Cisco RV180, RVRV180W Administrator's Manual

Cisco Small Business

RV180 VPN Router
RV180W Wireless-N Multifunction Router

ADMINISTRATION

GUIDE

Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found
at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply
a partnership relationship between Cisco and any other company. (1005R)

January 2011

© 2011 Cisco Systems, Inc. All rights reserved. OL-25662-01

Contents

Chapter 1: Introduction 1

Product Overview 2

LAN Ethernet Interfaces 2

Wireless Access Point (Cisco RV180W) 2

Router and VPN Client Access 2

Wireless Distribution System (Cisco RV180W) 3

Virtual Networks 3

Wireless Security (Cisco RV180W) 3

Quality of Service (Cisco RV180W) 3

Configuration and Administration 3

Getting to Know the Cisco RV180 4

Front Panel 4

Back Panel 4

Getting to Know the Cisco RV180W 5

Front Panel 5

Back Panel 7

Mounting the Cisco RV180/RV180W 8

Placement Tips 8

Wall Mounting 8

Connecting the Equipment 11

Setting Up the Cisco RV180/RV180W Using the Setup Wizard 14

Choosing the Device Mode (Cisco RV180W) 15

Using the Getting Started Page 17

Navigating through the Pages 18

Saving Your Changes 19

Viewing the Help Files 20

Connecting Devices to Your Wireless Network 20

Configuration Next Steps 20

Cisco RV180/RV180W Administration Guide 1

Contents

Chapter 2: Configuring Networking 24

Configuring the WAN (Internet) Settings 24

Configuring the IPv4 WAN (Internet) 25

Configuring Automatic Configuration (DHCP) 25
Configuring Static IP 26
Configuring PPPoE 26
Configuring PPTP 27
Configuring L2TP 28
Configuring MTU Settings 29
Configuring the MAC Address 29

Configuring PPPoE Profiles 30

Adding or Editing a PPPoE Profile 30

Configuring the LAN (Local Network) Settings 32

Configuring IPv4 LAN (Local Network) Settings 32

Configuring the Host Name 32
Configuring the IP Address 32
Configuring DHCP 33
Configuring the DNS Proxy 35

Configuring Virtual LAN (VLAN) Membership 35

Configuring Multiple VLAN Subnets 36

Editing a VLAN Subnet 36

Configuring Static DHCP 38

Configuring Advanced DHCP Settings 38

Adding a DHCP Client to Configuration File Map 39

Viewing DHCP Leased Clients 40

Configuring RSTP (Cisco RV180W) 40

Configuring Jumbo Frames 42

Configuring Routing 42

Choosing the Routing Mode 42

Viewing Routing Information 43

Configuring Static Routes 45

Configuring Dynamic Routing 46

Configuring Port Management 47

Configuring Dynamic DNS (DDNS) 48

Cisco RV180/RV180W Administration Guide 2

Adding a Static Route 45

Contents

Configuring IPv6 50

Configuring the IP Mode 50

Configuring IPv6 WAN Settings 50

Configuring IPv6 LAN Properties 51

Configuring IPv6 Static Routing 53

Adding an IPv6 Static Route 54

Configuring Tunneling 55

Adding an ISATAP Tunnel 55

Configuring Router Advertisement 56

Configuring Router Advertisement Prefixes 57

Chapter 3: Configuring the Wireless Network
(Cisco RV180W) 60

A Note About Wireless Security 60

Wireless Security Tips 61

General Network Security Guidelines 62

Understanding the Cisco RV180W’s Wireless Networks 63

Configuring Basic Wireless Settings 63

Configuring Security 65

Configuring MAC Filtering 67

Configuring Wi-Fi Multimedia 68

Configuring Wireless Network (SSID) Scheduling 69

Configuring Advanced Wireless Settings 70

Configuring Rogue Access Point Detection 71

Enabling Rogue AP Detection 71

Authorizing a Rogue AP 71

Adding and Editing Authorized APs 72

Configuring Wi-Fi Protected Setup 72

Configuring a Wireless Distribution System (WDS) 73

Configuring Load Balancing 74

Cisco RV180/RV180W Administration Guide 3

Contents

Chapter 4: Configuring the Firewall 77

Cisco RV180/RV180W Firewall Features 77

Configuring Access Rules 79

Creating an Access Rule 80

Configuring Attack Prevention 83

Configuring Content Filtering 84

Configuring URL Blocking 86

Configuring Port Triggering 87

Adding a Port Triggering Rule 88

Configuring Port Forwarding 88

Adding a Port Forwarding Configuration 89

Configuring a DMZ Host 92

Configuring Advanced Firewall Settings 92

Configuring One-to-One Network Address Translation (NAT) 92

Adding a One-to-One NAT Rule 93

Configuring MAC Address Filtering 93

Configuring IP/MAC Address Binding 94

Creating Custom Services 95

Adding a Custom Service 95

Creating Schedules 96

Adding a Schedule 96

Configuring Session Settings 96

Configuring Internet Group Management Protocol (IGMP) 97

Adding Allowed Networks 98

Configuring LAN (Local Network) Groups 98

Adding a New LAN Group 99

Enabling Session Initiation Protocol Application-Level Gateway (SIP ALG) 99

Firewall Configuration Examples 100

Cisco RV180/RV180W Administration Guide 4

Contents

Chapter 5: Configuring Virtual Private Networks (VPNs) and Security 104

Configuring VPNs 104

Configuring a Basic VPN 107

Viewing Basic VPN Default Values 109

Configuring Advanced VPN Parameters 109

Configuring IKE Policies 110

Configuring VPN Policies 114

Monitoring VPN Tunnel Status 118

Configuring VPN Users 119

Configuring VPN Passthrough 121

Configuring Security 121

Using SSL Certificates for Authentication 121

Uploading a Trusted Certificate 122
Generating New Certificate Requests 123
Viewing a Self Certificate Request 124
Exporting a Self Certificate Request 124
Uploading a Self Certificate 124
Exporting the Router’s Current Certificate 125

Using the Cisco RV180/RV180W With a RADIUS Server 125

Adding a RADIUS Server Configuration 125
Configuring Captive Portal 126

Configuring 802.1x Port-Based Authentication 126

Chapter 6: Configuring Quality of Service (QoS) 128

Configuring WAN QoS Profiles 128

Configuring Profile Binding 130

Adding a Profile Binding 130

Configuring CoS Settings 131

Mapping CoS Settings to DSCP Values 132

Chapter 7: Administering Your Cisco RV180/RV180W 133

Configuring Language 134

Configuring Password Rules 134

Cisco RV180/RV180W Administration Guide 5

Contents

Using the Management Interface 134

Configuring HTTPS Access 135

Configuring User Accounts 135

Setting the Session Timeout Value 136

Configuring Network Management 136

Configuring SNMP 136

Editing SNMPv3 Users 137
Adding SNMP Traps 137
Configuring Access Control Rules 138

Configuring Additional SNMP Information 138

Configuring the WAN Traffic Meter 139

Using Network Diagnostic Tools 141

Capturing and Tracing Packets 142

Configuring Logging 142

Configuring Logging Policies 142

Configuring Firewall Logs 143

Configuring Remote Logging 144

Configuring the Discovery Settings 145

Configuring Bonjour 146

Configuring UPnP 146

Configuring Time Settings 147

Backing Up and Restoring the System 148

Importing CSV Files 149

Upgrading Firmware 152

Rebooting the Cisco RV180/RV180W 153

Restoring the Factory Defaults 153

Chapter 8: Viewing the Cisco RV180/RV180W Status 155

Viewing the Dashboard 155

Viewing the System Summary 158

Viewing the Wireless Statistics (Cisco RV180W) 162

Cisco RV180/RV180W Administration Guide 6

Contents

IPsec Connection Status 163

Viewing VPN Client Connection Status 164

Viewing Logs 165

Viewing Available LAN Hosts 165

Viewing Port Triggering Status 166

Viewing Port Statistics 167

Viewing Open Ports 168

Appendix A: Using Cisco QuickVPN for Windows 7, 2000, XP, or Vista 170

Overview 170

Before You Begin 170

Installing the Cisco QuickVPN Software 171

Installing from the CD-ROM 171

Downloading and Installing from the Internet 171

Using the Cisco QuickVPN Software 172

Appendix B: Where to Go From Here 174

Cisco RV180/RV180W Administration Guide 7

Introduction

This chapter describes the features of the Cisco RV180/RV180W, guides you
through the installation process, and gets you started using the Device Manager, a
browser-based utility for configuring the Cisco RV180/RV180W.

1

• Product Overview, page 2

• Getting to Know the Cisco RV180, page 4

• Getting to Know the Cisco RV180W, page 5

• Mounting the Cisco RV180/RV180W, page 8

• Connecting the Equipment, page 11

• Setting Up the Cisco RV180/RV180W Using the Setup Wizard, page 14

• Choosing the Device Mode (Cisco RV180W), page 15

• Using the Getting Started Page, page 17

• Navigating through the Pages, page 18

• Saving Your Changes, page 19

• Viewing the Help Files, page 20

• Connecting Devices to Your Wireless Network, page 20

• Configuration Next Steps, page 20

Cisco RV180/RV180W Administration Guide 1

Introduction

Product Overview

Product Overview

Thank you for choosing the Cisco Small Business RV180/RV180W router.

The Cisco RV180 & RV180W Wireless-N VPN Router provides simple, affordable,
highly secure, business-class connectivity to the Internet for small offices and
remote workers. The RV180W features multi-function operation allowing the
device to function as a wireless router, bridge, or access point. Both products
include 4-port Gigabit Ethernet LAN ports, a Gigabit Ethernet WAN port, and an
intuitive browser-based device manager.

LAN Ethernet Interfaces

Both the Cisco RV180 and Cisco RV180W models provide four full-duplex
10/1000 Ethernet LAN interfaces that can connect up to four devices.

1

Wireless Access Point (Cisco RV180W)

The Cisco RV180W model provides a wireless access point that supports the

802.11n standard with MIMO technology, which multiplies the effective data rate.
This technology provides better throughput and coverage than 802.11g networks.

Router and VPN Client Access

The Cisco RV180/RV180W incorporates a Stateful Packet Inspection (SPI)-based
router with Denial of Service (DoS) prevention and a Virtual Private Network (VPN)
engine for secure communication between mobile or remote workers and branch
offices.

The Cisco RV180/RV180W supports up to ten gateway-to-gateway IP Security
(IPsec) tunnels to facilitate branch office connectivity through encrypted virtual
links. Users connecting through a VPN tunnel are attached to your company’s
network with secure access to files, e-mail, and your intranet as if they were in the
building.

You can also use the VPN capability to allow users on your small office network to
securely connect out to a corporate network.

Cisco RV180/RV180W Administration Guide 2

Introduction

Product Overview

1

Wireless Distribution System (Cisco RV180W)

The Cisco RV180W’s wireless access point supports Wireless Distribution
System (WDS), which allows the wireless coverage to be expanded without wires.

Virtual Networks

The access point also supports multiple SSIDs for the use of virtual networks (up
to 4 separate virtual networks), with 802.1Q-based VLAN support for traffic
separation.

Wireless Security (Cisco RV180W)

The Cisco RV180W implements WPA-PSK, WPA-ENT, WPA2-PSK, WPA2-ENT, and
WEP encryption, along with other security features including the disabling of SSID
broadcasts, MAC-based filtering, and allowing or denying “time of day” access
per SSID.

Quality of Service (Cisco RV180W)

The Cisco RV180W supports Wi-Fi Multimedia (WMM) and Wi-Fi Multimedia
Power Save (WMM-PS) for wireless Quality of Service (QoS). It supports 802.1p,
Differentiated Services Code Point (DSCP), and Type of Service (ToS) for wired
QoS, which can improve the quality of your network when using delay-sensitive
Voice over IP (VoIP) applications and bandwidth-intensive video streaming
applications.

Configuration and Administration

With the Cisco RV180/RV180W’s embedded web server, you can configure the
router’s settings using the browser-based Device Manager. The Cisco RV180/
RV180W supports Internet Explorer, Firefox, and Safari web browsers.

The Cisco RV180/RV180W also provides a setup wizard. The setup wizard allows
you to easily configure the Cisco RV180/RV180W’s basic settings.

Cisco RV180/RV180W Administration Guide 3

Introduction

Getting to Know the Cisco RV180

Getting to Know the Cisco RV180

Front Panel

POWER—The Power LED lights up green to indicate the device is powered on. It

flashes green when the power is coming on or software is being upgraded.

1

WAN LED—The WAN (Internet) LED lights up green when the device is connected

to your cable or DSL modem. The LED flashes green when the device is sending
or receiving data over the WAN port.

LAN—These four LEDs correspond to the four LAN (Ethernet) ports of the Cisco
RV180. If the LED is continuously lit green, the Cisco RV180 is connected to a
device through the corresponding port (1, 2, 3, or 4). The LED for a port flashes
green when the Cisco RV180 is actively sending or receiving data over that port.

Back Panel

RESET Button—The Reset button has two functions:

• If the Cisco RV180 is having problems connecting to the Internet, press the

RESET button for less than five seconds with a paper clip or a pencil tip.
This is similar to pressing the reset button on your PC to reboot it.

• If you are experiencing extreme problems with the Cisco RV180 and have

tried all other troubleshooting measures, press and hold in the RESET

Cisco RV180/RV180W Administration Guide 4

Introduction

Getting to Know the Cisco RV180W

LAN Ports (1-4)—These ports provide a LAN connection to network devices,
such as PCs, print servers, or additional switches.

WAN Por t—The WAN port is connected to your Internet device, such as a cable or
DSL modem.

ON/OFF Power Switch—Press this button to turn the Cisco RV180 on and off.
When the button is pushed in, power is on.

Power Port—The power port is where you connect the AC power cable.

1

button for at least 20 seconds. This will restore the factory defaults and
clear all of the Cisco RV180 settings.

NOTE We recommend that you back up your current configuration before

resetting the device to the factory default settings. See Backing Up and

Restoring the System, page 148.

Getting to Know the Cisco RV180W

Front Panel

POWER—The Power LED lights up green to indicate the device is powered on. It

flashes green when the power is coming on or software is being upgraded.

Cisco RV180/RV180W Administration Guide 5

Introduction

Getting to Know the Cisco RV180W

WAN LED—The WAN (Internet) LED lights up green when the device is connected
to your cable or DSL modem. The LED flashes green when the device is sending
or receiving data over the WAN port.

WIRELESS—The Wireless LED lights up green when the wireless module is
enabled by the Device Manager. The LED is off when the wireless module is
disabled. The LED flashes green when the device is transmitting or receiving data
on the wireless module.

AP—The AP LED lights up solid green when the Cisco RV180W is in access point
mode. See Choosing the Device Mode (Cisco RV180W), page 15.

BRIDGE—The BRIDGE LED lights up solid green when the Cisco RV180W is in
bridge mode. See Choosing the Device Mode (Cisco RV180W), page 15.

LAN—These four LEDs correspond to the four LAN (Ethernet) ports of the Cisco
RV180/RV180W. If the LED is continuously lit green, the Cisco RV180W is
connected to a device through the corresponding port (1, 2, 3, or 4). The LED for a
port flashes green when the Cisco RV180W is actively sending or receiving data
over that port.

