37

Chapter 5: Setting Up and Configuring the Router

Firewall Tab - Access Rules

10/100 8-Port VPN Router

Firewall Tab - Access Rules

Network Access Rules evaluate the network traffic's Source IP address, Destination IP address, and IP protocol

type to decide if the IP traffic is allowed to pass through the firewall.

When defining Network Access Rules, remember that it is possible to disable all firewall protection or block all

access to the Internet. Use extreme caution when creating or deleting Network Access Rules. Custom rules can

be created to override Default Rules, but there are four default rules that will be always active, and custom rules

cannot override these four rules. These are:

* HTTP service from LAN side to RV082 is always allowed.

* DHCP service from LAN side is always allowed.

* DNS service from LAN side is always allowed.

* Ping service from LAN side to RV082 is always allowed.

The Network Access Rules are broken into a table, with these features:

Jump to

: Select from this pull-down menu which page of Rules you wish to display.

Entries Per Page

: From this pull-down menu, you can select how many entries will be displayed per page.

Priority

: This shows, depending upon the number of Rules entered, the numeric order of Rules having higher or

lower priority.

Enable

: Enable or disable Rules by clicking on the corresponding box.

Action

: Allow or Deny traffic to or from specific network or Internet destinations.

Service

: This shows the services on your network to which this Rule will apply?

Source Interface

: This shows to which port this rule applies.

Source

: Displays the source of the traffic affected by the Rule. For instance, if the source of the traffic is on your

network, this will display

LAN

.

Any

means that the traffic can originate from any source.

Destination

: Displays the destination of the traffic affected by the Rule. For instance, if the destination of the

traffic is your network, this will display LAN. Any means that the traffic can go to any destination.

Time

: This displays the hours (in military time) during which the Rules apply.

Day

: This displays the day(s) on which the Rule applies.

Figure 5-38: Firewall Tab - Access Rules

38

Chapter 5: Setting Up and Configuring the Router

Firewall Tab - Access Rules

10/100 8-Port VPN Router

Edit

: Clicking the

Edit

button will open the Add a New Access Rule screen, where you can edit any of the Rule’s

settings.

Delete

: Clicking the

TrashCan

icon will delete this Rule.

Click the

Restore to Default Rules

to restore the Network Access Rules to their default settings. To add a new

Network Access Rule and open the

Add a New Access Rule

screen, click the

Add New Rule

button.

Add a New Access Rule

Services

This screen allows you to set Access Rules, either through a Wizard, by clicking the Wizard button, or directly on

this screen, by entering the information in the spaces provided.

Services

: Click

Wizard

to run the Access Rule Setup Wizard. To view the figures for the Access Rule Setup

Wizard, see Figure 5-65.

Action

: Select

Allow

or

Deny

from the pull-down menu, depending on if you’d like to allow or deny access.

Service

: Select the service from the Service pull-down menu. If the service you need is not listed in the menu,

click the

Service Management

button to add a new Service. Enter the Service Name, Protocol and Port Range,

and then click

Add to list

.

Source Interface

: Select the source to which this service will apply.

WAN

sources are over the Internet.

LAN

sources are within your network.

Source/Destination IP

: For network sources and destinations, select

Single

for a single IP Address, and enter

it. For sources over the Internet, select

Range

for a range of IP Addresses, and enter that range. If you select

ANY, this source could be over a LAN, WAN, or DMZ.

Scheduling

Here you can select when this rule will apply, how often, and even at what specific times.

Click the

Return

button to return to the previous screen. Click the

Save Settings

button to save the Service

Management settings or click the

Cancel Changes

button to undo your changes. When your settings are correct,

a screen will let you know that settings are successful.

Figure 5-39: Firewall Tab -

Add a New Access Rule

Figure 5-40: Settings are Successful

39

Chapter 5: Setting Up and Configuring the Router

Firewall Tab - Content Filter

10/100 8-Port VPN Router

Editing an Access Rule

To Edit an Access Rule, click the Edit button on the Access Rule screen. The Edit screen looks very much like the

screen for adding a new Access Rule. Enter your changes and click the

Save Settings

button to save the Service

Management settings or click the

Cancel Changes

button to undo your changes. When your settings are correct,

a screen will let you know that settings are successful. Click the

Return

button to return to the previous screen.

Firewall Tab - Content Filter

Forbidden Domains

This allows to you increase network security by blocking websites those in your network can access. Click the

Block Forbidden Domains

box to enable this function. Then, enter in the IP Address(es) for those websites you

wish to restrict, clicking the

Add to List

button after you enter each IP Address.

