Cisco Systems RVS4000RF User Manual
Size:
4.29 Mb
Download

ADMINISTRATION

GUIDE

Cisco Small Business

RVS4000 4-PortGigabit Security Router with VPN

Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)

© 2011 Cisco Systems, Inc. All rights reserved.

OL-22605-02

 

Contents

 

 

 

 

 

 

Chapter 1: Introduction

8

Chapter 2: Networking and Security Basics

9

An Introduction to LANs

9

The Use of IP Addresses

10

The Intrusion Prevention System (IPS)

11

Chapter 3: Planning Your Virtual Private Network (VPN)

13

Why do I need a VPN?

13

1) MAC Address Spoofing

14

2) Data Sniffing

14

3) Man in the middle attacks

14

What is a VPN?

15

VPN Router to VPN Router

16

Computer (using the Cisco QuickVPN Client software) to VPN Router

17

Chapter 4: Getting Started with the RVS4000 Router

18

Front Panel

18

Back Panel

19

Placement Options

20

Desktop Option

20

Stand Option

20

Wall Option

21

Installing the Router

22

Configuring the Router

23

Chapter 5: Setting Up and Configuring the Router

25

Setup

26

Setup > Summary

26

Setup > WAN

29

Setup > LAN

38

 

 

 

Cisco RVS4000 Security Router with VPN Administrator Guide

3

 

Contents

 

 

 

 

Setup > DMZ

40

Setup > MAC Address Clone

41

Setup > Advanced Routing

42

Setup > Time

44

Setup > IP Mode

45

Firewall

46

Firewall > Basic Settings

46

Firewall > IP Based ACL

48

Firewall > Internet Access Policy

51

Firewall > Single Port Forwarding

54

Firewall > Port Range Forwarding

55

Firewall > Port Range Triggering

56

ProtectLink

57

ProtectLink > ProtectLink Purchase

57

VPN

58

VPN > Summary

58

VPN > IPSec VPN

60

VPN > VPN Client Accounts

64

VPN > VPN Passthrough

66

QoS

67

QoS > Bandwidth Management

67

QoS > QoS Setup

70

QoS > DSCP Setup

71

Administration

72

Administration > Management

72

Router Access

72

Administration > Log

74

Administration > Diagnostics

76

Administration > Backup & Restore

78

Administration > Factory Default

79

Administration > Reboot

80

Administration > Firmware Upgrade

80

 

 

Cisco RVS4000 Security Router with VPN Administrator Guide

4

 

Contents

 

 

 

 

IPS

82

IPS > Configuration

82

IPS > P2P/IM

83

IPS > Report

84

IPS > Information

86

L2 Switch

86

L2 Switch > Create VLAN

86

L2 Switch > VLAN Port Setting

88

L2 Switch > VLAN Membership

89

L2 Switch > RADIUS

90

L2 Switch > Port Setting

91

L2 Switch > Statistics

92

L2 Switch > Port Mirroring

93

L2 Switch > RSTP

94

Status

95

Status > Gateway

95

Status > Local Network

97

Chapter 6: Using the VPN Setup Wizard

98

VPN Setup Wizard

98

Before You Begin

98

Running the VPN Setup Wizard

99

Building Your VPN Connection Remotely

109

Appendix A: Troubleshooting

116

Frequently Asked Questions

128

Appendix B: Using Cisco QuickVPN for Windows 2000, XP, or Vista

133

Overview

133

Before You Begin

133

Installing the Cisco QuickVPN Software

135

Installing from the CD-ROM

135

 

 

Cisco RVS4000 Security Router with VPN Administrator Guide

5

 

Contents

 

 

 

 

 

 

Downloading and Installing from the Internet

137

Using the Cisco QuickVPN Software

137

Distributing Certificates to QuickVPN Users

140

Appendix C: Configuring IPSec with a Windows 2000 or XP Computer

142

Introduction

142

Environment

143

Windows 2000 or Windows XP 143

 

RVS4000 143

 

How to Establish a Secure IPSec Tunnel

143

Establishing a Secure IPSec Tunnel

144

Appendix D: Gateway-to-Gateway VPN Tunnel

166

Overview

166

Before You Begin

166

Configuration when the Remote Gateway Uses a Static IP Address

167

Configuration when the Remote Gateway Uses a Dynamic IP Address

172

Configuration When Both Gateways Use Dynamic IP Addresses

177

Appendix E: Cisco ProtectLink Web Service

182

Overview

182

How to Access the Configuration Utility

182

How to Purchase, Register, or Activate the Service

183

ProtectLink

183

How to Use the Service

185

ProtectLink > Web Protection

185

ProtectLink > License

189

Appendix F: Specifications

190

Specifications

190

Performance

190

 

 

 

Cisco RVS4000 Security Router with VPN Administrator Guide

6

 

Contents

 

 

 

 

Setup/Config

190

Management

191

Security Features

191

QoS

191

Network

192

VPN

192

Routing

192

Layer 2

192

Environmental

193

Appendix G: Where to Go From Here

194

Product Resources

194

Related Documentation

195

Cisco RVS4000 Security Router with VPN Administrator Guide

7

1

Introduction

Thank you for choosing the Cisco RVS4000 4-PortGigabit Security Router with VPN. The4-PortGigabit Security Router with VPN is an advancedInternet-sharingnetwork solution for your small business needs. Like any router, it lets multiple computers in your office share an Internet connection.

The 4-PortGigabit Security Router with VPN also features abuilt-in4-Portfullduplex 10/100/1000 Ethernet switch to connect four PCs directly, or you can connect more hubs and switches to create as big a network as you need.

The Virtual Private Network (VPN) capability creates encrypted “tunnels” through the Internet, allowing up to 5 remote offices and 5 traveling users to securely connect into your office network from off-site.Users connecting through a VPN tunnel are attached to your company’s network — with secure access to files, email, and your intranet — just as if they were in the building. You can also use the VPN capability to allow users on your small office network to securely connect out to a corporate network. The QoS features provide consistent voice and video quality throughout your business.

The 4-PortGigabit Security Router with VPN can serve as a DHCP Server, and has a powerful SPI firewall and Intrusion Prevention System (IPS) to protect your PCs against intruders and most known Internet attacks. You can configure the router to filter internal users’ access to the Internet, and has IP and MAC address filtering so you can specify exactly who has access to your network. Configuration is a snap with the webbrowser-basedconfiguration utility.

This administration guide will give you all the information you need to connect, set up, and configure your router.

Cisco RVS4000 Security Router with VPN Administrator Guide

8