1

Cisco RV180/RV180W Administration Guide 6

Introduction

Getting to Know the Cisco RV180W

Back Panel

1

RESET Button—The Reset button has two functions:

• If the Cisco RV180W is having problems connecting to the Internet, press

the RESET button for less than five seconds with a paper clip or a pencil tip.
This is similar to pressing the reset button on your PC to reboot it.

• If you are experiencing extreme problems with the Cisco RV180W and have

tried all other troubleshooting measures, press and hold in the RESET
button for 10 seconds. This will restore the factory defaults and clear all of
the Cisco RV180W settings.

LAN Ports (1-4)—These ports provide a LAN connection to network devices,
such as PCs, print servers, or additional switches.

WAN Por t—The WAN port is connected to your Internet device, such as a cable or
DSL modem.

ON/OFF Power Switch—Press this button to turn the Cisco RV180W on and off.
When the button is pushed in, power is on.

Power Port—The power port is where you connect the AC power cable.

Cisco RV180/RV180W Administration Guide 7

Introduction

1

2

4

3

Mounting the Cisco RV180/RV180W

Mounting the Cisco RV180/RV180W

You can place your Cisco RV180/RV180W on a desktop or mount it on a wall.

Placement Tips

• Ambient Temperature—To prevent the device from overheating, do not

operate it in an area that exceeds an ambient temperature of
104°F (40°C).

• Air Flow—Be sure that there is adequate air flow around the device.

• Mechanical Loading—Be sure that the device is level and stable to avoid

any hazardous conditions.

For desktop placement, place the Cisco RV180/RV180W device horizontally on a
flat surface so that it sits on its four rubber feet.

1

Wall Mounting

The Cisco RV180/RV180W can be wall-mounted. You will need two mounting
screws (not supplied) and drywall anchors (not supplied), if you are installing the
screws into wallboard. The dimensions for the screws are as follows:

1

0.30 to 0.32 in/

7.7 to 8.2 mm

WARNING Insecure mounting might damage the device or cause injury. Cisco is not

responsible for damages incurred by insecure wall-mounting.

2 0.86 to 0.88 in/

21.8 to 22.3
mm

3 0.26 to 0.28 in/

6.5 to 7.1 mm

4 0.61 to 0.63 in/

15.5 to 16 mm

Cisco RV180/RV180W Administration Guide 8

Introduction

284157

2-7/16" (61 mm)

Mounting the Cisco RV180/RV180W

To mount the firewall to the wall:

STEP 1 Determine where you want to mount the firewall. Verify that the surface is smooth,

flat, dry, and sturdy.

STEP 2 Drill two pilot holes into the surface 2-7/16 inches (61 mm) apart, and with a

minimum of 5.12 inches (130 mm) of clearance.

STEP 3 Insert a screw into each hole, leaving a gap between the surface and the base of

the screw head of at least 0.1 inches (3 mm).

1

Cisco RV180/RV180W Administration Guide 9

Introduction

284158

Mounting the Cisco RV180/RV180W

STEP 4 Place the firewall wall-mount slots over the screws and slide the firewall down until

the screws fit snugly into the wall-mount slots.

1

Cisco RV180/RV180W Administration Guide 10

Introduction

Connecting the Equipment

Connecting the Equipment

Before you begin the installation, make sure that you have the following equipment
and services:

Required

• Functional Internet Connection (Broadband DSL or cable modem).

• Ethernet cable for WAN (Internet) connection.

• PC with functional network adapter (Ethernet connection) to run the Setup

Wizard or the Device Manager. The Setup Wizard is supported on Microsoft
Windows 2000, Windows XP, Windows Vista, and Windows 7. The Device
Manager is supported on the following web browsers:

- Microsoft Internet Explorer 6.0 and later

1

- Mozilla Firefox 3.0 and later

- Apple Safari 3.0 and later

- Google Chrome 1.0 and later

• Ethernet cable (provided) to connect the router to a PC for configuration.

Optional

• Uninterruptible Power Supply (UPS) to provide backup power to essential

devices (strongly recommended).

• Ethernet cables for LAN interfaces, if you want to connect additional

devices to the router’s LAN ports.

To connect your router to the Internet:

STEP 1 Power off all equipment, including the cable or DSL modem, the PC you will use to

connect to the RV180/RV180W, and the RV180/RV180W.

STEP 2 If your Ethernet cable from your DSL or cable modem is currently connected to a

device such as a router or PC, disconnect the cable from the device and plug it
into the port marked “WAN” on the RV180/RV180W. The cable or DSL modem is
now connected to the router.

Cisco RV180/RV180W Administration Guide 11

Introduction

Connecting the Equipment

STEP 3 Using the Ethernet cable included in the Cisco RV180/180W box, connect one end

1

of the cable to one of the LAN ports of the router. (In this example, the LAN 1 port is
used.) Connect the other end of the cable to an Ethernet port on the PC that will be
used to connect to the Cisco RV180/180W Device Manager.

STEP 4 Power on the cable or DSL modem and wait until the connection is active.

Cisco RV180/RV180W Administration Guide 12

Introduction

!

Connecting the Equipment

STEP 5 Connect the power adapter to the Cisco RV180/RV180W power port (12VDC).

CAUTION Use only the power adapter that is supplied with the device. Using a different

STEP 6 Plug the other end of the adapter into an electrical outlet. You may need to use a

1

power adapter could damage the device.

specific plug (supplied) for your country.

STEP 7 On the Cisco RV180/RV180W, push in the ON/OFF power button.

The power light on the front panel lights up green when the power adapter is

connected properly and the unit is turned on.

Cisco RV180/RV180W Administration Guide 13

Introduction

Setting Up the Cisco RV180/RV180W Using the Setup Wizard

1

Setting Up the Cisco RV180/RV180W Using the Setup Wizard

With the RV180/RV180W powered on and connected to a PC, use the Setup
Wizard to configure the Cisco RV180/RV180W.

To use the Setup Wizard:

STEP 1 Start the PC connected to the RV180/RV180W. Your computer becomes a DHCP

client of the RV180/RV180W and receives an IP address in the 192.168.1.xxx
range.

STEP 2 Launch a web browser and enter 192.168.1.1 in the Address field. This is the

default IP address of the RV180/RV180W.

A message appears about the site’s security certificate. The RV110W uses a self­signed security certificate and this message appears because the router is not
known to your computer.

STEP 3 Click Continue to this website (or the option shown on your particular web

browser) to go to the web site.

The router’s default IP address is 192.168.1.1. If there is another device connected
to the network that is acting as a DHCP server, that device may assign a different
address to the RV180/RV180W. If so, use that IP address to connect to the RV180/
RV180W.

STEP 4 When the login page appears, enter the user name and password. The default

user name is cisco. The default password is cisco. Passwords are case sensitive.
To protect your router, change the default user name and password as soon as
possible. See the “Configuring User Accounts” section on page 135.

STEP 5 Click Log In. The Setup Wizard starts.

STEP 6 Follow the Setup Wizard’s on-screen instructions to set up the RV180/RV180W.

The Setup Wizard tries to automatically detect and configure your connection. If it
cannot, the Setup Wizard may ask you for information about your Internet
connection. You may need to contact your ISP to obtain this information.

After the Setup Wizard is done configuring the RV180/RV180W, the Getting
Started page appears. See Using the Getting Started Page, page 17 for more
information.

Cisco RV180/RV180W Administration Guide 14

Introduction

Choosing the Device Mode (Cisco RV180W)

Choosing the Device Mode (Cisco RV180W)

You can configure the Cisco RV180W device mode to choose how the device
performs in your network. To choose the device mode:

STEP 1 Choose Device Mode.

STEP 2 Click to select the device mode for the Cisco RV180W. See below for more

information.

STEP 3 Click Save.

The RV180W provides the following modes:

Router

1

The Cisco RV180W acts as the wireless router in the network.

Access Point

The Cisco RV180W acts as the access point in the network. The WAN port is
disabled, and the four Ethernet ports can be used to connect to another router or
switch. The RV180W has the default IP address of 192.168.1.245. If you are
connecting the RV180W to a network that uses 802.1x for authentication, you must
enable 802.1x on the RV180W. See Configuring 802.1x Port-Based

Authentication, page 126.

WDS Bridge

The Cisco RV180W acts as a wireless bridge to another wireless network. To set
up the RV180W as a WDS bridge, perform the following tasks:

STEP 1 Connect the PC on which you will be using the Device Manager to the primary

wireless host (in this example, called “Router A”).

STEP 2 Connect one of the LAN ports on Router A with one of the LAN ports on the Cisco

RV180W.

STEP 3 On your PC, set your IP address to a static IP address that is on the same subnet

as the Cisco RV180W. For example, change your PC’s IP address to 192.168.1.30.

STEP 4 Enable WDS on Router A and the RV180W. (On the RV180W, choose Wireless >

WDS. Check Enable, and click Save.)

Cisco RV180/RV180W Administration Guide 15

Introduction

Choosing the Device Mode (Cisco RV180W)

STEP 5 On the RV180W, enter the Router A’s MAC address of the wireless network

(access point). For example, if Router A is a Cisco RV220W, you would find the
MAC address of its wireless network under Status > System Summary, in the
Available Access Points table. To enter Router A’s MAC address into the RV180W:

a. Choose Wireless > WDS.

b. In the WDS Peer Table, click Add and enter the MAC address of the host router

(Router A)’s wireless network.

c. Click Save. For more information, see the “Configuring a Wireless Distribution

System (WDS)” section on page 73.

STEP 6 On Router A, enter the MAC address of the wireless network on the RV180W. Enter

only the MAC address of SSID 1 on router A because only SSID 1 supports WDS.
(To view the available RV180W access points and their MAC addresses, go to
Status > System Summary and look at the Available Access Point Table.)

1

STEP 7 Disconnect the Ethernet connection between Router A and the RV180W. After the

WDS connection is established, you should be able to ping the RV180W from the
PC that is connected to Router A.

The following situations may apply, depending on the host router and RV180W
configuration:

• You may need to reboot the RV180W after configuring WDS and

disconnecting it from the host router.

• If both routers are powered off, you may need to wait a few seconds after

turning on the host router to turn on the RV180w.

WDS Repeater

The Cisco RV180W connects using wireless to another wireless network and
repeats the wireless signal to clients behind the Cisco RV180W. You must
configure the MAC address of the AP or peers in order to allow them to associate
to the RV180W. See the “Configuring a Wireless Distribution System (WDS)”

section on page 73.

Cisco RV180/RV180W Administration Guide 16

Introduction

Using the Getting Started Page

Using the Getting Started Page

The Getting Started page displays the most common Cisco RV180/RV180W
configuration tasks. Use the links on this page to jump to the relevant configuration
page.

By default, this page appears when you start the Device Manager. However, you
can change this behavior by checking Don’t show this on start up at the bottom
of the page.

Initial Settings

Run Setup Wizard Click this link to launch the Setup Wizard.

1

Configure WAN
(Internet) Settings

Configure LAN
(Local Network)
Settings

Configure Wireless
Settings (RV180W only)

Add VPN Clients See Configuring VPN Users, page 119.

Quick Access

Upgrade Device
Firmware

Click this link to open the Internet Setup page.

See Configuring the IPv4 WAN (Internet),

page 25.

Click this link to open the LAN Configuration page.

See Configuring IPv4 LAN (Local Network)

Settings, page 32.

Click this link to open the Basic Settings page.

See Configuring Basic Wireless Settings,

page 63.

Click this link to open the
Firmware Upgrade page.

See Upgrading Firmware, page 152.

Backup/Restore
Settings

Cisco RV180/RV180W Administration Guide 17

Click this link to open the
Backup and Restore page.

See Backing Up and Restoring the System,

page 148

Introduction

Navigating through the Pages

1

Configure Site to Site
VPN

Configure Web Access Click this link to open the Web Access page.

Device Status

Dashboard Click this link to open the Dashboard page.

System Summary Click this link to open the System Summary page.

Wireless Status
(RV180W only)

VPN Status Click this link to open the IPsec Connection Status

Click this link to open the Basic VPN Setup page.

See Configuring a Basic VPN, page 107.

See Configuring HTTPS Access, page 135.

See Viewing the Dashboard, page 155.

See Viewing the System Summary, page 158.

Click this link to open the Wireless Statistics page.

See Viewing the Wireless Statistics (Cisco

RV180W), page 162.

page.

Other Resources

Support Click this link to open Cisco’s support page.

Forums Click this link to visit Cisco’s online support forums.

Navigating through the Pages

Use the navigation tree (numbered 1 in Figure 1) located in the in the left pane to
open the configuration pages.

See IPsec Connection Status, page 163.

Cisco RV180/RV180W Administration Guide 18

Introduction

Saving Your Changes

1

Click a menu item (numbered 2 in Figure 1) on the left panel to expand it. Click the
menu names displayed underneath to perform an action or view a sub-menu.

NOTE The RV180W menus change depending on the router mode (Router, Access Point,

WDS Bridge, or WDS Repeater) that you have configured for the RV180W. For
example, the RV180W in WDS Bridge mode displays fewer choices under the
Security menu than the RV180W in router mode.

On the RV180W, the upper right of the screen (numbered 3 in Figure 1) shows in
which device mode the RV180W is running.

Figure1 RV180W Device Manager

Saving Your Changes

When you finish making changes on a configuration page, click Save (numbered 4
in Figure 1) to save the changes, or click Cancel (numbered 5 in Figure 1) to undo
your changes.

Cisco RV180/RV180W Administration Guide 19

Introduction

Viewing the Help Files

Viewing the Help Files

To view more information about a configuration page, click the Help link near the
top right corner of the page (numbered 6 in Figure 1).

Connecting Devices to Your Wireless Network

To connect a device such as a PC or printer to your wireless network, you must
configure the wireless connection on the device using the security information you
configured for the Cisco RV180/RV180W:

• Network name or Service Set Identifier (SSID). The default SSID is

ciscosb-1.

1

• If applicable, the encryption type and security key.

Configuration Next Steps

Although the Setup Wizard automatically configures the RV180/RV180W, we
recommend that you change some default settings to provide better security and
performance.

In addition, you may need to manually configure some settings. A suggested
outline of steps follows:

• Change the administrator name and password—See “Configuring User

Accounts” on page 135.

• Change the idle timeout value—By default, The Device Manager logs you

out after 10 minutes of inactivity. This can be frustrating if you are trying to
configure your device. See “Setting the Session Timeout Value” on page

136.

• (Optional) If you already have a DHCP server on your network, and you do

not want the Cisco RV180/RV180W to act as a DHCP server, see

“Configuring the LAN (Local Network) Settings” section on page 32.

• (Cisco RV180W) Configure your wireless network, especially wireless

security. See Chapter 3, “Configuring the Wireless Network (Cisco

RV180W).”

Cisco RV180/RV180W Administration Guide 20

Introduction

Configuration Next Steps

1

• Configure your Virtual Private Network (VPN) using QuickVPN. The

QuickVPN software is found on the documentation and software CD that
shipped with your router. See Appendix A, “Using Cisco QuickVPN for

Windows 7, 2000, XP, or Vista.”