Website Blocking by Keywords

This allows a further increase to network security by blocking websites that use keywords, designated by you in

this list. Click the

Enable Website Blocking by Keywords

box to enable this function. Then, enter in the

keyword(s) you wish your network to restrict access by, clicking the

Add to List

button after you enter each

keyword.

Scheduling

Here you can select when this rule will apply, how often, and even at what specific times.

Click the

Save Settings

button when you finish the Content Filter settings, or click the

Cancel Changes

button to

undo your changes.

Figure 5-41: Firewall Tab - Content Filter

40

Chapter 5: Setting Up and Configuring the Router

VPN Tab - Summary

10/100 8-Port VPN Router

VPN Tab - Summary

Summary

The VPN Summary displays summary information about the VPN (Virtual Private Network), along with the Tunnel

Status, GroupVPN Status, and VPN Clients Status.

Summary

: It shows the number of Tunnel(s) Used and Tunnel(s) Available. The 10/100 8-Port VPN Router

supports 50 tunnels.

Detail

: Click the

Detail

button to see detail of the VPN Summary.

Tunnel Status:

Add New Tunnel

: Click the

Add New Tunnel

button to add a Gateway to Gateway or Client to Gateway tunnel.

Select the type of tunnel you’d like to add from the

Mode Choose

screen (shown in Figure 5-44). A Gateway to

Gateway tunnel is created between two VPN routers. A Client to Gateway tunnel is created between the 10/100

8-Port VPN Router and a PC using the Linksys VPN Client Software. Click the

Add Now

button, which will open

the appropriate screen for setting up that type of tunnel.

From this section, you can jump to different pages of tunnels and also select how many tunnels you would like

listed per page. These tunnels will then be displayed here, with the following information about each tunnel:

Tunnel No.: As the tunnels are listed here, they are put in order, 1~50.

Tunnel Name: This is the Tunnel Name or Group ID Name that you entered when creating the tunnel.

Status: This will show the status of the tunnel, whether it is Connected, Hostname Resolution Failed,

Resolving Hostname or Waiting for Connection. If you select Manual on the IPSec Setup page, this will show

Manual or no Tunnel Test function for Manual Keying Mode.

Phase2 Encrypt/Auth/Group: This will show the Encryption type (DES/3DES), Authentication type (MD5/SHA1)

and Group (1/2/5) selected from the IPSec Setup sections of the

Gateway to Gateway

and

Client to Gateway

screens. If you chose Manual mode, this field will show the Encryption and Authentication method set up in

Manual mode.

Local Group: This will show the IP address and subnet mask of the Local Group.

Remote Group: This will show the IP address and subnet mask of the Remote Group.

Remote Gateway: This will show the IP address of the Remote Gateway.

Figure 5-42: VPN Tab - Summary

Figure 5-43: VPN Tab - Summary Detail

41

Chapter 5: Setting Up and Configuring the Router

VPN Tab - Summary

10/100 8-Port VPN Router

Tunnel Test: Click the

Connect

button to verify the tunnel status. The test result will be updated in Status. If

the tunnel is connected, a

Disconnect

button will be available so you can disconnect the VPN connection.

Configure: This includes options for editing the tunnel, by clicking

Edit

, or deleting the tunnel, by clicking the

Trash Can

.

Tunnel(s) Enable

and

Tunnel(s) Defined

: This will show the amount of tunnels enabled and tunnels defined.

GroupVPN Status:

This section displays the status of VPN tunnels created with the Linksys VPN Client Software. These tunnels will

then be displayed here, with the following information about each tunnel:

Group Name: This will show the name you entered when creating the Client to Gateway tunnel.

Connected Tunnels: This will show the number of users logged in to the Group VPN.

Phase2 Encrypt/Auth/Group: This will show the Encryption (DES/3DES), Authentication (MD5/SHA1) and

Group (1/2/5) selected from the IPSec Setup sections of the

Gateway to Gateway

and

Client to Gateway

screens.

Local Group: This will show the IP address and Subnet Mask of the Local Group set up.

Remote Client: This column will show the remote client authentication type that is used for this specific

GroupVPN.

Remote Clients Status: Clicking

Detail List

will display the Group Name, IP address and Connection Time of

this Group VPN.

Tunnel Test: Click the

Connect

button to verify the tunnel status. The test result will be updated in Status. If

the tunnel is connected, a

Disconnect

button will be available so you can disconnect the VPN connection.

Configure: This includes options for editing the tunnel, by clicking

Edit

, or deleting the tunnel, by clicking the

Trash Can

.

VPN Clients Status:

This section identifies each user logged onto your network through the Linksys VPN Client software, and will

display the status of their connection, along with how long and when they connected and disconnected. If you’d

like to disconnect any user, select the box in the Disconnect column and then click the

Disconnect

button.

Figure 5-44: VPN Tab - Mode Choose