Cisco RV130 Router Manual PDF (Setup & Configuration Guide)

Page 96 / 141 Scroll up to view Page 91 - 95

Configuring the Firewall

Creating an Internet Access Policy

Cisco RV130/130W Wireless Multifunction VPN Router Administration Guide

93

5

STEP

7

(Optional) Apply the access policy to specific PCs to allow or block traffic coming

from specific devices:

a.

In the

Apply Access Policy to the Following PCs

table, click

Add Row

.

b.

From the

Type

drop-down menu, choose how to identify the PC (by MAC

address, by IP address, or by providing a range of IP addresses).

c.

In the

Value

field, depending on what you chose in the previous step, enter the

one of the following:

•

MAC address (xx:xx:xx:xx:xx:xx) of the PC to which the policy applies.

•

The IP address of the PC to which the policy applies.

•

The starting and ending IP addresses of the range of addresses to block (for

example, 192.168.1.2-192.168.1.253).

STEP

8

To block traffic from specific websites:

a.

In the

Website Domain Name & Keyword

table, click

Add Row

.

b.

From the

Type

drop-down menu, choose how to block a website (by

specifying the domain name or by specifying a keyword that appears in the

URL).

c.

In the

Value

field, enter the URL or keyword used to block the website.

For example, to block the example.com URL, choose

URL Address

from the

drop-down menu and enter

example.com

in the

Value

field. To block a URL

that has the keyword “example” in the URL, choose

Keyword

from the drop-

down menu and enter

example

in the

Value

field.

STEP

9

Click

Save

.

Page 97 / 141

Configuring the Firewall

Configuring One-to-One Network Address Translation (NAT)

Cisco RV130/130W Wireless Multifunction VPN Router Administration Guide

94

5

Configuring One-to-One Network Address Translation (NAT)

Use the One-to-one NAT page to map local IP addresses behind your firewall to

global IP addresses. One-to-one NAT is a way to make systems configured with

private IP addresses, which are behind a firewall, appear to have public IP

addresses.

To add a One-to-One NAT rule:

STEP 1

Choose Firewall > One-to-One NAT.

STEP

2

Click Add Row.

STEP

3

In the Private Range Begin field, enter the starting IP address in the private (LAN) IP

address range.

STEP

4

In the Public Range Begin field, enter the starting IP address in the public (WAN) IP

address range.

STEP

5

In the Range Length, enter the number of public IP addresses that should be

mapped to private addresses.

STEP

6

In the Service field, choose the service for which the rule applies. Services for

one-to-one NAT allow you to configure the service to be accepted by the private

IP (LAN) address when traffic is sent to the corresponding public IP address.

Configured services on private IP addresses in the range are accepted when

traffic is available on the corresponding public IP address.

STEP

7

Click Save

.

Configuring Port Forwarding

Port forwarding is used to redirect traffic from the Internet from one port on the

WAN to another port on the LAN. Common services are available or you can define

a custom service and associated ports to forward.

The

Single Port Forwarding Rules

and

Port Range Forwarding Rules

pages list

all the available port forwarding rules for this device and allow you to configure

port forwarding rules.

Page 98 / 141

Configuring the Firewall

Configuring Port Forwarding

Cisco RV130/130W Wireless Multifunction VPN Router Administration Guide

95

5

NOTE

Port forwarding is not appropriate for servers on the LAN because there is a

dependency on the LAN device making an outgoing connection before incoming

ports are opened.

Some applications require that, when external devices connect to them, they

receive data on a specific port or range of ports in order to function properly. The

router must send all incoming data for that application only on the required port or

range of ports.

The gateway has a list of common applications and games with corresponding

outbound and inbound ports to open. You can also specify a port forwarding rule

by defining the type of traffic (TCP or UDP) and the range of incoming and

outgoing ports to open when enabled.

Configuring Single Port Forwarding

To add a single port forwarding rule:

STEP 1

Choose

Firewall

>

Single

Port Forwarding

. A preexisting list of applications is

displayed.

STEP

2

In the

Application

field, enter the name of the application for which to configure

port forwarding.

STEP

3

In the

External Port

field, enter the port number that triggers this rule when a

connection request from outgoing traffic is made.