Cisco RV180/RV180W Administration Guide 21

Introduction

Configuration Next Steps

1

Cisco RV180/RV180W Administration Guide 22

Introduction

Configuration Next Steps

1

Cisco RV180/RV180W Administration Guide 23

Configuring Networking

The networking page allows you to configure networking settings. This chapter
contains the following sections:

• Configuring the WAN (Internet) Settings, page 24

• Configuring the LAN (Local Network) Settings, page 32

• Configuring Routing, page 42

2

• Configuring Port Management, page 47

• Configuring Dynamic DNS (DDNS), page 48

• Configuring IPv6, page 50

NOTE Cisco recommends you use the Setup Wizard to configure basic networking on the

Cisco RV180/RV180W. You can then make changes and provision advanced
features using the Device Manager.

Configuring the WAN (Internet) Settings

If you have an IPv4 network, use these sections to configure your network. If you
have an IPv6 network, see Configuring IPv6, page 50.

Cisco RV180/RV180W Administration Guide 24

Configuring Networking

Configuring the WAN (Internet) Settings

Configuring the IPv4 WAN (Internet)

STEP 1 Choose Networking > WAN (Internet) > IPV4 WAN (Internet).

STEP 2 Choose the type of Internet connection you have. The type of connection you have

determines the rest of the information you need to enter. See the sections below
for more information:

• Configuring Automatic Configuration (DHCP), page 25

• Configuring Static IP, page 26

• Configuring PPPoE, page 26

• Configuring PPTP, page 27

• Configuring L2TP, page 28

2

Configuring Automatic Configuration (DHCP)

If your Internet Service Provider (ISP) uses the Dynamic Host Configuration
Protocol (DHCP) to assign you an IP address, you receive a dynamic IP address
from your ISP.

To configure DHCP WAN settings:

STEP 1 Choose Networking > WAN (Internet) > IPv4 WAN (Internet).

STEP 2 From the Internet Connection Type drop-down menu, choose

Automatic Configuration - DHCP.

STEP 3 Enter MTU information. (See Configuring MTU Settings, page 29.)

STEP 4 Enter MAC Address information. (See Configuring the MAC Address, page 29.)

STEP 5 Click Save.

Cisco RV180/RV180W Administration Guide 25

Configuring Networking

Configuring the WAN (Internet) Settings

Configuring Static IP

If your ISP assigned you a permanent IP address, perform the following steps to
configure your WAN settings:

STEP 1 Choose Networking > WAN (Internet) > IPv4 WAN (Internet).

STEP 2 From the Internet Connection Type drop-down menu, choose Static IP.

STEP 3 Enter this information:

IP Address Enter the IP address that your ISP has assigned to

Subnet mask Enter subnet mask that your ISP has assigned to

2

you.

you.

Default Gateway Enter the IP address of the IPS’s gateway.

Primary DNS Server Enter the IP address of the primary DNS server

used by your ISP.

Secondary DNS Server (Optional) Enter the IP address of the secondary

DNS server. This is used if the primary DNS server
fails.

STEP 4 Enter MTU information. (See Configuring MTU Settings, page 29.)

STEP 5 Enter MAC Address information. (See Configuring the MAC Address, page 29.)

STEP 6 Click Save.

Configuring PPPoE

If you have a Point-to-Point Protocol over Ethernet (PPPoE) connection to the
Internet:

STEP 1 Choose Networking > WAN (Internet) > IPv4 WAN (Internet).

STEP 2 From the Internet Connection Type drop-down menu, choose PPPoE.

STEP 3 From the PPPoE Profile Name drop-down menu, choose a PPPoE profile. If no

profile is listed, click Configure Profile to create a new profile.

Cisco RV180/RV180W Administration Guide 26

Configuring Networking

Configuring the WAN (Internet) Settings

To see the details of available profiles, choose

Networking > WAN (Internet) > PPPoE Profiles. See Configuring PPPoE

Profiles, page 30 for more information.

STEP 4 Enter MTU information. (See Configuring MTU Settings, page 29.)

STEP 5 Enter MAC Address information. (See Configuring the MAC Address, page 29.)

STEP 6 Click Save.

Configuring PPTP

If you have a Point-to-Point Tunneling Protocol (PPTP) connection to the Internet:

STEP 1 Choose Networking > WAN (Internet) > IPv4 WAN (Internet).

2

STEP 2 From the Internet Connection Type drop-down menu, choose PPTP.

STEP 3 Enter this information:

User Name Enter your username assigned to you by the ISP.

Password Enter your password assigned to you by the ISP.

MPPE Encryption If your ISP supports Microsoft Point-to-Point

Encryption (MPPE), check to enable MPPE
encryption.

Connection Type Choose the connection type:

• Keep connected—The Internet connection is

always on.

• Idle Time—The Internet connection is on only

when traffic is present. If the connection is
idle—that is, no traffic is occurring within the
specified time frame—the connection is
closed. You might want to choose this option
if your ISP charges based on connection
time.

Idle Time If you choose Idle Time as the connection type,

Cisco RV180/RV180W Administration Guide 27

enter the number of minutes after which the
connection terminates. The valid range is 5–999.

Configuring Networking

Configuring the WAN (Internet) Settings

My IP Address Enter the IP address assigned to you by your ISP.

Server IP Address Enter the IP address of the PPTP server.

STEP 4 Enter MTU information. (See Configuring MTU Settings, page 29.)

STEP 5 Enter MAC Address information. (See Configuring the MAC Address, page 29.)

STEP 6 Click Save.

Configuring L2TP

If you have a Layer 2 Tunneling Protocol (L2TP) connection to the Internet:

STEP 1 Choose Networking > WAN.

2

STEP 2 From the Internet Connection Type drop-down menu, choose L2TP.

STEP 3 Enter this information:

User Name Enter your username assigned to you by the ISP.

Password Enter your password assigned to you by the ISP.

Secret (Optional) Enter your secret phrase. This phrase is

known to you and your ISP for use in authenticating
your logon.

Connection Type Choose the connection type:

• Keep connected—The Internet connection is

always on.

• Idle Time—The Internet connection is on only

when traffic is present. If the connection is
idle—that is, no traffic is occurring within the
specified time frame—the connection is
closed. You might want to choose this option
if your ISP charges based on connection
time.

Idle Time If you choose Idle Time as the connection type,

Cisco RV180/RV180W Administration Guide 28

enter the number of minutes after which the
connection terminates. The valid range is 5–999.

Configuring Networking

Configuring the WAN (Internet) Settings

My IP Address Enter the IP address assigned to you by your ISP.

Server IP Address Enter the IP address of the L2TP server.

STEP 4 Enter MTU information. (See Configuring MTU Settings, page 29.)

STEP 5 Enter MAC Address information. (See Configuring the MAC Address, page 29.)

STEP 6 Click Save.

Configuring MTU Settings

The Maximum Transmission Unit (MTU) is the size of the largest packet that can be
sent over the network. The default MTU value for Ethernet networks is usually
1500 bytes and for PPPoE connections, it is 1492 bytes.

2

To configure the MTU settings:

STEP 1 Choose Networking > Choose Networking > WAN (Internet) > IP v4 WAN

(Internet).

STEP 2 Choose the MTU type:

• Default—Unless a change is required by your ISP, we recommend that you

choose Default in the MTU Type field. The default MTU size is 1500 bytes.

• Custom—If your ISP requires a custom MTU setting, choose Custom and

enter the MTU size (in bytes) in the MTU Size field.

STEP 3 Click Save.

Configuring the MAC Address

The Cisco RV180/RV180W has a unique 48-bit local Ethernet hardware address.
In most cases, the default MAC address is used to identify your Cisco RV180/
RV180W to your ISP. However, you can change this setting if required by your ISP.

Cisco RV180/RV180W Administration Guide 29

Configuring Networking

Configuring the WAN (Internet) Settings

To configure the MAC address settings:

STEP 1 Choose Networking > WAN (Internet) > IPv4 WAN (Internet).

STEP 2 From the MAC Address Source drop-down menu, choose one of these options:

• Use Default Address—(Recommended) choose this option to use the

default MAC address. However, if another MAC address has previously been
registered with your ISP, choose either Use This Computer’s Address or Use
This MAC.

• Use This Computer's Address—Choose this option to assign the MAC

address of your computer that you are using to connect to the Device
Manager.

• Use This MAC—Choose this option if you want to enter a different MAC

address. Enter the address in the MAC Address field.

2

STEP 3 Click Save.

Configuring PPPoE Profiles

If you have a PPPoE connection to the Internet, you can create profiles for multiple
PPPoE accounts. This can be useful if you connect to the Internet using different
service provider accounts. The PPPoE Profiles page lists the available PPPoE
profiles and some attributes associated with each profile.

Adding or Editing a PPPoE Profile

STEP 1 Choose Networking > WAN (Internet) > PPPoE Profiles.

STEP 2 Click Add to create a new profile, or select the check box in the row of the profile

you want to edit and click Edit.

STEP 3 Enter or change the following information (you may need to contact your ISP to

obtain your PPPoE login information):

Profile Name Enter the name of the profile.

Username Enter your username assigned to you by the ISP.

Password Enter your password assigned to you by the ISP.

Cisco RV180/RV180W Administration Guide 30

Configuring Networking

Configuring the WAN (Internet) Settings

Authentication Type Choose the authentication type from the

2

drop-down menu:

• Auto-negotiate—The s er ver s en ds a

configuration request specifying the security
algorithm set on it. Then, the Cisco RV180/
RV180W sends back authentication
credentials with the security type sent earlier
by the server.

• PAP—The Cisco RV180/RV180W uses the

Password Authentication Protocol (PAP) to
connect to the ISP.

• CHAP—The Cisco RV180/RV180W uses the

Challenge Handshake Authentication
Protocol (CHAP) when connecting with the
ISP.

• MS-CHAP or MS-CHAPv2—Th e Cis co

RV180/RV180W uses Microsoft Challenge
Handshake Authentication Protocol when
connecting with the ISP.

Connection Type Choose the connection type:

• Keep connected—The Internet connection is

always on.

• Idle Time—The Internet connection is on only

when traffic is present. If the connection is
idle—that is, no traffic is occurring during the
specified time period—the connection is
closed. You might want to choose this option
if your ISP charges based on connection
time.

Idle Time If you choose Idle Time as the connection type,

enter the number of minutes after which the
connection terminates. The valid range is 5–999.

STEP 4 Click Save. The profile is added to the Profile Table.

To edit a PPPoE profile listed in the Profile Table, select the profile and click Edit.
To delete selected profiles, click Delete.

Cisco RV180/RV180W Administration Guide 31

Configuring Networking

Configuring the LAN (Local Network) Settings

Configuring the LAN (Local Network) Settings

If you have an IPv4 network, use these sections to configure your LAN settings. If
you have an IPv6 network, see Configuring IPv6 LAN Properties, page 51.

Configuring IPv4 LAN (Local Network) Settings

If you have an IPv4 LAN, you can configure the following settings:

• Host name—Configuring the Host Name, page 32

• IP Address—Configuring the IP Address, page 32

• DHCP—Configuring DHCP, page 33

• DNS Proxy—Configuring the DNS Proxy, page 35

2

Configuring the Host Name

To configure the host name of the Cisco RV180/RV180W:

STEP 1 Choose Networking > LAN (Local Network) > IPv4 LAN (Local Network).

STEP 2 In the Host Name field, enter the host name of the Cisco RV180/RV180W. You can

use only alpha-numeric characters and the hyphen.

The default hostname (for example, “router6DE44E”) consists of the word “router”
followed by the last 3 bytes of the router’s LAN MAC address (in hexadecimal
form). This format allows the FindIT application to use Bonjour to identify Cisco
Small Business devices on the LAN.

NOTE: Changing the router name causes the router to reboot.

STEP 3 Click Save.

Configuring the IP Address

You might want to change the default IP address (for example, if the default
address is already assigned to another piece of equipment in your network).

Cisco RV180/RV180W Administration Guide 32

Configuring Networking

Configuring the LAN (Local Network) Settings

To configure the IP address of the Cisco RV180/RV180W:

STEP 1 Choose Networking > LAN (Local Network) > IPv4 LAN (Local Network).

STEP 2 Enter this information:

IP Address Enter the LAN IP address of the RV180/RV180W.

Subnet mask Choose the subnet mask for the new IP address

2

Make sure the address is not in use by another
device on the same network. The default IP
address is 192.168.1.1.

from the drop-down menu. The default subnet is

255.255.255.0.

STEP 3 Click Save.

After changing the Cisco RV180/RV180W’s LAN IP address, your PC is no longer
connected to the Cisco RV180/RV180W.

STEP 4 To reconnect your PC to the Cisco RV180/RV180W:

• If DHCP is configured on the Cisco RV180/RV180W, release and renew your

PC’s IP address.

• If DHCP is not configured on the Cisco RV180/RV180W, manually assign an

IP address to your PC. The address must be on the same subnet as the Cisco
RV180/RV180W. For example, if you change the Cisco RV180/RV180W’s
IP address to 10.0.0.1, assign your PC an IP address in the range of 10.0.0.2
to 10.0.0.254.

STEP 5 Open a new browser window and enter the new IP address of the Cisco RV180/

RV180W to reconnect.

Configuring DHCP

By default, the Cisco RV180/RV180W functions as a DHCP server to the hosts on
the Wireless LAN (WLAN) or LAN network and assigns IP and DNS server
addresses.

Cisco RV180/RV180W Administration Guide 33

Configuring Networking

Configuring the LAN (Local Network) Settings

With DHCP enabled, the router's IP address serves as the gateway address to
your LAN. The PCs in the LAN are assigned IP addresses from a pool of
addresses. Each address is tested before it is assigned to avoid duplicate
addresses on the LAN.

For most applications, the default DHCP settings are satisfactory. If you want
another PC on your network to be the DHCP server, or if you are manually
configuring the network settings of all of your PCs, disable DHCP.

To configure the DHCP settings of the Cisco RV180/RV180W:

STEP 1 Choose Networking > LAN (Local Network) > IPv4 LAN (Local Network).

STEP 2 From the DHCP Mode drop-down menu, choose one of these options:

• None—Choose this option if the Cisco RV180/RV180W is not going to act as

a DHCP server.

2

• DHCP Server—Choose this option to configure the Cisco RV180/RV180W

to be a DHCP server and enter this information:

- Domain Name— (Optional) Enter the domain name for your network.

- Starting IP Address/Ending IP Address—Enter the first and last of the

contiguous addresses in the IP address pool. Any new DHCP client
joining the LAN is assigned an IP address in this range. You can save part
of the range for PCs with fixed addresses. These addresses should be in
the same IP address subnet as the Cisco RV180/RV180W's LAN IP
address.

- Primary DNS Server/Secondary DNS Server—DNS servers map

Internet domain names (for example, www.cisco.com) to IP addresses.
Enter the server IP addresses in these fields if you want to use different
DNS servers than are specified in your WAN settings.

- Lease time—Enter the duration (in hours) for which IP addresses are

leased to clients.

• DHCP Relay—Choose this option to configure the Cisco RV180/RV180W to

be a DHCP relay agent and enter the address of the remote DHCP server in
the Remote DHCP Server field. The relay agent transmits DHCP messages
between multiple subnets.

STEP 3 Click Save.

Cisco RV180/RV180W Administration Guide 34

Configuring Networking

Configuring the LAN (Local Network) Settings

Configuring the DNS Proxy

You can also enable a DNS proxy. When enabled, the router then acts as a proxy
for all DNS requests and communicates with the ISP's DNS servers. When
disabled, all DHCP clients receive the DNS IP addresses of the ISP.

