Cisco Systems RVS4000RF Firewall > IP Based ACL

Setting Up and Configuring the Router

Firewall

Cisco RVS4000 Security Router with VPN Administrator Guide 48

5

Firewall > IP Based ACL

The IP-Based ACL window allows you to create an Access Control List (ACL) with

up to 50 rules. Each ACL rule denies or allows access to the network based on

various criteria including priority, service type, interface, source IP address,

destination IP address, day of the week, and time of day.

Firewall > IP Ba sed ACL

Priority The rule’s priority.

Enable This indicates whether the rule is enabled or disabled.

Action The rule’s action, either Allow or Deny.

Service The service(s) to which the rule applies.

Source Interface The source interface, either WAN, LAN, or ANY.

Source The source IP address, which can be one specific IP address, ANY (all IP

addresses), a range of IP addresses, or a specific IP subnet.

Destination The destination IP address, which can be one specific IP address,

ANY (all IP addresses), a range of IP addresses, or a specific IP subnet.

Time The time of day when the rule is in effect, either Any Time (24 hours) or a

specific start and end time.

Day The day(s) of the week when the rule is in effect. This may be Any Day or a

user-specified set of days.

Edit button Click Edit at the end of a row to edit the associated rule.

Delete button Click Delete at the end of a row to delete the associated rule.

Contents

Main Page Page Firewall 46 ProtectLink 57 VPN 58 QoS 67 Administration 72 Chapter 6: Using the VPN Setup Wizard 98 Appendix A: Troubleshooting 116 Appendix B: Using Cisco QuickVPN for Windows 2000, XP, or Vista 133 Appendix C: Configuring IPSec with a Windows 2000 or XP Computer 142 Appendix D: Gateway-to-Gateway VPN Tunnel 166 Appendix E: Cisco ProtectLink Web Service 182 Appendix F: Specifications 190 Appendix G: Where to Go From Here 194 Product Resources 194 Related Documentation 195 Introduction Networking and Security Basics An Introduction to LANs The Use of IP Addresses The Intrusion Prevention System (IPS) Page Planning Your Virtual Private Network (VPN) Why do I need a VPN? 1) MAC Address Spoofing 2) Data Sniffing 3) Man in the middle attacks What is a VPN? VPN Router to VPN Router Computer (using the Cisco QuickVPN Client software) to VPN Router Getting Started with the RVS4000 Router Front Panel Getting Started with the RVS4000 Router Back Panel Back Panel Placement Options Desktop Option Stand Option Wall Option Installing the Router Configuring the Router Page Setting Up and Configuring the Router Setup Setup > Summary System Information Port Statistics Network Setting Status Firewall Setting Status IPSec VPN Setting Status Log Setting Status Setup > WAN Static IP PPPoE PPTP Heart Beat Signal L2TP Page Optional Settings (Required by some ISPs) Page Page IPv4 Server Settings (DHCP) Static IP Mapping IPv6 DHCPv6 Setup > DMZ Setup > MAC Address Clone Setup > Advanced Routing Operating Mode Dynamic Routing Static Routing Inter-VLAN Routing Setup > Time Setup > IP Mode Firewall Firewall > Basic Settings Page Firewall > IP Based ACL Editing IP ACL Rules Page Firewall > Internet Access Policy Page Page Firewall > Single Port Forwarding Firewall > Port Range Forwarding Firewall > Port Range Triggering ProtectLink ProtectLink > ProtectLink Purchase VPN VPN > Summary Tunnel Status VPN Clients Status Page Local Group Setup Remote Group Setup IPSec Setup Status VPN > VPN Client Accounts VPN Client List Table Certificate Management VPN > VPN Passthrough QoS QoS > Bandwidth Management Bandwidth Bandwidth Management Type Rate Control Priority QoS > QoS Setup CoS Setup QoS > DSCP Setup Administration Administration > Management Router Access SNMP UPnP Administration > Log Log Setting Email Alerts Syslog Local Log Administration > Diagnostics Ping Test Parameters Traceroute Test Parameters Cable Diagnostics Administration > Backup & Restore Restore Configuration Administration > Factory Default Administration > Reboot Administration > Firmware Upgrade Page IPS IPS > Configuration Anomaly Detection IPS > P2P/IM Peer to Peer Instant Messenger IPS > Report Page IPS > Information L2 Switch L2 Switch > Create VLAN Page L2 Switch > VLAN Port Setting L2 Switch > VLAN Membership L2 Switch > RADIUS L2 Switch > Port Setting L2 Switch > Statistics Statistics Overview L2 Switch > Port Mirroring L2 Switch > RSTP Status Status > Gateway Internet Connection IP Conntrack Status > Local Network Using the VPN Setup Wizard VPN Setup Wizard Running the VPN Setup Wizard Page Page Page Page Page Page Page Page Page Building Your VPN Connection Remotely Page Page Page Page Page Page A Troubleshooting I need to set a static IP address on a PC. Windows 2000 Windows XP I want to test my Internet connection. Windows 2000 Windows XP I am not getting an IP address on the Internet with my Internet connection. I am not able to access the routers configuration utility Setup window. I cant get my Virtual Private Network (VPN) to work through the router. I need to set up a server behind my router. I need to set up online game hosting or use other Internet applications. I cant get an Internet game, server, or application to work. I forgot my password or the password prompt always appears when saving settings to the router. I am a PPPoE user and I need to remove the proxy settings or the dial- up pop-up window. To start over, I need to set the router to factory default. I need to upgrade the firmware. The firmware upgrade failed. My DSL services PPPoE is always disconnecting. I cant access my email, web, or VPN, or I am getting corrupted data from the Internet. I need to use port triggering. When I enter a URL or IP address, I get a time-out error or am prompted to retry. Frequently Asked Questions Page Page Page Page B Using Cisco QuickVPN for Windows 2000, XP, or Vista Page Installing the Cisco QuickVPN Software Installing from the CD-ROM Page Downloading and Installing from the Internet Using the Cisco QuickVPN Software Page Page Distributing Certificates to QuickVPN Users Page C Configuring IPSec with a Windows 2000 or XP Computer Introduction Environment Windows 2000 or Windows XP RVS4000 How to Establish a Secure IPSec Tunnel Establishing a Secure IPSec Tunnel Filter List 1: win -> router Page Page Filter List 2: router -> win Page Page Tunnel 1: win->Router Page Page Page Page Tunnel 2: Router->win Page Page Page Page Page Page Page Page Page D Gateway-to-Gateway VPN Tunnel Configuration when the Remote Gateway Uses a Static IP Address Page Page Page Page Configuration when the Remote Gateway Uses a Dynamic IP Address Page Page Page Page Configuration When Both Gateways Use Dynamic IP Addresses Page Page Page Page E Cisco ProtectLink Web Service How to Access the Configuration Utility How to Purchase, Register, or Activate the Service ProtectLink Page How to Use the Service ProtectLink > Web Protection Page Web Protection URL Filtering Business Hour Setting Web Reputation Approved URLs Approved Clients URL Overflow Control ProtectLink > License License License Information F Specifications Specifications Performance Setup/Config Management Security Features QoS Network VPN Routing Layer 2 Environmental Specifications are subject to change without notice. G Where to Go From Here Product Resources G Related Documentation