Cisco Systems RV016, RV042G manual Restrict Web Features

Page 101

Firewall

7

 

Configuring the General Firewall Settings

 

 

 

 

 

default Port setting, 80, or enter another port number (8080 is usually used for this purpose).

NOTE: When remote management is enabled, you can use a web browser to access the configuration utility from anywhere on the Internet. In a web browser, enter http://<WAN IP address of the router>:port, or enter https://<WAN IP address of the router>:port if you have enabled the HTTPS feature.

HTTPS: When enabled, this feature allows secured HTTP sessions. This feature is enabled by default.

NOTE: If you disable the HTTPS feature, then users cannot connect by using QuickVPN.

Multicast Pass Through: When enabled, this feature allows IP multicast packets to be forwarded to the appropriate LAN devices. Multicast Pass Through is used for Internet games, videoconferencing, and multimedia applications. This option is disabled by default.

IMPORTANT: This router does not support passing multicast traffic over an IPSec tunnel. The multicast passthrough option determines whether the router allows the multicast traffic originating from the Internet to pass through the firewall to the LAN.

Restrict Web Features

Java: Check the box if you want to block Java applets at the firewall. Java is a common programming language for websites. If you deny Java applets, you run the risk of losing access to Internet sites created with this programming language. As a compromise, you can check this box to block Java on untrusted or unknown sites, while allowing Java on trusted sites (see Don’t block Java/Java/ActiveX/Cookies/Proxy to Trusted Domains below). By default, Java is not blocked.

Cookies: Check this box if you want to block all cookies at the firewall. A cookie is data that a web site stores on a user’s PC. If you block cookies, a web site may not function as expected. As a compromise, you can check this box to block cookies on untrusted or unknown sites, while allowing them on trusted sites (see Don’t block Java/Java/ActiveX/Cookies/Proxy to Trusted Domains below). By default, cookies are not blocked.

ActiveX: Check the box if you want to block ActiveX controls at the firewall. ActiveX is a programming language for websites. If you deny ActiveX, you run the risk of losing access to Internet sites created using this programming language. As a compromise, you can check this box to block ActiveX on untrusted or unknown sites, while allowing ActiveX on trusted