To configure the DNS proxy server for the Cisco RV180/RV180W:

STEP 1 Choose Networking > LAN (Local Network) > IPv4 LAN (Local Network).

STEP 2 In the DNS Proxy field, check to enable the Cisco RV180/RV180W to act as a

proxy for all DNS requests and communicate with the ISP's DNS servers.

STEP 3 Click Save.

2

Configuring Virtual LAN (VLAN) Membership

A VLAN is a group of endpoints in a network that are associated by function or
other shared characteristics. Unlike LANs, which are usually geographically based,
VLANs can group endpoints without regard to the physical location of the
equipment or users. You can create up to four new VLANS.

Enabling VLANs

STEP 1 Choose Networking > LAN (Local Network) > VLAN Membership.

STEP 2 Check the Enable box.

STEP 3 Click Save.

Under the Enable VLAN field, The VLAN Membership Table is shown. This shows
available VLANs, including the VLAN ID, description, ports, and whether inter­VLAN routing is enabled or not for each configured VLAN.

Creating a VLAN

You can create up to four VLANs on the Cisco RV180/RV180W.

STEP 1 Choose Networking > LAN (Local Network) > VLAN Membership.

STEP 2 In the VLAN Membership Table, click Add Row.

Cisco RV180/RV180W Administration Guide 35

Configuring Networking

Configuring the LAN (Local Network) Settings

STEP 3 Enter a numerical VLAN ID that will be assigned to endpoints in the VLAN

membership. The VLAN ID can range from 2 to 4093. VLAN ID 1 is reserved for the
default VLAN, which is used for untagged frames received on the interface, and
VLAN ID 4094 is reserved and cannot be used.

STEP 4 Enter a description for the VLAN.

STEP 5 To enable routing between this and other VLANS, under Inter VLAN Routing, check

the Enable box.

STEP 6 To enable device management, check the Device Management box. This allows

you to access the Device Manager from that VLAN. For example, if you created a
VLAN with the VLAN ID of 2 and enabled device management, you can access the
Device Manager by using the first IP address on the created VLAN (for example,

192.168.2.1).

STEP 7 Under each of the ports for the VLAN, choose one of the following:

2

• Ta g g e d —Used when connecting to switches carrying multiple VLANs.

• Untagged—Access ports connecting to end devices like printers and

workstations.

STEP 8 Click Save.

Configuring Multiple VLAN Subnets

When you create a VLAN, a subnet is created automatically for the VLAN. You can
then further configure the VLAN properties, such as the IP address and DHCP
behavior. The Multiple VLAN Subnets page lists the VLAN subnets configured on
the device and allows you to edit configured subnets.

Editing a VLAN Subnet

To e d i t a V L AN su b n e t :

STEP 1 Choose Networking > LAN > Multiple VLAN Subnets. The list of subnets appears.

STEP 2 Check the box next to the VLAN subnet you want to edit and click Edit.

STEP 3 If you want to edit the IP address of this VLAN:

a. In the IP address field, enter the new IP address.

b. Enter the Subnet Mask for the new IP address.

Cisco RV180/RV180W Administration Guide 36

Configuring Networking

Configuring the LAN (Local Network) Settings

c. Click Save. If you are connected to the Cisco RV180/RV180W by the LAN port

that is a member of this VLAN, you might have to release and renew the IP
address on the PC connected to the LAN port, or manually assign an IP
address to your PC that is in the same subnet as the VLAN. Open a new
browser window and re-connect to the Cisco RV180/RV180W.

STEP 4 If you want to edit the DHCP behavior of this VLAN:

In the DHCP Section, in the DHCP Mode field, choose one of the following:

• DHCP Server—Choose this to allow the VLAN to act as the DHCP server in

the network. Enter the following information:

- Domain Name—Enter the domain name for your network (optional).

- Starting and Ending IP Address—Enter the first and last of the contiguous

addresses in the IP address pool. Any new DHCP client joining the LAN is
assigned an IP address in this range. You can save part of the range for
PCs with fixed addresses. These addresses should be in the same IP
address subnet as the VLAN’s IP address.

2

- Primary and Secondary DNS Server—DNS servers map Internet domain

- Lease time—Enter the duration (in hours) for which IP addresses are

• Remote DHCP Server—Choose this if you are using a DHCP relay gateway.

The relay gateway transmits DHCP messages between multiple subnets.
Enter the address of the relay gateway in the Remote DHCP Server field.

• None—Use this to disable DHCP on the VLAN.

In the LAN Proxy section, to enable the VLAN to act as a proxy for all DNS requests
and communicate with the ISP's DNS servers, check the Enable box.

STEP 5 Click Save.

names (for example, www.cisco.com) to IP addresses. Enter the server IP
addresses in these fields if you want to use different DNS servers than
are specified in your WAN settings.

leased to clients.

Cisco RV180/RV180W Administration Guide 37

Configuring Networking

Configuring the LAN (Local Network) Settings

Configuring Static DHCP

The DHCP server function allows you to add the MAC address and IP address of
endpoints that will connect to the network. When the endpoint connects to the
router, the DHCP server identifies any endpoints that have been configured. If an
endpoint has been configured in the server, the server assigns it the customized IP
address. If the endpoint is not configured in the server, it is assigned an IP address
from the generic DHCP pool.

STEP 1 Choose Networking > LAN (Local Network) > Static DHCP.

STEP 2 Click Add.

STEP 3 Enter the IP address of the device.

STEP 4 Enter the MAC address of the device. The format for the MAC Address is

XX:XX:XX:XX:XX:XX where X is a number from 0 to 9 (inclusive) or an alphabetical
letter between A and F (inclusive).

2

NOTE: The IP Address assigned should be outside the pool of the DHCP
addresses configured on the router. The DHCP pool is treated as generic pool and
all reserved IPs should be outside this pool. The DHCP server will then serve the
reserved IP address when the device using the corresponding MAC address
requests an IP address.

STEP 5 Click Save.

Configuring Advanced DHCP Settings

Configuring Automatic Configuration Download

You can configure devices that are connected to the Cisco RV180/RV180W to
download configuration files from a TFTP server. This can be useful in scenarios
like the following:

• You are deploying a large number of access points and you want them to all

download and use the same configuration file.

• You have devices, such as IP phones, that need to load configuration files

when they are connected to the network. (Non-router devices must have
the ability to download files from a TFTP server.)

Cisco RV180/RV180W Administration Guide 38

Configuring Networking

Configuring the LAN (Local Network) Settings

You must enter the MAC address of all of the devices you want to download the
files, and the filenames to download in the DHCP Client Device vs. Configuration
File Mapping table. When the devices connect to the RV180W, they will
automatically download the configuration file specified in the table and reboot.

To configure automatic configuration download:

STEP 1 Choose Networking > LAN (Local Network) > Advanced DHCP Configuration.

STEP 2 Check Enable to enable downloading of configuration files.

STEP 3 Choose the TFTP server type:

• Host Name—Enter the host name of the TFTP server in the TFTP Server

Host Name field.

• Address—Enter the IP address of the TFTP server in the TFTP Server IP

field.

2

STEP 4 Click Save. You must then specify the MAC address of the clients that will be

downloading files and the filename of the configuration file they need to
download. See Adding a DHCP Client to Configuration File Map, page 39.

Adding a DHCP Client to Configuration File Map

In order to have devices connected to the RV180/RV180W automatically
download configuration files, you must add the MAC address of the devices and
the filename of the configuration file they need to download. This table displays
the list of currently configured DHCP Client MAC addresses and configuration
filenames. Click Edit to edit the MAC address or boot filename for a particular
entry. Click Delete to delete a particular entry.

To add a new device:

STEP 1 Click Add.

STEP 2 Enter the MAC address of the device that will download configuration files.

STEP 3 Enter the filename of the file that the device should download.

STEP 4 Click Save.

Cisco RV180/RV180W Administration Guide 39

Configuring Networking

Configuring the LAN (Local Network) Settings

Viewing DHCP Leased Clients

You can view a list of endpoints on the network (identified by MAC address) and
see the IP address assigned to them by the DHCP server. The VLAN of the
endpoint is also displayed.

STEP 1 Choose Networking > LAN > DHCP Leased Clients (LAN).

STEP 2 The list of endpoints is displayed; you cannot edit this list.

Configuring RSTP (Cisco RV180W)

Rapid Spanning Tree Protocol (RSTP) is a network protocol that prevents loops in
the network and dynamically reconfigures which physical links should forward
frames. When RTSP is configured, multiple paths to the root networking node are
created. Backup paths are automatically disabled unless the active path to the root
node is down. If that occurs, a backup path is enabled.

2

NOTE RSTP is not aware of virtual LANs (VLANs) in a network, so it is not recommended

for use in a network with VLANs.

To configure RTSP:

STEP 1 Choose Networking > LAN > RSTP.

STEP 2 Check Enable to enable RSTP.

STEP 3 Configure the following settings:

Bridge Priority Enter a bridge priority from 0 to 61440 in

increments of 4096. Valid values are 0, 4096, 8192,
12288, 16384, 20480, 24576, 28672, 32768,
40960, 45056, 49152, 53248, 57344, and 61440.

This value is the priority component of the bridge
identifier of the network node. The lower the
system priority, the more likely the Cisco RV180W
is to become the root in the Spanning Tree. The
default is 327688.

Cisco RV180/RV180W Administration Guide 40

Configuring Networking

Configuring the LAN (Local Network) Settings

Hello Time The hello time is the time period that the root of the

Max Age The max age is the time period that the router waits

Forward Delay The forward delay is the interval spent by a port in

Migrate Time Migrate time is the maximum time spent by a port

2

spanning tree waits before sending hello
messages. Enter a number from 1 to 10 seconds.
The default is 2.

to receive a hello message. If the max age is
reached, the router tries to change the spanning
tree to use another path to the root node. Enter a
number from 6 to 40 seconds. The default is 20.

learning state before moving to the forwarding
state. Enter a number from 4 to 30 seconds. The
default is 15.

locked in RSTP mode. As soon as this timer
expires, the port adapts to the mode (RSTP/STP)
that corresponds to the next hello message. Enter a
number from 0 to 65535. The default is 3.

STEP 4 In the Port Configuration Table, you can select a port and configure the following:

Interface Displays the interface that is a port of the RSTP-

enabled bridge.

Port Priority The priority assigned tot he bridge port for

determining the root port.

Edge Status Displays the edge status of the port.

Port Cost The cost of using the interface-based connection.

STEP 5 Click Save.

Cisco RV180/RV180W Administration Guide 41

Configuring Networking

Configuring Routing

STEP 1 Choose Networking > LAN > Jumbo Frames.

STEP 2 Check the Enable box.

STEP 3 Click Save.

2

Configuring Jumbo Frames

A standard Ethernet frame contains 1,500 bytes of data. Enabling the Jumbo
Frames feature allows the switch to send jumbo frames within the LAN containing
up to 9,000 bytes of data per frame. You can configure the Cisco RV180/RV180W
to support jumbo frames. After support is enabled, devices on the LAN side of the
network can exchange traffic that contains jumbo frames. To configure jumbo
frames:

Configuring Routing

Choosing the Routing Mode

The Cisco RV180/RV180W provides two different routing modes. Network
Address Translation (NAT), or gateway routing, is a technique that allows several
endpoints on a LAN to share an Internet connection. The computers on the LAN
use a “private” IP address range while the WAN port on the router is configured
with a single “public” IP address. The Cisco RV180/RV180W translates the internal
private addresses into a public address, hiding internal IP addresses from
computers on the Internet. If your ISP has assigned you a single IP address, you
want to use NAT so that the computers that connect through the Cisco RV180/
RV180W are assigned IP addresses from a private subnet (for example,

192.168.10.0).

The other routing mode, “router,” is used if your ISP has assigned you multiple IP
addresses so that you have an IP address for each endpoint on your network. You
must configure either static or dynamic routes if you use this type of routing. See

Configuring Static Routes, page 45, or Configuring Dynamic Routing, page 46.

To choose your routing mode:

STEP 1 Select Networking > Routing > Routing Mode.

STEP 2 Click the box next to the type of routing to configure.

Cisco RV180/RV180W Administration Guide 42

Configuring Networking

Configuring Routing

STEP 3 Click Save.

NOTE If you have already configured DMZ or firewall settings on your router in gateway

STEP 1 Choose Networking > Routing > Routing Table.

STEP 2 Next to the type of network you have, click Display.

2

(NAT) mode, selecting “router” changes those settings back to the default.

Viewing Routing Information

To view routing information your network:

Information about your network routing is displayed, including the following:

IPv4 Routing Table

• Destination—Destination host/network IP address for which this route is

added.

• Gateway—The gateway used for this route.

• Genmask—The netmask for the destination network.

• Metric—The distance to the target (usually counted in hops).

• Ref—Number of references to this route.

• Use—Count of lookups for the route. Depending on the use of -F and -C, this

is either route cache misses (-F) or hits (-C).

• Interface—Interface to which packets for this route will be sent.

• Type—Type of routing used (RIP or static).

• Flags—For debugging purpose only; possible flags include:

- UP—Route is up.

- Host—Target is a host.

- Gateway—Use gateway.

- R—Reinstate route for dynamic routing.

- D—Dynamically installed by daemon or redirect.

Cisco RV180/RV180W Administration Guide 43

Configuring Networking

Configuring Routing

2

- M—Modified from routing daemon or redirect.

- A—Installed by

- C—Cache entry.

- !—Reject route.

IPv6 Routing Table

• Destination—Destination host/network IP address for which this route is

added.

• Next Hop—IP address of an adjacent or intermediate host or router through

which traffic must flow before reaching its ultimate destination.

• Flags—For debugging purpose only; possible flags include:

- UP—Route is up.

- Host—Target is a host.

- Gateway—Use gateway.

- R—Reinstate route for dynamic routing.

- D—Dynamically installed by daemon or redirect.

addrconf

.

- M—Modified from routing daemon or redirect.

- A—Installed by

- C—Cache entry.

- !—Reject route.

• Metric—The distance to the target (usually counted in hops).

• Ref—Number of references to this route.

• Use—Count of lookups for the route. Depending on the use of -F and -C, this

is either route cache misses (-F) or hits (-C).

• Interface—Interface to which packets for this route will be sent.

• Type—Type of routing used (RIP or static).

addrconf

.

Cisco RV180/RV180W Administration Guide 44

Configuring Networking

Configuring Routing

STEP 1 Select Networking > Routing > Static Routes.

2

Configuring Static Routes

You can configure static routes to direct packets to the destination network. A
static route is a pre-determined pathway that a packet must travel to reach a
specific host or network. Some ISPs require static routes to build your routing
table instead of using dynamic routing protocols. Static routes do not require CPU
resources to exchange routing information with a peer router. You can also use
static routes to reach peer routers that do not support dynamic routing protocols.
Static routes can be used together with dynamic routes. Be careful not to
introduce routing loops in your network.

Adding a Static Route

To create a static route:

STEP 2 In the Static Route Table, click Add.

STEP 3 In the Route Name field, enter the name of the route.

STEP 4 If a route is to be immediately active, check the Active check box. When a route is

added in an inactive state, it will be listed in the routing table, but will not be used
by the router. The route can be enabled later. This feature is useful if the network
that the route connects to is not available when you added the route. When the
network becomes available, the route can be enabled.