STEP

4

In the

Internal Port

field, enter the port number used by the remote system to

respond to the request it receives.

STEP

5

In the Interface drop-down menu, choose

Both (Ethernet & 3G)

,

Ethernet

, or

3G

.

STEP

6

From the

Protocol

drop-down menu, choose a protocol (

TCP

,

UDP

, or

TCP

&

UDP

).

STEP

7

In the

IP Address

field, enter the IP address of the host on the LAN side to which

the specific IP traffic will be forwarded. For example, you can forward HTTP traffic

to port 80 of the IP address of a web server on the LAN side.

STEP

8

In the

Enable

field, check the

Enable

box to enable the rule.

STEP

9

Click

Save

.

Page 99 / 141

Configuring the Firewall

Configuring Port Forwarding

Cisco RV130/130W Wireless Multifunction VPN Router Administration Guide

96

5

Configuring Port Range Forwarding

To add a port range forwarding rule:

STEP 1

Choose

Firewall

>

Port Range Forwarding

.

STEP

2

In the

Application

field, enter the name of the application for which to configure

port forwarding.

STEP

3

In the

External Port

field, specify the port number that will trigger this rule when a

connection request from outgoing traffic is made.

STEP

4

In the

Start

field, specify the port number that begins the range of ports to

forward.

STEP

5

In the

End

field, specify the port number that ends the range of ports to forward.

STEP

6

In the Interface drop-down menu, choose

Both (Ethernet & 3G)

,

Ethernet

, or

3G

.

STEP

7

From the

Protocol

drop-down menu, choose a protocol (

TCP

,

UDP

, or

TCP

&

UDP

).

STEP

8

In the

IP Address

field, enter the IP address of the host on the LAN side to which

the specific IP traffic will be forwarded.

STEP

9

In the

Enable

field, check the

Enable

box to enable the rule.

STEP 10

Click

Save

.

Configuring Port Range Triggering

Port triggering allows devices on the LAN or DMZ to request one or more ports to

be forwarded to them. Port triggering waits for an outbound request from the LAN/

DMZ on one of the defined outgoing ports, and then opens an incoming port for

that specified type of traffic.

Port triggering is a form of dynamic port forwarding while an application is

transmitting data over the opened outgoing or incoming ports. Port triggering

opens an incoming port for a specific type of traffic on a defined outgoing port.

Port triggering is more flexible than static port forwarding (available when

configuring firewall rules) because a rule does not have to reference a specific

LAN IP or IP range. Ports are also not left open when not in use, which provides a

level of security that port forwarding does not offer.

Page 100 / 141

Configuring the Firewall

Configuring Port Forwarding

Cisco RV130/130W Wireless Multifunction VPN Router Administration Guide

97

5

NOTE

Port triggering is not appropriate for servers on the LAN, since there is a

dependency on the LAN device making an outgoing connection before incoming

ports are opened.

Some applications require that, when external devices connect to them, they

receive data on a specific port or range of ports in order to function properly. The

router must send all incoming data for that application only on the required port or

range of ports. The gateway has a list of common applications and games with

corresponding outbound and inbound ports to open. You can also specify a port

triggering rule by defining the type of traffic (TCP or UDP) and the range of

incoming and outgoing ports to open when enabled.

To add a port triggering rule:

STEP 1

Choose

Firewall

>

Port Range Triggering

.

STEP

2

In the

Application

field, enter the name of the application for which to configure

port forwarding.

STEP

3

In the

Triggered Range

fields, enter the port number or range of port numbers that

will trigger this rule when a connection request from outgoing traffic is made. If the

outgoing connection uses only one port, enter the same port number in both

fields.

STEP

4

In the

Forwarded Range

fields, enter the port number or range of port numbers

used by the remote system to respond to the request it receives. If the incoming

connection uses only one port, then specify the same port number in both fields.

STEP

5

In the Interface

drop-down menu, choose

Both (Ethernet & 3G)

,

Ethernet

, or

3G

.

STEP

6

In the

Enable

field, check the

Enable

box to enable the rule.

STEP

7

Click

Save

.

Rate

Popular Cisco Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share