Cisco Small Business RV0xx Series Routers Administration Guide

101

Page 100 Page 102
Image 101
Page 100 Page 102
Contents Administration Guide Cisco Systems, Inc. All rights reserved 78-19576-01 B0 Other Hardware Features Viewing System Summary Information SetupPlacement Tips IntroductionSystem Management DhcpPort Management FirewallLogging System Statistics 153 VPN 122Appendix H Where to Go From Here 199 Appendix G Specifications 189Appendix E IPSec NAT Traversal 183 Appendix F Bandwidth Management 186Model RV0xx Series Router FeaturesPorts RV042 and RV042G RV082 RV016RV042 and RV042G Ports IntroductionRV042 and RV042G Status Lights RV082 Ports and Status LightsPort Description PortsLight Description Status LightsFeature Description Other Hardware FeaturesPlacement Tips Default SettingsDesktop Placement Parameter Default ValueRV042 and RV042G 58 mm apart RV082 and RV016 94 mm apart Wall MountingRack Mounting RV082 or RV016 RV042 and RV042G Internet Port Connecting the EquipmentRV082 Internet Port RV016 Internet 1 PortGetting Started with the Configuration Troubleshooting Tips Navigation Features of the User InterfaceSaving the Settings Setup WizardsPop-Up Windows HelpViewing System Summary Information Viewing System Summary Information System InformationCisco ProtectLink Web Port Information Window ConfigurationPort Statistics Viewing System Summary Information WAN information WAN StatusVPN Setting Status Firewall Setting StatusLog Setting Status DMZ informationSetup Host Name and Domain Name Setting Up the NetworkSetup Changing the device IP address IP ModeLAN Setting device IP address and subnets Enabling multiple subnets IPv4 only Setup WAN Setting Internet connection DMZ Setting Setup Editing a WAN Connection Page Page Page IPv4 IPv6 Editing a DMZ ConnectionPage Changing the Administrator Username and Password Setup To open this page Click Setup Time in the navigation tree Setting the System TimeSetting Up a DMZ Host Port Range Forwarding, Port Triggering, Setting Up Port Forwarding and Port TriggeringPort Range Forwarding Setup Adding a service Port Triggering To open this page Click Setup UPnP in the navigation tree Setting Up Universal Plug and Play UPnPSetup Adding a service Setting Up One-to-One NAT Setup Cloning a MAC Address for the Router Editing the MAC Address Clone Settings Assigning a Dynamic DNS Host Name to a WAN Interface Editing the Dynamic DNS Setup Configuring Dynamic Routing, Configuring Static Routing, Setting Up Advanced RoutingData None, RIPv1, RIPv2 Broadcast, or RIPv2 Multicast Configuring Dynamic RoutingDynamic Routing for IPv4 Prefix Length Pv6 only Enter the prefix length Configuring Static RoutingDynamic Routing for IPv6 Setting Up Advanced Routing IPv6 Transition To Go From Here Dhcp Setting Up the Dhcp Server or Dhcp RelayDhcp Wins used for Dhcp Server, IPv4 Only Dynamic IP used for Dhcp Server onlyDNS used for Dhcp Server only Assigning static IP addresses by adding devices from a list About Static IP Addresses for IPv4 OnlyAssigning static IP addresses by entering devices manually Using the Static IP List to Block Devices DNS Local Database Client Table Viewing the Dhcp Status InformationDhcp Server Router Advertisement IPv6 Dhcp System Management Setting Up Dual WAN and Multi-WAN ConnectionsSystem Management Mode Cisco RV042, RV042G, and RV082Mode Cisco RV016 Interface Setting Max Bandwidth Provided by ISP Editing the Dual WAN and Multi-WAN SettingsNetwork Service Detection Page Adding a service Page Max Bandwidth Provided by ISP Managing the Bandwidth SettingsBandwidth Management Type Appendix F, Bandwidth ManagementManaging the Bandwidth Settings Adding a service Setting Up Snmp Enabling Device Discovery with Bonjour Enabling Device Discovery with Bonjour DNS Name Lookup Using Built-In Diagnostic ToolsTo open this page Click System Management Diagnostic Ping Restoring the Factory Default Settings Upgrading the Firmware Restarting the Router Restoring the Settings from a Configuration File Backing Up and Restoring the SettingsCopying a Startup File or Mirror File Backing Up Configuration Files and Mirror FilesBacking Up and Restoring the Settings Port Management Configuring the Port SettingsPort Management Summary Viewing the Status Information for a PortStatistics Firewall Configuring the General Firewall SettingsFirewall Restrict Web Features Firewall About Access Rules Configuring Firewall Access RulesManaging Access Rules To delete all custom rules Click Restore to Default Rules Services IPv4 and IPv6 Configuring Access RulesSchedule IPv4 Only Adding a service Page Forbidden Domains, Website Blocking by Keywords, Schedule, Using Content Filters to Control Internet AccessWebsite Blocking by Keywords Forbidden DomainsSchedule Getting Started with Cisco ProtectLink Web Cisco ProtectLink WebCisco ProtectLink Web Specifying the Global Settings for Approved URLs and Clients Approved Clients Configuration Approved URL ConfigurationApproved URLs and Approved Clients To delete an entry Click the Delete iconWeb Protection Enabling Web Protection for URL FilteringURL Filtering Web Reputation Business Hour SettingURL Overflow Control Updating the ProtectLink LicenseLicense Information LicenseIntroduction to VPNs VPNConfiguration tasks Remote Access Client To GatewaySite to Site VPN Gateway To Gateway Gateway-to-Gateway VPN Tunnel Between RV0xx Series RoutersRouter QuickVPN, page125 and Remote Access with PPTP, page125Remote Access with Pptp Remote Access with Cisco QuickVPNTo open this page Click VPN Summary in the navigation tree Viewing the Summary Information for VPNTunnel Status GroupVPN Status Up a Remote Access Tunnel for VPN Clients Client To Gateway,VPN Clients Status Setting Up a Gateway to Gateway Site to Site VPN Add a New Tunnel Local Group Setup and Remote Group SetupVPN IPSec Setup Required fields for Manual mode Preshared Key, page 135 and Advanced settings for IKE withRequired fields for IKE with Preshared Key Advanced settings for IKE with Preshared Key VPN VPN RV0xx Local Group Setup Remote Client Setup for Single User Tunnel Type VPN IPSec Setup Required fields for IKE with Preshared Key Advanced settings for IKE with Preshared Key VPN Users, Certificate Management, page148 Managing VPN Users and CertificatesCertificate Management UsersSetting Up VPN Passthrough Setting Up Pptp Server Pptp Server IP Address RangeConnection List Syslog section, Mail section, Setting Up the System Log and AlertsSyslog section Log Setting, Buttons,Mail section Logging System StatisticsLog Setting Buttons Viewing the System Log Logging System Statistics Wizard Basic Setup, Access Rule Setup, page160Wizard Basic SetupAccess Rule Setup Beacon interval Term DefinitionDtim Delivery Traffic Indication MessageGlossary Term Definition Advertisement Daemon Radvd RouterRequest to Send RTS ThresholdVlan Virtual LAN RIPng RIP next generationStatic routing Your computer cannot connect to the Internet Firmware upgrade has failedRouter does not have a coaxial port for the cable connection TroubleshootingIntroduction Cisco QuickVPN for WindowsCisco QuickVPN for Windows Cisco QuickVPN Client Installation and ConfigurationUsing the Cisco QuickVPN Software Using the Cisco QuickVPN Software Topology Options Hub and Spoke VPN Hub and Spoke TopologyMesh VPN Mesh TopologyOther Design Considerations WAN SetupGateway To Gateway Tunnel with a Dynamic IP Address LAN SetupConfiguring a VPN Tunnel on a Cisco RV0xx Series Router Field Value Settings on the Site a RouterExample Sites with Static WAN IP Addresses MD5 Encryption PhaseEncryption Field ValuesExample Site with a Dynamic WAN IP Address Authentication Field Value IPSec Setup Keying Mode IKE with Preshared Key Phase Overview IPSec NAT TraversalIPSec NAT Traversal Configuration of Router aConfiguration of Router B Click Add to List Creation of New ServicesClick the System Management tab Bandwidth Management Creation of New Bandwidth Management RulesClick Save RV042 SpecificationsPerformance SecurityQoS SpecificationsNetwork Environmental RV042GManagement Operating System Linux VPN Cisco RV082 IKE Cisco RV016 Dhcp DNS NAT DMZ Built-in Pptp server supporting 10 Pptp clients Cisco Small Business SupportProduct Documentation
Related manuals
Manual 2 pages 47.87 Kb
Top Page Image Contents