STEP 5 Check the Private check box to mark this route as private, which means that it will

not be shared in a Routing Information Protocol (RIP) broadcast or multicast.
Uncheck this box if the route can be shared with other routers when RIP is
enabled.

STEP 6 In the Destination IP Address field, enter the IP address of the destination host or

network to which the route leads. For a standard Class C IP domain, the network
address is the first three fields of the Destination LAN IP; the last field should be
zero.

STEP 7 In the IP Subnet Mask field, enter the IPv4 Subnet Mask for the destination host or

network. For Class C IP domains, the Subnet Mask is 255.255.255.0.

STEP 8 From the Interface drop-down menu, choose the physical network interface

through which this route is accessible (WAN or LAN).

STEP 9 In the Gateway IP Address field, enter the IP Address of the gateway through

which the destination host or network can be reached. If this router is used to
connect your network to the Internet, then your gateway IP is the router's IP

Cisco RV180/RV180W Administration Guide 45

Configuring Networking

Configuring Routing

STEP 10 In the Metric field, enter a value between 2 and 15 to define the priority of the

STEP 11 Click Save.

2

address. If you have another router handling your network's Internet connection,
enter the IP address of that router instead.

route. If multiple routes to the same destination exist, the route with the lowest
metric is chosen.

Configuring Dynamic Routing

RIP (Routing Information Protocol, RFC 2453) is an Interior Gateway Protocol (IGP)
that is commonly used in internal networks. It allows the Cisco RV180/RV180W to
exchange its routing information automatically with other routers, and allows it to
dynamically adjust its routing tables and adapt to changes in the network.

NOTE RIP is disabled by default on the Cisco RV180/RV180W.

To configure dynamic routing:

STEP 1 Choose Networking > Routing > Dynamic Routing.

STEP 2 To configure how the router sends and receives RIP packets, choose the RIP

direction:

• None—The router neither broadcasts its route table nor does it accept any

RIP packets from other routers. This option disables RIP.

• In Only—The router accepts RIP information from other router, but does not

broadcast its routing table.

• Out Only—The router broadcasts its routing table periodically but does not

accept RIP information from other routers.

• Both—The router both broadcasts its routing table and also processes RIP

information received from other routers.

STEP 3 Choose the RIP version:

• Disabled.

• RIP-1—This is a class-based routing version that does not include subnet

information. RIP-1 is the most commonly supported version.

Cisco RV180/RV180W Administration Guide 46

Configuring Networking

Configuring Port Management

STEP 4 RIP v2 authentication forces authentication of RIP packets before routes are

exchanged with other routers. It acts as a security feature because routes are
exchanged only with trusted routers in the network. RIP authentication is disabled
by default. You can enter two key parameters so that routes can be exchanged
with multiple routers present in the network. The second key also acts as a failsafe
when authorization with first key fails. To enable authentication for RIP-2B or RIP­2M, check the Enable box. (You must also choose the direction as explained in
Step 2.)

STEP 5 If you enabled RIP v2 authentication, enter the following first and second key

parameters:

2

• RIP-2B—This version broadcasts data in the entire subnet.

• RIP-2M—This version sends data to multicast addresses.

• MD5 Key ID—Input the unique MD-5 key ID used to create the Authentication

Data for this RIP v2 message.

• MD5 Auth Key—Input the auth key for this MD5 key, the auth key that is

encrypted and sent along with the RIP-V2 message.

• Not Valid Before—Enter the start date when the auth key is valid for

authentication.

• Not Valid After—Enter the end date when the auth key is valid for

authentication.

STEP 6 Click Save.

Configuring Port Management

The Cisco RV180/RV180W has four LAN ports and one WAN port. You can enable
or disable ports, configure if the port is half- or full-duplex, and set the port speed.

To configure ports:

STEP 1 Choose Networking > Port Management.

STEP 2 In the Port Management Setting Table, to enable a port, check the Enable box. To

disable the port, uncheck the Enable box. By default, all ports are enabled.

Cisco RV180/RV180W Administration Guide 47

Configuring Networking

Configuring Dynamic DNS (DDNS)

STEP 3 Check the Auto Negotiation box to let the router and network determine the

optimal port settings. By default, automatic mode is enabled. This setting is
available only when the Enable box is checked.

STEP 4 Check the Flow Control box to enable flow control.

STEP 5 (Optional) Choose either half- or full-duplex based on the port support. The default

is full-duplex for all ports. This setting is available only when the Auto check box is
unchecked.

STEP 6 (Optional) Select one of the following port speeds: 10 Mbps, 100 Mbps, or 1000

Mbps. The default setting is 100 Mbps for all ports. This setting is available only
when the Auto Negotiation check box is unchecked. You can change the port
speed if a network is designed to run at a particular speed, such as 10 Mbps
mode. In this case, the endpoint also uses 10 Mbps mode either by auto­negotiation or manual setting.

2

STEP 7 Click Save.

Configuring Dynamic DNS (DDNS)

DDNS is an Internet service that allows routers with varying public IP addresses to
be located using Internet domain names. To use DDNS, you must set up an account
with a DDNS provider such as DynDNS.com, TZO.com, or 3322.org.

The router will notify dynamic DNS servers of changes in the WAN IP address, so
that any public services on your network can be accessed by using the domain
name.

To configure DDNS:

STEP 1 Choose Networking > Dynamic DNS.

STEP 2 Select the Dynamic DNS Service you are using. Selecting None disables this

service.

STEP 3 If you selected DynDNS.com:

a. Specify the complete Host Name and Domain Name for the DDNS service.

b. Enter the DynDNS account username.

c. Enter the password for the DynDNS account.

Cisco RV180/RV180W Administration Guide 48

Configuring Networking

Configuring Dynamic DNS (DDNS)

d. Enter the password again to confirm.

e. Check the Use Wildcards box to enable the wildcards feature, which allows all

subdomains of your DynDNS Host Name to share the same public IP as the
Host Name. This option can be enabled here if not done on the DynDNS Web
site.

f. In the Update Period field, enter the number of hours before the Cisco RV180/

RV180W updates the host information on DynDNS.com.

STEP 4 If you selected TZO.com:

a. Specify the complete Host Name and Domain Name for the DDNS service.

b. Enter the user e-mail address for the TZO account.

c. Enter the user key for the TZO account.

d. In the Update Period field, enter the number of hours before the Cisco RV180/

RV180W updates the host information on TZO.com.

2

STEP 5 If you selected 3322.org:

a. Specify the complete Host Name and Domain Name for the DDNS service.

b. Enter the account username.

c. Enter the password for the account.

d. Enter the password again to confirm.

e. Check the Use Wildcards box to enable the wildcards feature, which allows all

subdomains of your 3322.org Host Name to share the same public IP as the
Host Name. This option can be enabled here if not done on the 3322.org Web
site.

f. In the Update Period field, enter the number of hours before the Cisco RV180/

RV180W updates the host information on 3322.org.

STEP 6 Click Save.

Cisco RV180/RV180W Administration Guide 49

Configuring Networking

Configuring IPv6

Configuring IPv6

If you have an IPv6 network, see the following sections.

Configuring the IP Mode

To configure IPv6 properties on the Cisco RV180/RV180W, set the IP mode to
IPv6:

STEP 1 Choose Networking > IPv6 > IP Mode.

STEP 2 Click the IPv4 and IPv6 Dual-Stack radio button.

STEP 3 Click Save.

2

NOTE: The router reboots after changing the IP mode.

Configuring IPv6 WAN Settings

Configuring WAN properties for an IPv6 network differs depending on which type
of Internet connection you have. See the sections below for detailed instructions.

The Cisco RV180/RV180W can be configured to be a DHCPv6 client of the ISP for
this WAN or a static IPv6 address provided by the ISP can be assigned.

Configuring DHCPv6

When the ISP allows you to obtain the WAN IP settings via DHCP, you need to
provide details for the DHCPv6 client configuration.

STEP 1 Choose IPv6 > IPv6 WAN (Internet).

STEP 2 In the WAN (Internet) Address (IPv6) field, choose DHCPv6.

STEP 3 Choose if the DHCPv6 client on the gateway is stateless or stateful. If a stateful

client is selected, the gateway connects to the ISP's DHCPv6 server for a leased
address. For stateless DHCP, it is not necessary to have a DHCPv6 server
available at the ISP. Instead, an ICMPv6 discover message will originate from the
Cisco RV180/RV180W and is used for auto-configuration.

STEP 4 Click Save.

Cisco RV180/RV180W Administration Guide 50

Configuring Networking

Configuring IPv6

STEP 1 Choose IPv6 > IPv6 WAN (Internet).

STEP 2 In the WAN (Internet) Address (IPv6) field, choose Static IPv6.

STEP 3 Enter the IPv6 IP address assigned to your router.

STEP 4 Enter the IPv6 prefix length defined by the ISP. The IPv6 network (subnet) is

2

Configuring a Static IP Address

If your ISP assigns you a fixed address to access the Internet, choose this option.
The information needed for configuring a static IP address can be obtained from
your ISP.

identified by the initial bits of the address which are called the prefix (for example,
in the IP address 2001:0DB8:AC10:FE01::, 2001 is the prefix). All hosts in the
network have identical initial bits for their IPv6 address; the number of common
initial bits in the network’s addresses is set in this field.

STEP 5 Enter the default IPv6 gateway address, or the IP address of the server at the ISP

that this router will connect to for accessing the internet.

STEP 6 Enter the primary and secondary DNS server IP addresses on the ISP's IPv6

network. DNS servers map Internet domain names (for example, www.cisco.com)
to IP addresses.

STEP 7 Click Save.

Configuring IPv6 LAN Properties

In IPv6 mode, the LAN DHCP server is enabled by default (similar to IPv4 mode).
The DHCPv6 server assigns IPv6 addresses from configured address pools with
the IPv6 Prefix Length assigned to the LAN.

Cisco RV180/RV180W Administration Guide 51

Configuring Networking

Configuring IPv6

STEP 1 Choose Networking > IPv6 > IPv6 LAN (Local Area Network).

STEP 2 Under LAN TCP/IP Setup, in the IPv6 Address field, enter the IP address of the

STEP 3 Enter the IPv6 prefix length. The IPv6 network (subnet) is identified by the initial

STEP 4 In the DHCPv6 field, choose to disable or enable the DHCPv6 server. If enabled,

2

To configure IPv6 LAN properties:

Cisco RV180/RV180W. The default IPv6 address for the gateway is fec0::1. You
can change this 128 bit IPv6 address based on your network requirements.

bits of the address called the prefix. By default, the prefix is 64 bits long. All hosts
in the network have the identical initial bits for their IPv6 address; the number of
common initial bits in the network's addresses is set by the prefix length field.

the Cisco RV180/RV180W assigns an IP address within the specified range plus
additional specified information to any LAN endpoint that requests DHCP-served
addresses.

STEP 5 Choose the DHCP mode. If stateless is selected, an external IPv6 DHCP server is

not required as the IPv6 LAN hosts are auto-configured by the Cisco RV180/
RV180W. In this case, the router advertisement daemon (RADVD) must be
configured on this device and ICMPv6 router discovery messages are used by the
host for auto-configuration. There are no managed addresses to serve the LAN
nodes.

If stateful is selected, the IPv6 LAN host will rely on an external DHCPv6 server to
provide required configuration settings.

STEP 6 (Optional) Enter the domain name of the DHCPv6 server.

STEP 7 Enter the server preference. This field is used to indicate the preference level of

this DHCP server. DHCP advertise messages with the highest server preference
value to a LAN host are preferred over other DHCP server advertise messages.
The default is 255.

STEP 8 Choose the DNS proxy behavior:

• Use DNS Proxy—Check this box to enable DNS proxy on this LAN, or

uncheck this box to disable this proxy. When this feature is enabled, the
router acts as a proxy for all DNS requests and communicate with the ISP’s
DNS servers (as configured in the WAN settings page).

• Use DNS from ISP—This option allows the ISP to define the DNS servers

(primary/secondary) for the LAN DHCP client.

Cisco RV180/RV180W Administration Guide 52

Configuring Networking

Configuring IPv6

STEP 9 Enter the lease/rebind time. Enter the duration (in seconds) for which IP addresses

STEP 10 Click Save.

2

• Use below—If selected, the primary/secondary DNS servers configured are

used. If you chose this option, enter the IP address of the primary and
secondary DNS servers.

will be leased to endpoints on the LAN.

Configuring IPv6 Address Pools

This feature allows you to define the IPv6 delegation prefix for a range of IP
addresses to be served by the Cisco RV180/RV180W’s DHCPv6 server. Using a
delegation prefix, you can automate the process of informing other networking
equipment on the LAN of DHCP information specific for the assigned prefix.

STEP 1 Choose Networking > IPv6 > IPv6 LAN (Local Area Network).

STEP 2 In the IPv6 Address Pool Table, click Add.

STEP 3 Enter the starting IP address and ending IP address of the pool.

STEP 4 Enter the prefix length. The number of common initial bits in the network’s

addresses is set by the prefix length field.

STEP 5 Click Save.

Configuring IPv6 Static Routing

You can configure static routes to direct packets to the destination network. A
static route is a pre-determined pathway that a packet must travel to reach a
specific host or network. Some ISPs require static routes to build your routing
table instead of using dynamic routing protocols. Static routes do not require CPU
resources to exchange routing information with a peer router. You can also use
static routes to reach peer routers that do not support dynamic routing protocols.
Static routes can be used together with dynamic routes. Be careful not to
introduce routing loops in your network.

The Static Route Table lists all the static routes that have been added manually
and allows several operations on the static routes.

Cisco RV180/RV180W Administration Guide 53

Configuring Networking

Configuring IPv6

STEP 1 Select Networking > IPv6 > Routing.

STEP 2 In the list of static routes, click Add.

STEP 3 Enter the route name.

STEP 4 If a route is to be immediately active, check the Active box. When a route is added

STEP 5 In the IPv6 Destination field, enter the IPv6 address of the destination host or

2

Adding an IPv6 Static Route

To create a static route:

in an inactive state, it will be listed in the routing table, but will not be used by the
router. The route can be enabled later. This feature is useful if the network that the
route connects to is not available when you added the route. When the network
becomes available, the route can be enabled.

network for this route.

STEP 6 In the IPv6 Prefix Length field, enter the number of prefix bits in the IPv6 address

that define the destination subnet.

STEP 7 Choose the physical network interface through which this route is accessible:

• WAN (In tern et )—The route goes through the WAN interface.

• 6 to 4 Tunnel—Uses the tunnel interface to route traffic from an IPv6 network

to other IPv6 networks over an IPv4 network.

• LAN (Local Network)—The route goes through the LAN interface.

STEP 8 Enter the IP Address of the gateway through which the destination host or network

can be reached.

STEP 9 In the metric field, specify the priority of the route by choosing a value between 2

and 15. If multiple routes to the same destination exist, the route with the lowest
metric is used.

STEP 10 Click Save.

Cisco RV180/RV180W Administration Guide 54

Configuring Networking

Configuring IPv6

NOTE You must use static routes when tunneling. See Configuring IPv6 Static Routing,

STEP 1 Select Networking > IPv6 > Tunneling.

STEP 2 Next to Automatic Tunneling, check Enable.

