1. Home
    2. /
  2. Manuals
    3. /
  3. Cisco
    4. /
  4. CVR100W
    5. /
  5. 19
Page 91 / 150 Scroll up to view Page 86 - 90
Configuring Firewall
Managing Firewall Schedules
Cisco CVR100W Wireless-N VPN Router Administration Guide
89
5
STEP
3
Click
Save
.
Managing Firewall Schedules
You can create firewall schedules to apply firewall rules on specific days or at
specific times of the day.
To create a schedule:
STEP 1
Choose
Firewall
>
Schedule Management
.
STEP
2
Click
Add Row
.
STEP
3
In the
Schedule Name
field, enter a unique name to identify the schedule.
Block ActiveX
Check to block ActiveX content. Similar to Java
applets, ActiveX controls are installed on a Windows
computer while running Internet Explorer. A malicious
ActiveX control can be used to compromise or infect
computers.
Enabling this setting blocks ActiveX applets from
being downloaded. Click
Auto
to automatically block
ActiveX, or click
Manual Port
and enter a specific port
on which to block ActiveX.
Block Proxy
Check to block proxy servers. A proxy server (or
proxy) allows computers to route connections to other
computers through the proxy, thus circumventing
certain firewall rules.
For example, if connections to a specific IP address
are blocked by a firewall rule, the requests can be
routed through a proxy that is not blocked by the rule,
rendering the restriction ineffective.
Enabling this feature blocks proxy servers. Click
Auto
to automatically block proxy servers, or click
Manual
Port
and enter a specific port on which to block proxy
servers.
Page 92 / 150
Configuring Firewall
Configuring Service Management
Cisco CVR100W Wireless-N VPN Router Administration Guide
90
5
STEP
4
Under
Scheduled Days
, select whether you want the schedule to apply to all days
or specific days. If you choose
Specific Days
, check the boxes next to the days
you want to include in the schedule.
STEP
5
Under
Scheduled Time of Day
, select the time of day that you want the schedule
to apply. You can choose either
All Times
or
Specific Times
. If you choose
Specific Times
, enter the start and end times.
STEP
6
Click
Save
.
STEP
7
Click
Back
to go back to the Schedule Management page.
STEP
8
To edit an entry, select the entry and click
Edit
. Make your changes, then click
Save
.
Configuring Service Management
When you create a firewall rule, you can specify a service that is controlled by the
rule. Common types of services are available for selection, and you can create
your own custom services.
The Service Management page allows you to create custom services against
which firewall rules can be defined. Once defined, the new service appears in the
list of
Services
Table
.
To create a custom service:
STEP 1
Choose
Firewall
>
Service Management
.
STEP
2
Click
Add Row
.
STEP
3
In the
Service
Name
field, enter the service name for identification and
management purposes.
STEP
4
In the
Protocol
field, choose the Layer 4 protocol that the service uses from the
drop-down menu:
TCP
UDP
TCP & UDP
ICMP
Page 93 / 150
Configuring Firewall
Configuring Access Control
Cisco CVR100W Wireless-N VPN Router Administration Guide
91
5
STEP
5
In the
Start Port
field, enter the first TCP or UDP port of the range that the service
uses.
STEP
6
In the
End Port
field, enter the last TCP or UDP port of the range that the service
uses.
STEP
7
Click
Save
.
STEP
8
To edit an entry, select the entry and click
Edit
. Make your changes, then click
Save
.
Configuring Access Control
Default Access Control Policy
You can configure the default access control policy for the traffic that is directed
from the secure network (LAN) to the non-secure network (dedicated WAN/
optional).
To configure the default access control policy:
STEP 1
Choose
Firewall
>
Access Control
>
Default Access Control Policy
.
STEP
2
Choose
Allow
or
Deny
.
STEP
3
Click
Save
.
Configuring Access Rules
All configured access rules on the CVR100W are displayed in the
Access Rules
Table
.
To create an access rule:
STEP 1
Choose
Firewall
>
Access Control
>
Access Rules
.
STEP
2
Click
Add Row
.
STEP
3
In the
Connection Type
field, choose the source of originating traffic:
Page 94 / 150
Configuring Firewall
Configuring Access Control
Cisco CVR100W Wireless-N VPN Router Administration Guide
92
5
Outbound (LAN > WAN):
Choose this option to create an outbound rule.
Inbound (WAN > LAN):
Choose this option to create an inbound rule.
STEP
4
From the
Action
drop-down menu, choose the action:
Always block:
Always block the selected type of traffic.
Always allow:
Never block the selected type of traffic.
Block by schedule:
Blocks the selected type of traffic according to a
schedule.
Allow by schedule:
Allows the selected type of traffic according to a
schedule.
STEP
5
From the
Schedule
drop-down menu, choose the schedule to apply this rule.
(Optional) Click
Configure Schedules
to go to the Schedule Management page to
configure the services before applying access rules to them.
STEP
6
From the
Services
drop-down menu, choose the service to allow or block for this
rule. Choose
All Traffic
to allow the rule to apply to all applications and services,
or choose a single application to block.
Domain Name System (DNS)
File Transfer Protocol (FTP)
Hypertext Transfer Protocol (HTTP)
HTTP Secondary
Secure Hypertext Transfer Protocol (HTTPS)
HTTPS Secondary
Trivial File Transfer Protocol (TFTP)
Internet Message Access Protocol (IMAP)
Network News Transport Protocol (NNTP)
Post Office Protocol (POP3)
Simple Network Management Protocol (SNMP)
Simple Mail Transfer Protocol (SMTP)
Telnet
Telnet Secondary
Page 95 / 150
Configuring Firewall
Configuring Access Control
Cisco CVR100W Wireless-N VPN Router Administration Guide
93
5
Telnet SSL
Voice (SIP)
(Optional) Click
Configure Services
to go to the Service Management page to
configure the services before applying access rules to them.
STEP
7
In the
Source IP
field, select the users to which the access rule applies:
Any:
The rule applies to traffic originating on any host in the local network.
Single Address:
The rule applies to traffic originating on a single IP address
in the local network. Enter the address in the
Start IP
field.
Address Range:
The rule applies to traffic originating from an IP address
located in a range of addresses. Enter the starting IP address in the
Start IP
field, and the ending IP address in the
Finish
field.
STEP
8
In the
Destination IP
field, select the users to which the access rule applies:
Any:
The rule applies to traffic originating on any host in the local network.
Single Address
: The rule applies to traffic originating on a single IP address
in the local network. Enter the address in the
Start IP
field.
Address Range:
The rule applies to traffic originating from an IP address
located in a range of addresses. Enter the starting IP address in the
Start IP
field, and the ending IP address in the
Finish
field.
STEP
9
In the
Log
field, specify whether the packets for this rule should be logged.
To log details for all packets that match this rule, choose
Always
from the drop-
down menu. For example, if an outbound rule for a schedule is selected as
Always
block
, for every packet that tries to make an outbound connection for that service,
a message with the packet's source address and destination address (and other
information) is recorded in the log.
Enabling logging may generate a significant volume of log messages and is
recommended for debugging purposes only.
Choose
Never
to disable logging.
STEP 10
In the
QoS
Priority
field, assign a priority to IP packets of this service.
The priorities are defined by QoS Level: (
1 (lowest)
,
2
,
3
,
4 (highest)
).
STEP 11
In the
Rule Status
field, check to enable the new access rule.
STEP 12
Click
Save
.

Rate

3.5 / 5 based on 2 votes.

Popular Cisco Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top