Cisco CVR100W Router Manual PDF (Setup & Configuration Guide)

Page 96 / 150 Scroll up to view Page 91 - 95

Configuring Firewall

Configuring Access Control

Cisco CVR100W Wireless-N VPN Router Administration Guide

94

5

STEP 13

Click

Back

to go back to the Access Rules page.

Configuring Internet Access Rules

The CVR100W supports several options for blocking Internet access. You can

block all Internet traffic, block Internet traffic to certain PCs or endpoints, or block

access to Internet sites by specifying keywords to block. If these keywords are

found in the site's name (for example, web site URL or newsgroup name), the site is

blocked.

To create a Internet access rule:

STEP 1

Choose

Firewall

>

Access Control

>

Internet Access Rules

.

STEP

2

Click

Add Row

.

STEP

3

In the

Rule Status

field, check

Enable

to enable the Internet access rule.

STEP

4

In the

Enter Policy Name

filed, enter a policy name for identification and

management purposes.

STEP

5

From the

Action

drop-down menu, choose the type of access restriction that you

need:

•

Block All:

Block all Internet traffic.

•

Block URL:

Block Internet traffic to specified Internet sites.

•

Block All by Schedule:

Blocks all types of traffic according to a schedule.

•

Block URL by Schedule:

Blocks the specified Internet sites according to a

schedule.

STEP

6

If you choose

Block All by Schedule

or

Block URL by Schedule

, choose a

schedule from the

Schedule

drop-down menu.

(Optional) Click

Configure Schedules

to go to the Schedule Management page to

configure the services before applying the Internet access rules to them.

STEP

7

Apply the Internet access rule to specific PCs. Address filtering allows you to

block traffic coming from specific devices.

Page 97 / 150

Configuring Firewall

Configuring Single Port Forwarding

Cisco CVR100W Wireless-N VPN Router Administration Guide

95

5

In the

Apply Access Policy to the Following PCs

table, click

Add Row

.

From the

Type

drop-down menu, choose how to identify the PC (by MAC address,

by IP address, or by providing a range of IP addresses).

In the

Value

field, depending on what you chose in the previous step, enter one of

the following:

•

MAC address (xx:xx:xx:xx:xx:xx) of the PC to which the Internet access rule

applies.

•

The IP address of the PC to which the Internet access rule applies.

•

The starting and ending IP addresses to block (for example, 192.168.1.2 to

192.168.1.30).

STEP

8

In the

Website Blocking

table, click

Add Row

.

From the

Type

drop-down menu, choose how to block a website (by specifying

the URL or by specifying a keyword that appears in the URL).

In the

Value

field, enter the URL or keyword used to block the website.

For example, to block the example.com URL, choose

URL Address

from the drop-

down menu and enter

example.com

in the

Value

field. To block a URL that has the

keyword “example” in the URL, choose

Keyword

from the drop-down menu and

enter

example

in the

Value

field.

STEP

9

Click

Save

.

STEP 10

Click

Back

to go back to the Internet Access Rules page.

Configuring Single Port Forwarding

To add a single port forwarding rule:

STEP 1

Choose

Firewall

>

Single

Port Forwarding

. A pre-existing list of applications is

displayed.

STEP

2

In the

Service Name

field, enter the name of the service to configure port

forwarding for.

STEP

3

In the

External Port

field, enter the port number that triggers this rule when a

connection request from outgoing traffic is made.

Page 98 / 150

Configuring Firewall

Configuring Port Range Forwarding

Cisco CVR100W Wireless-N VPN Router Administration Guide

96

5

STEP

4

In the

Internal Port

field, enter the port number used by the remote system to

respond to the request it receives.

STEP

5

From the

Protocol

drop-down menu, choose a protocol (

TCP

,

UDP

, or

TCP

&

UDP

).

STEP

6

In the

IP Address

field, enter the IP address.

STEP

7

In the

Enable

field, check the box to enable the rule.

STEP

8

Click

Save

.

Configuring Port Range Forwarding

To add a port range forwarding rule:

STEP 1

Choose

Firewall

>

Port Range Forwarding

.

STEP

2

In the

Service Name

field, enter the name of the service to configure port

forwarding.

STEP

3

In the

Start Port

field, specify the port number that begins the range of ports to

forward.

STEP

4

In the

End Port

field, specify the port number that ends the range of ports to

forward.

STEP

5

From the

Protocol

drop-down menu, choose a protocol (

TCP

,

UDP

, or

TCP

&

UDP

).

STEP

6

In the

IP Address

field, enter the IP address.

STEP

7

In the

Enable

field, check the box to enable the rule.

STEP

8

Click

Save

.

Page 99 / 150

Configuring Firewall

Configuring Port Range Triggering

Cisco CVR100W Wireless-N VPN Router Administration Guide

97

5

Configuring Port Range Triggering

Port triggering allows devices on the LAN or DMZ to request one or more ports to

be forwarded to them. Port triggering waits for an outbound request from the LAN/

DMZ on one of the defined outgoing ports, and then opens an incoming port for

that specified type of traffic.

Port triggering is a form of dynamic port forwarding while an application is

transmitting data over the opened outgoing or incoming ports. Port triggering

opens an incoming port for a specific type of traffic on a defined outgoing port.

Port triggering is more flexible than static port forwarding (available when

configuring firewall rules) because a rule does not have to reference a specific

LAN IP or IP range. Ports are also not left open when not in use, thereby providing

a level of security that port forwarding does not offer.

To add a port triggering rule:

STEP 1

Choose

Firewall

>

Port Range Triggering

.

STEP

2

In the

Service Name

field, enter the name of the service to configure port

triggering for.

STEP

3

In the

Triggered Range

fields, enter the port number or range of port numbers that

will trigger this rule when a connection request from outgoing traffic is made. If the

outgoing connection uses only one port, enter the same port number in both

fields.

STEP

4

In the

Forwarded Range

fields, enter the port number or range of port numbers

used by the remote system to respond to the request it receives. If the incoming

connection uses only one port, then specify the same port number in both fields.

STEP

5

In the

Enable

field, check the box to enable the rule.

STEP

6

Click

Save

.

Page 100 / 150

6

Cisco CVR100W Wireless-N VPN Router Administration Guide

98

Configuring VPN

This chapter describes how to configure Virtual Private Networks (VPNs) that

allow remote workers to access your network resources. It includes the following

sections:

•

VPN Tunnel Types

•

Configuring VPN Clients

•

Configuring Basic VPN Setup

•

Configuring Advanced VPN Setup

•

Managing Certificates

•

Configuring VPN Passthrough

VPN Tunnel Types

A VPN provides a secure communication channel (tunnel) between two gateway

routers or a remote worker and a gateway router. You can create different types of

VPN tunnels, depending on the needs of your business.

Remote Access with Cisco QuickVPN

For quick setup with basic VPN security settings, distribute the Cisco QuickVPN

software to your users, who can then securely access your network resources.

Use this option if you want to simplify the VPN setup process. You do not have to

configure VPN policies. Remote users can connect securely with the Cisco

QuickVPN client and an Internet connection.

1.

Add the users in the

VPN

>

VPN Clients

page. See

Configuring VPN Clients

.

2.

Instruct users to obtain the free Cisco QuickVPN software from Cisco.com, and

install it on their computers. For more information, see

Using Cisco QuickVPN

.

Rate

Popular Cisco Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share