STEP 3 If there is a remote endpoint to which you want to route IPv4 traffic, next to Remote

2

Configuring Tunneling

The Cisco RV180/RV180W provides several IPv6 tunneling methods. 6to4
tunneling allows IPv6 packets to be transmitted over an IPv4 network. 6to4
tunneling is typically used when a site or end user wants to connect to the IPv6
Internet using the existing IPv4 network.

page 53.

To configure 6to4 Tunneling:

End Point, check Enable. Enter the IP address of the remote endpoint in the field
below.

STEP 4 Click Save.

Viewing IPv6 Tunnel Information

To view IPv6 tunnel information, choose Networking > IPv6 > Tu n n e l i n g . Click
Refresh to get the latest information.

The IPv6 Tunnel Status table shows the name of tunnel and the IPv6 address that
is created on the device.

Configuring Intra-Site Automatic Tunnel Addressing Protocol (ISATAP) Tunnels

Intra-site automatic tunnel addressing protocol (ISATAP) is a method to transmit
IPv6 packets between dual-stack nodes over an IPv4 network. The Cisco RV180/
RV180W is one endpoint (a node) for the tunnel. You must also set a local endpoint,
as well as the ISATAP Subnet Prefix that defines the logical ISATAP subnet to
configure a tunnel.

Adding an ISATAP Tunnel

To add an ISATAP tunnel:

STEP 1 Choose Networking > IPv6 > Tunneling.

STEP 2 In the ISATAP Tunnel Table, click Add.

Cisco RV180/RV180W Administration Guide 55

Configuring Networking

Configuring IPv6

STEP 3 Enter the tunnel name.

STEP 4 Choose the local endpoint address, or the endpoint address for the tunnel that

STEP 5 If you chose Other IP in Step 4, enter the IPv4 address of the endpoint.

STEP 6 Enter the ISATAP subnet prefix. This is the 64-bit subnet prefix that is assigned to

STEP 7 Click Save.

2

starts with the Cisco RV180/RV180W. The endpoint can be the LAN interface (if
the LAN is configured as an IPv4 network), or another LAN IPv4 address.

the logical ISATAP subnet for this intranet. This can be obtained from your ISP or
internet registry, or derived from RFC 4193.

To modify the settings of an ISATAP tunnel:

STEP 1 Choose Networking > IPv6 > Tunneling.

STEP 2 Check the check boxes for the tunnels you want to modify.

STEP 3 Click Edit, make the changes, and click Save.

To delete an ISATAP tunnel:

STEP 1 Choose Networking > IPv6 > Tunneling.

STEP 2 Check the check boxes for the tunnels you want to delete.

STEP 3 Click Delete.

Configuring Router Advertisement

The Router Advertisement Daemon (RADVD) on the Cisco RV180/RV180W listens
for router solicitations in the IPv6 LAN and responds with router advertisements as
required. This is stateless IPv6 auto configuration, and the Cisco RV180/RV180W
distributes IPv6 prefixes to all nodes on the network.

To configure the RADVD:

STEP 1 Choose Networking > IPv6 > Router Advertisement.

STEP 2 Under Router Advertisement Status, choose Enable.

Cisco RV180/RV180W Administration Guide 56

Configuring Networking

Configuring IPv6

STEP 3 Under Advertise Mode, choose one of the following:

STEP 4 If you chose Unsolicited Multicast in Step 3, enter the advertise interval. The

STEP 5 Under RA Flags, check Managed to use the administered/stateful protocol for

2

• Unsolicited Multicast—Select this option to send router advertisements

(RAs) to all interfaces belonging to the multicast group.

• Unicast only—Select this option to restrict advertisements to well-known

IPv6 addresses only (router advertisements [RAs] are sent to the interface
belonging to the known address only).

advertise interval is a random value between the Minimum Router Advertisement
Interval and Maximum Router Advertisement Interval. (MinRtrAdvInterval = 0.33 *
MaxRtrAdvInterval.) The default is 30 seconds.

address auto configuration. Check Other to use the administered/stateful protocol
of other, non-address information auto configuration.

STEP 6 Under router preference, choose Low, Medium, or High. The router preference

provides a preference metric for default routers. The low, medium and high values
are signaled in unused bits in Router Advertisement messages. This extension is
backward compatible, both for routers (setting the router preference value) and
hosts (interpreting the router preference value). These values are ignored by hosts
that do not implement router preference. This feature is useful if there are other
RADVD-enabled devices on the LAN. The default is high.

STEP 7 Enter the MTU size. The MTU is the size of the largest packet that can be sent over

the network. The MTU is used in RAs to ensure all nodes on the network use the
same MTU value when the LAN MTU is not well-known. The default is 1500 bytes.

STEP 8 Enter the router lifetime value, or the time in seconds that the advertisement

messages will exist on the route. The default is 3600 seconds.

STEP 9 Click Save.

Configuring Router Advertisement Prefixes

To configure the RADVD available prefixes:

STEP 1 Choose Networking > IPv6 > Advertisement Prefixes.

STEP 2 Click Add.

Cisco RV180/RV180W Administration Guide 57

Configuring Networking

Configuring IPv6

STEP 3 Choose the IPv6 Prefix Type:

STEP 4 If you chose 6to4 in Step 3, enter the Site-level aggregation identifier (SLA ID.) The

STEP 5 If you chose Global/Local/ISATAP in Step 3, enter the IPv6 prefix and prefix length.

2

• 6to4—6to4 is a system that allows IPv6 packets to be transmitted over an

IPv4 network. It is used when an end user wants to connect to the IPv6
Internet using their existing IPv4 connection

• Global/Local/ISATAP—By using ISATAP, you can integrate IPv6 traffic into a

IPv4 network environment. ISATAP uses a locally assigned IPv4 address to
create a 64-bit interface identifier for IPv6.

SLA ID in the 6to4 address prefix is set to the interface ID of the interface on which
the advertisements are sent.

The IPv6 prefix specifies the IPv6 network address. The prefix length variable is a
decimal value that indicates the number of contiguous, higher-order bits of the
address that make up the network portion of the address.

STEP 6 Enter the prefix lifetime, or the length of time during which the requesting router is

allowed to use the prefix.

STEP 7 Click Save.

Cisco RV180/RV180W Administration Guide 58

Configuring Networking

Configuring IPv6

2

Cisco RV180/RV180W Administration Guide 59

Configuring the Wireless Network
(Cisco RV180W)

This chapter describes how to configure your wireless network and includes the
following sections:

• A Note About Wireless Security, page 60

• Understanding the Cisco RV180W’s Wireless Networks, page 63

3

• Configuring Basic Wireless Settings, page 63

• Configuring Advanced Wireless Settings, page 70

• Configuring Rogue Access Point Detection, page 71

• Configuring Wi-Fi Protected Setup, page 72

• Configuring a Wireless Distribution System (WDS), page 73

• Configuring Load Balancing, page 74

NOTE This chapter only applies to the Cisco RV180W model.

A Note About Wireless Security

Wireless networks are convenient and easy to install, so small businesses with
high-speed Internet access are adopting them at a rapid pace. Because wireless
networking operates by sending information over radio waves, it can be more
vulnerable to intruders than a traditional wired network. Like signals from your
cellular or cordless phones, signals from your wireless network can also be
intercepted. The following information will help you to improve your security:

• Wireless Security Tips, page 61

• General Network Security Guidelines, page 62

Cisco RV180/RV180W Administration Guide 60

Configuring the Wireless Network (Cisco RV180W)

A Note About Wireless Security

Wireless Security Tips

Since you cannot physically prevent someone from connecting to your wireless
network, you need to take some additional steps to keep your network secure:

• Change the default wireless network name or SSID

Wireless devices have a default wireless network name or Service Set
Identifier (SSID) set by the factory. This is the name of your wireless
network, and can be up to 32 characters in length.

You should change the wireless network name to something unique to
distinguish your wireless network from other wireless networks that
may exist around you, but do not use personal information (such as your
Social Security number) because this information may be available for
anyone to see when browsing for wireless networks.

3

• Change the default password

For wireless products such as access points, routers, and gateways, you
will be asked for a password when you want to change their settings.
These devices have a default password set by the factory. The default
password is often admin. Hackers know these defaults and may try to
use them to access your wireless device and change your network
settings. To thwart any unauthorized changes, customize the device’s
password so it will be hard to guess.

• Enable MAC address filtering

Cisco routers and gateways give you the ability to enable Media Access
Control (MAC) address filtering. The MAC address is a unique series of
numbers and letters assigned to every networking device. With MAC
address filtering enabled, wireless network access is provided solely
for wireless devices with specific MAC addresses. For example, you can
specify the MAC address of each computer in your network so that only
those computers can access your wireless network.

Cisco RV180/RV180W Administration Guide 61

Configuring the Wireless Network (Cisco RV180W)

A Note About Wireless Security

• Enable encryption

Encryption protects data transmitted over a wireless network. Wi-Fi
Protected Access (WPA/WPA2) and Wired Equivalency Privacy (WEP)
offer different levels of security for wireless communication. Currently,
devices that are Wi-Fi certified are required to support WPA2, but are
not required to support WEP.

A network encrypted with WPA/WPA2 is more secure than a network
encrypted with WEP, because WPA/WPA2 uses dynamic key
encryption. To protect the information as it passes over the airwaves,
you should enable the highest level of encryption supported by your
network equipment.

WEP is an older encryption standard and may be the only option
available on some older devices that do not support WPA.

3

• Keep wireless routers, access points, or gateways away from exterior walls

and windows.

• Turn wireless routers, access points, or gateways off when they are not

being used (at night, during vacations).

• Use strong passphrases that are at least eight characters in length.

Combine letters and numbers to avoid using standard words that can be
found in the dictionary.

General Network Security Guidelines

Wireless network security is useless if the underlying network is not secure. Cisco
recommends that you take the following precautions:

• Password protect all computers on the network and individually password

protect sensitive files.

• Change passwords on a regular basis.

• Install anti-virus software and personal router software.

• Disable file sharing (peer-to-peer). Some applications may open file sharing

without your consent and/or knowledge.

Cisco RV180/RV180W Administration Guide 62

Configuring the Wireless Network (Cisco RV180W)

Understanding the Cisco RV180W’s Wireless Networks

Understanding the Cisco RV180W’s Wireless Networks

The Cisco Small Business RV180W Wireless-N Multifunction Router provides four
separate virtual wireless networks. These networks can be configured and
enabled with individual settings. You can set up the multiple networks to segment
the network traffic, to allow different levels of access, such as guest access, or to
allow access for different functions such as accounting, billing, and so on.

Configuring Basic Wireless Settings

The following sections contain information on how to configure basic wireless
settings on the Cisco RV180W. These settings apply to all of the wireless
networks.

3

Configuring Radio, Mode, and Channel Settings

STEP 1 Choose Wireless > Basic Settings.

STEP 2 In the Radio field, choose Enable to enable wireless functionality for the

Cisco RV180W. Choosing Disable turns off wireless functionality for the router.

STEP 3 In the Wireless Network Mode field, choose the type of wireless network based

on the devices you have that will connect to the network:

• B/G Mixed—Select this mode if you have devices in the network that

support 802.11b and 802.11g.

• G Only—Select this mode if all devices in the wireless network only support

802.11g.

• B/G/N Mixed—Select this mode if you have devices in the network that

support 802.11b, 802.11g and 802.11n.

• N Only—Select this mode only if all devices in the wireless network support

802.11n.

• G/N Mixed—Select this mode if you have devices in the network that

support 802.11g and 802.11n.

STEP 4 Select the channel bandwidth. Available choices depend on the wireless network

mode chosen in Step 3.

STEP 5 The Control Side Band field defines the sideband which is used for the secondary

or extension channel when the AP is operating in 40 Mhz channel width. Choose

Cisco RV180/RV180W Administration Guide 63

Configuring the Wireless Network (Cisco RV180W)

Configuring Basic Wireless Settings

lower or upper. The signal components above the carrier frequency constitute the
upper sideband (USB) and those below the carrier frequency constitute the lower
sideband (LSB).

STEP 6 The Wireless Channel field specifies the frequency that the radio uses to transmit

wireless frames. Select a channel from the list of channels or choose auto to let the
Cisco RV180W determine the best channel to use based on the environment noise
levels for the available channels.

STEP 7 In the U-APSD field, choose Enable to enable the Unscheduled Automatic Power

Save Delivery (also referred to as WMM Power Save) feature that allows the radio
to conserve power. This feature is disabled by default.

STEP 8 Click Save.

Configuring Wireless Security and Other Settings

3

At a minimum, you should edit the default profiles to enable wireless security. See

A Note About Wireless Security, page 60.

You can configure wireless security and other settings for each wireless network.
To configure wireless settings:

STEP 1 Choose Wireless > Basic Settings.

STEP 2 In the Wireless Basic Settings Table, check the box on the left of the wireless

network you want to configure.

STEP 3 Click Edit to configure these network properties:

a. Enter the SSID name, or the unique name for this wireless network. Include up

to 32 characters, using any of the characters on the keyboard. For added
security, you should change the default value to a unique name.

b. Check the Broadcast SSID box if you want to allow all wireless clients within

range to be able to detect this wireless network when they are scanning the
local area for available networks. Disable this feature if you do not want to make
the SSID known. When this feature is disabled, wireless users can connect to
your wireless network only if they know the SSID (and provide the required
security credentials).

c. Enter the VLAN, or network for this wireless network. (See Chapter 2,

Configuring Networking, for more information on VLANs.) Devices connecting
to this network are assigned addresses on this VLAN. The default VLAN is 1
and if all the devices are on the same network, this can be left unchanged.

Cisco RV180/RV180W Administration Guide 64

Configuring the Wireless Network (Cisco RV180W)

Configuring Basic Wireless Settings

d. (Optional) Check the Wireless Isolation within SSID box to separate all wireless

clients within the SSID. When this feature is enabled, the wireless client can
communicate with the Cisco RV180W, but not with other clients connected
wirelessly to that SSID. For example, if the Cisco RV180W has many wireless
users, you can prevent users from accessing other parts of the network.

e. In the Max Associated Clients field, enter the maximum number of endpoints

that can connect to this network. The default value is 8. You can change this
number if you want to restrict traffic on the network to prevent it from being
overloaded, for example. The number of clients connected across all four
virtual access points cannot exceed 100.

f. Click Save.

3

Configuring Security

STEP 1 Choose Wireless > Basic Settings.

STEP 2 In the Wireless Basic Settings Table, check the box on the left of the wireless

network you want to configure.

STEP 3 Click Edit Security Mode to configure security.

STEP 4 Select the SSID to configure.

STEP 5 Click Enable under Wireless Isolation within SSID to separate all wireless clients

within the SSID.

STEP 6 In the Security field, select the type of security. All devices on this network must

use the same security mode and settings to work correctly. Cisco recommends
using the highest level of security that is supported by the devices in your
network.

• Disabled—Any device can connect to the network. Not recommended.

• Wired Equivalent Privacy (WEP)— Weak security with a basic encryption

method that is not as secure as WPA. WEP may be required if your network
devices do not support WPA; however, it is not recommended.

• Wi-Fi Protected Access (WPA) Personal—WPA is part of the wireless

security standard (802.11i) standardized by the Wi-Fi Alliance and was
intended as an intermediate measure to take the place of WEP while the

Cisco RV180/RV180W Administration Guide 65

Configuring the Wireless Network (Cisco RV180W)

Configuring Basic Wireless Settings

802.11i standard was being prepared. It supports TKIP/AES encryption. The
personal authentication is the preshared key (PSK) that is an alphanumeric
passphrase shared with the wireless peer.

