there is a

dependency on the LAN device making an outgoing connection before incoming

ports are opened.

Some applications require that, when external devices connect to them, they

receive data on a specific port or range of ports in order to function properly. The

CVR100W must send all incoming data for that application only on the required

port or range of ports.

The CVR100W has a list of common applications and games with corresponding

outbound and inbound ports to open. You can also specify a port forwarding rule

by defining the type of traffic (TCP or UDP) and the range of incoming and

outgoing ports to open when enabled.

Configuring Basic Firewall Settings

To configure basic firewall settings:

STEP 1

Choose

Firewall

>

Basic Settings

.

STEP

2

Configure the following firewall settings:

DoS Protection

Check

Enable

to enable Denial of Service (DoS)

protection.

Block WAN Request

Check

Enable

to block ping requests to the CVR100W

from the WAN.

IPv4 Multicast

Passthrough

Check

Enable

to enable multicast passthrough for

IPv4.

IPv4 Multicast

Immediate Leave

Check

Enable

to enable IGMP proxy immediate leave.

Page 90 / 150

Configuring Firewall

Configuring Basic Firewall Settings

Cisco CVR100W Wireless-N VPN Router Administration Guide

88

5

IPv4 Multicast

Snooping

Check

Enable

to enable IGMP Snooping.

UPnP

Check

Enable

to enable Universal Plug and Play

(UPnP).

Allow Users to

Configure

(UPnP) Check to allow UPnP port-mapping rules to be

set by users who have UPnP support enabled on their

computers or other UPnP enabled devices. If disabled,

the CVR100W does not allow application to add the

forwarding rule.

Allow Users to

Disable Internet

Access

(UPnP) Check to allow users to disable Internet

access.

Block Java

Check to block Java applets.

Java applets are small programs embedded in web

pages that enable dynamic functionality of the page. A

malicious applet can be used to compromise or infect

computers.

Enabling this setting blocks Java applets from being

downloaded. Click

Auto

to automatically block Java, or

click

Manual Port

and enter a specific port on which

to block Java.

Block Cookies

Check to block cookies.

Cookies are used to store session information by

websites that usually require login. However, several

websites use cookies to store tracking information and

browsing habits.

Enabling this option filters out cookies from being

created by a website. Click

Auto

to automatically

block cookies, or click

Manual Port

and enter a

specific port on which to block cookies.

NOTE

Many websites require that cookies be accepted in

order for the site to be accessed properly. Blocking cookies

can cause many websites to not function properly.

Rate

Popular Cisco Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share