1. Home
    2. /
  2. Manuals
    3. /
  3. Cisco
    4. /
  4. RV-120W
    5. /
  5. 20
Page 96 / 163 Scroll up to view Page 91 - 95
Configuring the Firewall
Firewall Configuration Examples
Cisco RV120W Administration Guide
87
4
To create a LAN Group:
STEP 1
Choose
Firewall
> Advanced Settings > LAN (Local Network) Groups.
STEP
2
Click Add.
STEP
3
Enter the group name; spaces and quotes are not supported. Click Save.
STEP
4
Choose if the group consists of a single IP address, or an range of IP addresses.
If the group consists of a single IP address, enter the address in the Start Address
field. If the group consists of a range of IP addresses, enter the address in the
Finish Address field.
STEP
5
Click Save.
Enabling Session Initiation Protocol Application-Level
Gateway (SIP ALG)
SIP ALG can rewrite information within SIP messages (SIP headers and SDP body)
making signaling and audio traffic possible between a client behind Network
Address Translation (NAT) and the SIP endpoint.
To enable SIP ALG:
STEP 1
Choose
Firewall
> Advanced Settings > SIP ALG.
STEP
2
Check the Enable box to enable SIP ALG support. If disabled, the router will not
allow incoming calls to the UAC (User Agent Client) behind the Cisco RV120W.
STEP
3
Click Save.
Firewall Configuration Examples
Example 1: Allow inbound HTTP traffic to the DMZ
In this example, you host a public web server on your local DMZ network. You
want to allow inbound HTTP requests from any outside IP address to the IP
address of your web server at any time of day.
Page 97 / 163
Configuring the Firewall
Firewall Configuration Examples
Cisco RV120W Administration Guide
88
4
Create an inbound rule as follows:
Example 2: Allow videoconferencing from range of outside IP addresses.
In this example, you want to allow incoming videoconferencing to be initiated from
a restricted range of outside IP addresses (132.177.88.2 - 132.177.88.254), from a
branch office.
Create an inbound rule as follows. In the example, CUSeeMe connections are
allowed only from a specified range of external IP addresses.
Parameter
Value
Connection Type
Inbound
Action
Always Allow
Service
HTTP
Source IP
Any
Send to Local Server (DNAT IP)
192.168.5.2 (web server IP address)
Rule Status
Enabled
Parameter
Value
Connection Type
Inbound
Action
Always Allow
Service
CU-SEEME:UDP
Source IP
Address Range
Start
132.177.88.2
Finish
134.177.88.254
Send to Local Server (DNAT IP)
192.168.1.11
Rule Status
Enabled
Page 98 / 163
Configuring the Firewall
Firewall Configuration Examples
Cisco RV120W Administration Guide
89
4
Example 3: Multi-NAT Configuration
In this example, you want to configure multi-NAT to support multiple public IP
addresses on one WAN port interface.
Create an inbound rule that configures the firewall to host an additional public IP
address. Associate this address with a web server on the DMZ. If you arrange with
your ISP to have more than one public IP address for your use, you can use the
additional public IP addresses to map to servers on your LAN. One of these public
IP addresses is used as the primary IP address of the router. This address is used
to provide Internet access to your LAN PCs through NAT. The other addresses are
available to map to your DMZ servers.
The following addressing scheme is used to illustrate this procedure:
WAN IP address: 10.1.0.118
LAN IP address: 192.168.1.1; subnet 255.255.255.0
Web server PC in the DMZ, IP address: 192.168.1.2
Access to Web server: (simulated) public IP address 10.1.0.52
Parameter
Value
Connection Type
Inbound
Action
Always Allow
Service
HTTP
Source IP
Single Address
Start
10.1.0.52
Send to Local Server (DNAT IP)
192.168.1.2 (local IP address of your web server)
Rule Status
Enabled
Page 99 / 163
Configuring the Firewall
Firewall Configuration Examples
Cisco RV120W Administration Guide
90
4
Example 4: Block traffic by schedule if generated from specific range of
machines
In this example, you want to block all HTTP traffic on the weekends if the request
originates from a specific group of machines in the LAN having a known range of
IP addresses, and anyone coming in through the Network from the WAN (i.e. all
remote users).
STEP 1
Setup a schedule. Choose
Firewall
> Advanced Settings > Schedules.
STEP
2
Click Add.
STEP
3
Enter the schedule name (for example, “Weekend”).
STEP
4
Under Time, check All Day.
STEP
5
Under Repeat, leave Everyday unchecked.
STEP
6
Check Saturday and Sunday.
STEP
7
Click Save.
Create an outbound access rule with the following parameters:
Parameter
Value
Connection Type
Outbound
Action
Block by Schedule
Schedule
Weekend
Service
HTTP
Source IP
Address Range
Start
starting IP address
Finish
ending IP address
Destination IP
Any
Rule Status
Enabled
Page 100 / 163
Configuring the Firewall
Firewall Configuration Examples
Cisco RV120W Administration Guide
91
4
Create an inbound access rule with the following parameters:
Parameter
Value
Connection Type
Inbound
Action
Block by Schedule
Schedule
Weekend
Service
All Traffic
Source IP
Any
Rule Status
Enabled

Rate

4 / 5 based on 1 vote.

Popular Cisco Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top