• WPA Enterprise—Allows you to use WPA with RADIUS server

authentication.

• WPA2 Personal—WPA2 is the implementation of security standard

specified in the final 802.11i standard. It supports AES encryption and this
option uses preshared key (PSK) based authentication.

• WPA2 Personal Mixed—Allows both WPA and WPA2 clients to connect

simultaneously using PSK authentication.

• WPA2 Enterprise—Allows you to use WPA2 with RADIUS server

authentication.

• WPA2 Enterprise Mixed—Allows both WPA and WPA2 clients to connect

simultaneously using RADIUS authentication.

3

STEP 7 The Encryption Type appears based on the type of network you chose in Step 3:

• WPA Personal, WPA Enterprise, WPA2 Personal Mixed, WPA2 Enterprise

Mixed—TKIP+AES

• WPA2 Personal, WPA2 Enterprise—AES

STEP 8 If you chose WEP:

a. In the Authentication field, choose Open System or Shared Key. If you choose

Open System, a wireless client doesn't need to provide a shared key in order to
access the wireless network. Any client can associate to the router. If you
choose Shared Key, a wireless client must provide the correct shared key
(password) in order to access the wireless network.

b. Select the Encryption Type (64- or 128-bit WEP). The larger size keys provide

stronger encryption, making the key more difficult to crack (for example, 64-bit
WEP has a 40-bit key which is less secure than the 128-bit WEP, which has a
104-bit key).

c. (Optional) In the WEP Passphrase field, enter an alphanumeric phrase (longer

than eight characters for optimal security) and click Generate Key to generate
four unique WEP keys in the WEP Key fields below.

d. Select one of the four keys to use as the shared key that devices must have in

order to use the wireless network. If you did not generate a key in Step 7c,
enter a key directly into the WEP Key field. The length of the key should be 5
ASCII characters (or 10 hexadecimal characters) for 64-bit WEP and 13 ASCII

Cisco RV180/RV180W Administration Guide 66

Configuring the Wireless Network (Cisco RV180W)

Configuring Basic Wireless Settings

characters (or 26 hexadecimal characters) for 128-bit WEP. Valid hexadecimal
characters are “0” to “9” and “A” to “F”.

STEP 9 If you chose WPA Personal, WPA2 Personal, or WPA2 Personal Mixed:

a. Enter the WPA Key, or password/phrase that will secure the network. Devices

connecting to the network must use this phrase for authentication.

b. If you want to see the password as you are entering it, check the Unmask

Password box.

c. In the Key Renewal field, enter the number of seconds after which the Cisco

RV180W will generate a new key. These keys are internal keys exchanged
between the Cisco RV180W and connected devices. The default value (3600
seconds) is usually adequate unless you are experiencing network problems.

STEP 10 If you chose WPA Enterprise or WPA2 Enterprise Mixed, no further configuration is

required.

3

STEP 11 If you chose WPA2 Enterprise, you can check the Pre-Authentication box

(optional). Pre-authentication allows wireless clients to quickly switch between
connected wireless networks sharing the same security configuration. When a
wireless client disconnects from a wireless network, a notification is sent to the
network, which then sends the pre-authentication info to other wireless networks.

STEP 12 Click Save.

Configuring MAC Filtering

You can use MAC filtering to permit or deny access to the wireless network based
on the MAC (hardware) address of the requesting device. For example, you can
enter the MAC addresses of a set of PCs and only allow those PCs to access the
network. MAC filtering is configured for each wireless network.

STEP 1 Choose Wireless > Basic Settings.

STEP 2 In the Wireless Basic Settings Table, check the box on the left of the wireless

network you want to configure.

STEP 3 Click Edit MAC Filtering.

STEP 4 Choose Enable.

STEP 5 Under Connection Control, choose one of the following:

Cisco RV180/RV180W Administration Guide 67

Configuring the Wireless Network (Cisco RV180W)

Configuring Basic Wireless Settings

• Block following MAC addresses from connecting to wireless network—

Blocks MAC addresses specified below from connecting to the wireless
network.

• Allow only following MAC addresses to connect to wireless network—

Allows only the MAC addresses specified below to connect to the wireless
network.

STEP 6 Enter the MAC addresses of the endpoints to allow or deny. To see a list of

currently-connected clients, click Wireless Clients List.

STEP 7 Click Save.

Configuring Wi-Fi Multimedia

3

Wi-Fi Multimedia (WMM) is used to prioritize different types of traffic. You can
configure QoS settings to provide different priority to different applications, users,
or data flows, or to guarantee a certain level of performance to a data flow.

To configure WMM:

STEP 1 Choose Wireless > Basic Settings.

STEP 2 In the Wireless Basic Settings Table, check the box on the left of the wireless

network you want to configure.

STEP 3 Click Edit WMM.

STEP 4 In the SSID field, select SSID that clients use to connect to the AP.

STEP 5 Check the WMM Enable box to enable WMM based on the IEEE 802.11e standard

for this profile. WMM helps in prioritizing wireless traffic according to four access
categories:

• Voice (highest priority, 4)

• Video (high priority, 3)

• Best effort (medium priority, 2)

• Background (lowest priority, 1)

STEP 6 In the DSCP to Queue table, for each ingress DSCP, you can choose the output

queue for the traffic. The Differentiated Services Code Point (DSCP) field identifies
the data packet and the output queue identifies the output queue in which the
packet is transmitted:

Cisco RV180/RV180W Administration Guide 68

Configuring the Wireless Network (Cisco RV180W)

Configuring Basic Wireless Settings

• Voice (4) or Video (3)—High priority queue, minimum delay. Typically used to

send time-sensitive data such as video and other streaming media.

• Best Effort (2)—Medium priority queue, medium throughput and delay. Most

traditional IP data is sent to this queue.

• Background (1)—Lowest priority queue, high throughput. Bulk data that

requires maximum throughput and is not time-sensitive is typically sent to
this queue (FTP data, for example).

If you want to change the output queue for packets marked with a particular DSCP,
select the new output queue from the drop-down list.

STEP 7 Click Save.

3

Configuring Wireless Network (SSID) Scheduling

You can configure each of the four available wireless networks on the Cisco
RV180W to be active during certain times of the day. To configure the schedule for
a wireless network:

STEP 1 Choose Wireless > Basic Settings.

STEP 2 In the Wireless Basic Settings Table, check the box on the left of the wireless

network you want to configure.

STEP 3 Select the wireless network for which you want to create a schedule.

STEP 4 Click Edit SSID Scheduling.

STEP 5 Check the Enable box to allow you to create a schedule to make the network

active during certain times.

STEP 6 Enter the start and stop times for the network to be active.

STEP 7 Click Save.

Cisco RV180/RV180W Administration Guide 69

Configuring the Wireless Network (Cisco RV180W)

Configuring Advanced Wireless Settings

Configuring Advanced Wireless Settings

To configure advanced wireless settings on the Cisco RV180W:

STEP 1 Choose Wireless > Advanced Settings.

STEP 2 In the Beacon Interval field, enter the time in milliseconds between beacon

transmissions. The default interval is 100 milliseconds.

STEP 3 In the DTIM Interval field, enter the interval at which the delivery traffic indication

message should be sent. A DTIM field is a countdown field informing clients of the
next window for listening to broadcast and multicast messages. When the Cisco
RV180W has buffered broadcast or multicast messages for associated clients, it
sends the next DTIM with a DTIM Interval value. Its clients hear the beacons and
awaken to receive the broadcast and multicast messages.The default interval is 2
beacon intervals.

3

STEP 4 The Request to Send (RTS) Threshold is the packet size, in bytes, that requires the

AP to check the transmitting frames to determine if an RTS/Clear to Send (CTS)
handshake is required with the receiving client. Using a small value causes RTS
packets to be sent more often, consuming more of the available bandwidth,
reducing the apparent throughput of the network packets. The default value is
2346, which effectively disables RTS.

STEP 5 The Fragmentation Threshold is the maximum length of the frame, in bytes,

beyond which packets must be fragmented into two or more frames. Collisions
occur more often for long frames because while sending them, they occupy the
channel for a longer time. The default value is 2346, which effectively disables
fragmentation. If you experience a high packet error rate, you can slightly increase
the fragmentation threshold; setting the fragmentation threshold too low may
result in poor network performance. Only minor reduction of the default value is
recommended.

STEP 6 Choose the Preamble Mode. The 802.11b standard requires that a preamble be

appended to every frame before it is transmitted through the air. The preamble
may be either the traditional “long” preamble, which requires 192 μs for
transmission, or it may be an optional “short” preamble that requires only 96 μs. A
long preamble is needed for compatibility with the legacy 802.11 systems
operating at 1 and 2 Mbps. The default selection is long.

STEP 7 Choose the Protection Mode. Select none (the default) to turn off CTS. The CTS-

to-Self Protection option enables the CTS-to-Self protection mechanism, which is
used to minimize collisions among stations in a mixed 802.11b and 802.11g
environment. This function boosts the Cisco RV180W’s ability to catch all wireless
transmissions but severely decreases performance.

Cisco RV180/RV180W Administration Guide 70

Configuring the Wireless Network (Cisco RV180W)

Configuring Rogue Access Point Detection

STEP 8 The Short Retry Limit and Long Retry Limit fields determine the number of times

the Cisco RV180W will reattempt a frame transmission that fails. The limit applies
to both long and short frames of a size less than or equal to the RTS threshold.

STEP 9 Click Save.

Configuring Rogue Access Point Detection

You can configure the Cisco RV180W to detect rogue access points, or
unauthorized access points that have been connected to your network.

Enabling Rogue AP Detection

3

To configure rogue AP detection:

STEP 1 Choose Wireless > Rogue AP.

STEP 2 Under Rogue AP Detection, check Enable.

STEP 3 Click Save.

Authorizing a Rogue AP

If an AP has been marked as a rogue AP, and you want to authorize it to connect to
the network, you can authorize it from the Rogue AP Detected Ta b l e . To a u t h o r i ze
an endpoint:

STEP 1 Choose Wireless > Rogue AP.

STEP 2 In the Rogue AP Detected Table, check the box corresponding to the AP, then click

Authorize. Authorized APs are displayed in the Wireless > Rogue AP > Authorized
APs list.

To change the interval at which APs are displayed in the table, enter the seconds in
the Poll Interval field. You can click Start or Stop to stop the collection of data that
will be displayed in the table.

Cisco RV180/RV180W Administration Guide 71

Configuring the Wireless Network (Cisco RV180W)

Configuring Wi-Fi Protected Setup

Adding and Editing Authorized APs

To add or edit authorized APs:

STEP 1 Choose Wireless > Rogue AP > Authorized APs.

STEP 2 Click Add or check the box of an authorized AP and click Edit.

STEP 3 Select the following information:

• MAC Address—The MAC, or hardware, address of the AP.

• SSID—The broadcast name of the SSID.

• Security—The type of security the AP uses.

• Encryption—The type of encryption the AP uses.

3

• Authentication—The type of authentication the AP uses.

• Network Mode—The type of network on the AP.

• Channel—The wireless channel of the AP.

STEP 4 Click Save.

Configuring Wi-Fi Protected Setup

You can configure Wi-Fi Protected Setup (WPS) on the Cisco RV180W to allow
WPS-enabled devices to more easily connect to the wireless network.

NOTE You must configure one AP with WPA/WPA2 to use WPS.

STEP 1 Choose Wireless > WPS.

STEP 2 In the VA P field, select the wireless network on which you want to enable WPS.

The network must use WPA, WPA2, or WPA+WPA2 security.

NOTE: You can enable WPS on only one of the four networks, or virtual access
points.

STEP 3 Under WPS Status, choose Enable to allow WPS configuration. By default, WPS is

disabled.

Cisco RV180/RV180W Administration Guide 72

Configuring the Wireless Network (Cisco RV180W)

Configuring a Wireless Distribution System (WDS)

STEP 4 Click Save.

To set up a WPS-enabled device in the network:

STEP 1 Choose Wireless > WPS.

STEP 2 Choose the WPS setup method:

• Setup Using a PIN—In the WPS Setup Method section, in the Station PIN

field, enter the personal identification number (PIN) of the device you want to
connect to the network. You must log in to that device to obtain its WPS PIN.
Then click Configure via PIN. After clicking this button on the Cisco RV180W,
on the WPS-enabled device, select the necessary option to begin WPS. The
device should begin communication with the Cisco RV180W.

• Setup Using a WPS Button—If the device you want to connect has a WPS

button, push the button on the device. Then, on the Cisco RV180W, click
Configure via PBC (push button configuration).

3

Configuring a Wireless Distribution System (WDS)

A Wireless Distribution System (WDS) is a system that enables the wireless
interconnection of access points in a network. It allows a wireless network to be
expanded using multiple access points without the need for a wired backbone to
link them.

WDS peers are other access points in the network connected in the WDS. All
base stations in a WDS must be configured to use the same radio channel, method
of encryption (none, WEP, or WPA) and encryption keys.

You need to configure WDS if you are using the Cisco RV180W in WDS Bridge or
WDS Repeater mode. See Choosing the Device Mode (Cisco RV180W),

page15.

To configure WDS:

STEP 1 Choose Wireless > WDS.

STEP 2 Check the Enable box to enable WDS in the Cisco RV180W.

STEP 3 Enter a WPA Key (password) for authentication.

Cisco RV180/RV180W Administration Guide 73

Configuring the Wireless Network (Cisco RV180W)

Configuring Load Balancing

STEP 4 Click Save.

You can manually add WDS peers that can connect to the Cisco RV180W:

STEP 1 In the WDS Peer Table, click Add.

STEP 2 Enter the MAC (hardware) address of the WDS peer and click Save.

Configuring Load Balancing

You can configure load balancing on the Cisco RV180W to balance traffic
between the four available wireless networks to get optimal resource utilization,
throughput, or response time.

3

To configure load balancing:

STEP 1 Choose Wireless > Load Balancing.

STEP 2 Check Enable.

STEP 3 Under SSID Utilization Threshold, enter the utilization percentage for each SSID, or

network. When the network traffic exceeds that percentage, the Cisco RV180W
will direct traffic to one of the other networks whose threshold has not been
reached. The current utilization is displayed.

STEP 4 Click Save.

Cisco RV180/RV180W Administration Guide 74

Configuring the Wireless Network (Cisco RV180W)

Configuring Load Balancing

3

Cisco RV180/RV180W Administration Guide 75

Configuring the Wireless Network (Cisco RV180W)

Configuring Load Balancing

3

Cisco RV180/RV180W Administration Guide 76

Configuring the Firewall

This chapter contains information about configuring the firewall properties of the
Cisco RV180/RV180W and includes the following sections:

• Cisco RV180/RV180W Firewall Features, page 77

• Configuring Access Rules, page 79

• Configuring Attack Prevention, page 83

4

• Configuring Content Filtering, page 84

• Configuring URL Blocking, page 86

• Configuring Port Triggering, page 87

• Configuring Port Forwarding, page 88

• Configuring a DMZ Host, page 92

• Configuring Advanced Firewall Settings, page 92

• Firewall Configuration Examples, page 100

Cisco RV180/RV180W Firewall Features

You can secure your network by creating and applying access rules that the
Cisco RV180/RV180W uses to selectively block and allow inbound and outbound
Internet traffic. You then specify how and to what devices the rules apply. You can
configure the following:

• Services or traffic types (examples: web browsing, VoIP, other standard

services and also custom services that you define) that the router should
allow or block.

• Rules for outbound (from your LAN to the Internet) or inbound (from the

Internet to your LAN) traffic.

Cisco RV180/RV180W Administration Guide 77

Configuring the Firewall

Cisco RV180/RV180W Firewall Features

• Schedules as to when the router should apply rules.

• Keywords (in a domain name or on a URL of a web page) that the router

should allow or block.

• MAC addresses of devices whose inbound access to your network the

router should block.

• Port triggers that signal the router to allow or block access to specified

services as defined by port number.

• Reports and alerts that you want the router to send to you.

You can, for example, establish restricted-access policies based on time-of-day,
web addresses, and web address keywords. You can block Internet access by
applications and services on the LAN, such as chat rooms or games. You can block
just certain groups of PCs on your network from being accessed by the WAN or
public network.

4

Inbound (Internet to LAN) rules restrict access to traffic entering your network,
selectively allowing only specific outside users to access specific local resources.
By default, all access from the insecure WAN side is blocked from accessing the
secure LAN, except in response to requests from the LAN or DMZ. To allow
outside devices to access services on the secure LAN, you must create a firewall
rule for each service.

If you want to allow incoming traffic, you must make the router's WAN port IP
address known to the public. This is called “exposing your host.” How you make
your address known depends on how the WAN ports are configured; for the
Cisco RV180/RV180W, you may use the IP address if a static address is assigned
to the WAN port, or if your WAN address is dynamic, a DDNS (Dynamic DNS) name
can be used.

Outbound (LAN to Internet) rules restrict access to traffic leaving your network,
selectively allowing only specific local users to access specific outside resources.
The default outbound rule is to allow access from the secure zone (LAN) to the
insecure WAN. To block hosts on the secure LAN from accessing services on the
outside (insecure WAN), you must create a firewall rule for each service.

Cisco RV180/RV180W Administration Guide 78

Configuring the Firewall

Configuring Access Rules

Configuring Access Rules

Configure access rules to control traffic to and from your network. To configure
access rules, choose Firewall > Access Rules. All configured firewall rules on the
Cisco RV180/RV180W are displayed in the Access Rule Table.

Configuring the Default Outbound Policy

You can configure the default outbound policy for the traffic that is directed from
your secure network (LAN) to the Internet. The default
flowing from the Internet to your LAN is always blocked and cannot be changed.
The

default outbound policy

firewall rules that you have configured. For example, you may have specific
firewall rules restricting outbound instant messaging and video traffic, but all other
traffic would be permitted if you choose allow as the default outbound policy.

4

inbound

applies to traffic that is not covered by the specific

policy for traffic

To configure the default outbound policy:

STEP 1 Choose Firewall > Access Rules.

STEP 2 Under Default Outbound Policy, choose Allow or Block. Allow permits traffic from

your LAN to the Internet. Block does not permit traffic from your LAN to the
Internet.

STEP 3 Click Save.

Using the Access Rules Table

In the Access Rules table, you can add, edit, enable, disable, and delete access
rules. Check the box next to the rule on which you want to perform the action, then
select the action from the buttons below the table.

Reordering Access Rules

You may want to reorder the access rules you have created to change the priority
of a rule. To reorder access rules:

STEP 1 Click Reorder.

STEP 2 In the Access Rule Table, check the rule that you want to move, and click the Up or

Down arrow to move it up or down the list.

STEP 3 Click Save.

Cisco RV180/RV180W Administration Guide 79

Configuring the Firewall

Configuring Access Rules

STEP 1 Choose Firewall > Access Rules.

STEP 2 Click Add Rule.

STEP 3 Under Connection Type, choose the destination of traffic covered by this rule:

STEP 4 Choose the action:

4

Creating an Access Rule

Access rules specify the type of traffic that is allowed into and out of your
network. To create access rules:

• Inbound—Traffic from the Internet (WAN) to your network (LAN)

• Outbound—Traffic from your network (LAN) to the Internet (WAN)

• Always Block—Always block the selected type of traffic.

• Always Allow—Never block the selected type of traffic.

• Block by schedule, otherwise allow—Blocks the selected type of traffic

according to a schedule. Choose the schedule from the drop-down list. See

Creating Schedules, page 96.

• Allow by schedule, otherwise block—Allows the selected type of traffic

according to a schedule. Choose the schedule from the drop-down list. See

Creating Schedules, page 96.

STEP 5 Choose the service to allow or block for this rule. Choose Any Traffic to allow the

rule to apply to all applications and services, or you can choose a single
application to block:

• AIM (AOL Instant Messenger)

• BGP (Border Gateway Control)

• BOOTP_CLIENT (Bootstrap Protocol client)

• BOOTP_SERVER (Bootstrap Protocol server)

• CU-SEEME (videoconferencing) UDP or TCP

• DNS (Domain Name System), UDP or TCP

• FINGER

• FTP (File Transfer Protocol)

• HTTP (Hyptertext Transfer Protocol)

Cisco RV180/RV180W Administration Guide 80

Configuring the Firewall

Configuring Access Rules

4

• HTTPS (Secure Hypertext Transfer Protocol)

• ICMP (Internet Control Message Protocol) type 3 through 11 or 13

• ICQ (chat)

• IMAP (Internet Message Access Protocol) 2 or 3

• IRC (Internet Relay Chat)

• NEWS

• NFS (Network File System)

• NNTP (Network News Transfer Protocol)

• PING

• POP3 (Post Office Protocol)

• PPTP (Point-to-Point Tunneling Protocol)

• RCMD (command)

• REAL-AUDIO

• REXEC (Remote execution command)

• RLOGIN (Remote login)

• RTELNET (Remote telnet)

• RTSP (Real-Time Streaming Protocol) TCP or UDP

• SFTP (Secure Shell File Transfer Protocol)

• SMTP (Simple Mail Transfer Protocol)

• SNMP (Simple Network Management Protocol) TCP or UDP

• SNMP-TRAPS (TCP or UDP)

• SQL-NET (Structured Query Language)

• SSH (TCP or UDP)

• STRMWORKS

• TACACS (Terminal Access Controller Access-Control System)

• TELNET (command)

• TFTP (Trivial File Transfer Protocol)

Cisco RV180/RV180W Administration Guide 81

Configuring the Firewall

Configuring Access Rules

STEP 6 In the Source IP field, configure the IP address to which the firewall rule applies:

4

• RIP (Routing Information Protocol)

• IKE

• SHTTPD (Simple HTTPD web server)

• IPSEC-UDP-ENCAP (UDP Encapsulation of IPsec packets)

• IDENT protocol

• VDOLIVE (live web video delivery)

• SSH (secure shell)

• SIP-TCP or SIP-UDP

• Any—The rule applies to traffic originating from any IP address in the local

network.

• Single Address—The rule applies to traffic originating from a single IP

address in the local network. Enter the address in the Start field.

• Address Range—The rule applies to traffic originating from an IP address

located in a range of addresses. Enter the starting IP address in the Start
field, and the ending IP address in the Finish field.

STEP 7 If you are configuring an inbound firewall access rule:

a. Destination Network Address Translation (DNAT) maps a public IP address

(your dedicated WAN address) to an IP address on your private network. In the
Send to Local Server (DNAT IP) field, specify an IP address of a machine on the
Local Network which is hosting the server.

b. The router supports multi-NAT, so your Internet Destination IP address does not

have to be the address of your WAN. On a single WAN interface, multiple public
IP addresses are supported. If your ISP assigns you more than one public IP
address, one of these can be used as your primary IP address on the WAN
port, and the others can be assigned to servers on the LAN. In this way, the
LAN can be accessed from the internet by its aliased public IP address. Check
the Enable box and enter the IP address you want to use.

c. Under Rule Status, choose Enabled or Disabled. You may want to configure a

rule and choose Disabled if you want to enable it at a later time.

Cisco RV180/RV180W Administration Guide 82

Configuring the Firewall

Configuring Attack Prevention

STEP 8 If you are configuring an outbound firewall access rule:

4

a. In the Destination IP field, configure the IP address to which the firewall rule

applies:

• Any—The rule applies to traffic going to any IP address.

• Single Address—The rule applies to traffic going to a single IP address.

Enter the address in the Start field.

• Address Range—The rule applies to traffic going to an IP address located in

a range of addresses. Enter the starting IP address in the Start field, and the
ending IP address in the Finish field.

b. You can configure Secure Network Address Translation (SNAT) to map a public

IP address (your Dedicated WAN address, Optional WAN address, or another
address) to an IP address on your private network. Under Use This SNAT IP
Address, check Enable and enter the SNAT IP Address.

c. Under Rule Status, choose Enabled or Disabled. You may want to configure a

rule and choose Disabled if you want to enable it at a later time.

Configuring Attack Prevention

Attacks are malicious security breaches or unintentional network issues that
render the Cisco RV180/RV180W unusable. Attack prevention allows you to
manage WAN security threats such as continual ping requests and discovery via
ARP scans. TCP and UDP flood attack prevention can be enabled to manage
extreme usage of WAN resources.

As well, certain Denial-of-Service (DoS) attacks can be blocked. These attacks, if
uninhibited, can use up processing power and bandwidth and prevent regular
network services from running normally. ICMP packet flooding, SYN traffic
flooding, and Echo storm thresholds can be configured to temporarily suspend
traffic from the offending source.

To configure attack prevention:

STEP 1 Choose Firewall > Attack Prevention.

Cisco RV180/RV180W Administration Guide 83

Configuring the Firewall

Configuring Content Filtering

STEP 2 Check the boxes to enable the following functions:

4

• WAN (In tern et ) S ecurit y Chec ks

- Respond to Ping on WAN (Internet)—To configure the Cisco RV180/

RV180W to allow a response to an Internet Control Message Protocol
(ICMP) Echo (ping) request on the WAN interface, check this box. This
setting is used as a diagnostic tool for connectivity problems. Not
enabled by default.

- Stealth Mode—If Stealth Mode is enabled, the router will not respond to

port scans from the WAN. This feature makes the network less
susceptible to discovery and attacks. Enabled by default.

- Flood— If this option is enabled, the router will drop all invalid TCP

packets. This feature protects the network from a SYN flood attack.
Enabled by default.

• LAN (Local Network) Security Checks

- Block UDP Flood—If this option is enabled, the router will not accept

more than 500 simultaneous, active UDP connections from a single
computer on the LAN. Enabled by default.

• ICSA (International Computer Security Association) Settings

- Block Anonymous ICMP Messages—ICSA requires the firewall to silently

block without sending an ICMP notification to the sender. Some
protocols, such as MTU Path Discovery, require ICMP notifications.
Enable this setting to operate in “stealth” mode. Enabled by default.

- Block Fragmented Packets—ICSA requires the firewall to block

fragmented packets from ANY to ANY. Enabled by default.

- Block Multicast Packets—ICSA requires the firewall to block multicast

packets. Enabled by default.

STEP 3 Click Save.

Configuring Content Filtering

The Cisco RV180/RV180W supports several content filtering options. You can
block certain web applications or components (such as ActiveX or Java). You can
set up trusted domains from which to always allow content.

Cisco RV180/RV180W Administration Guide 84

Configuring the Firewall

Configuring Content Filtering

STEP 1 Choose Firewall > Content Filtering.

STEP 2 Check the Enable box.

STEP 3 Click Save.

4

Enabling Content Filtering

To enable content filtering:

Blocking Web Components

Certain commonly-used web components can be blocked for increased security.
Some of these components can be used by malicious websites to infect
computers that access them.

STEP 1 Choose Firewall > Content Filtering.

STEP 2 With content filtering enabled, under Web Components, select the check box for

each component you wish to block:

• Block Proxy—A proxy server (or simply, proxy) allows computers to route

connections to other computers through the proxy, thus circumventing
certain firewall rules. For example, if connections to a specific IP address are
blocked by a firewall rule, the requests can be routed through a proxy that is
not blocked by the rule, rendering the restriction ineffective. Enabling this
feature blocks proxy servers.

• Block Java—Blocks java applets from being downloaded from pages that

contain them. Java applets are small programs embedded in web pages that
enable dynamic functionality of the page. A malicious applet can be used to
compromise or infect computers. Enabling this setting blocks Java applets
from being downloaded.

• Block ActiveX—Similar to Java applets, ActiveX controls are installed on a

Windows computer while running Internet Explorer. A malicious ActiveX
control can be used to compromise or infect computers. Enabling this setting
blocks ActiveX applets from being downloaded.

Cisco RV180/RV180W Administration Guide 85

Configuring the Firewall

Configuring URL Blocking

STEP 3 Click Save.

4

• Block Cookies—Cookies are used to store session information by websites

that usually require login. However, several websites use cookies to store
tracking information and browsing habits. Enabling this option filters out
cookies from being created by a website.

NOTE: Many websites require that cookies be accepted in order for the site to be
accessed properly. Blocking cookies can cause many websites to not function
properly.

Adding Trusted Domains

You can add a list of trusted domains. These domains are bypassed during
keyword filtering. For example, if “yahoo” is added to the blocked keywords list
and www.yahoo.com is added to the trusted domain list, then www.yahoo.com
will be allowed, but mail.yahoo.com will not be allowed.

NOTE Before adding trusted domains, you must enable content filtering. See Enabling

Content Filtering, page 85.

To add trusted domains:

STEP 1 Choose Firewall > Content Filtering. The Trusted Domain Table displays a list of

currently configured trusted domains.

STEP 2 Click Add and enter the name of the trusted domain.

STEP 3 Click Save.

Configuring URL Blocking

You can block access to websites that contain specific keywords in the URL or
page contents. If these keywords are found in the site's name (for example, web
site URL or newsgroup name), the site is blocked. To configure URL blocking:

STEP 1 Choose Firewall > URL Blocking. The table displays currently blocked keywords.

STEP 2 Click Add Row.

STEP 3 Under Status, check the box to enable blocking for the new keyword.

Cisco RV180/RV180W Administration Guide 86

Configuring the Firewall

Configuring Port Triggering

STEP 4 Select the group to which to apply the keyword blocking. If you need to configure

a new group, click Configure LAN Groups. (See Configuring LAN (Local

Network) Groups, page 98.)

STEP 5 Enter the keyword to block.

STEP 6 Click Save.

Configuring Port Triggering

Port triggering allows devices on the LAN to request one or more ports to be
forwarded to them. Port triggering waits for an outbound request from the LAN on
one of the defined outgoing ports, and then opens an incoming port for that
specified type of traffic. Port triggering is a form of dynamic port forwarding while
an application is transmitting data over the opened outgoing or incoming ports.

4

Port triggering opens an incoming port for a specific type of traffic on a defined
outgoing port.

Port triggering is more flexible than static port forwarding (available when
configuring firewall rules) because a rule does not have to reference a specific
LAN IP or IP range. Ports are also not left open when not in use, thereby providing
a level of security that port forwarding does not offer.

NOTE Port triggering is not appropriate for servers on the LAN, since there is a

dependency on the LAN device making an outgoing connection before incoming
ports are opened.

Some applications require that, when external devices connect to them, they
receive data on a specific port or range of ports in order to function properly. The
router must send all incoming data for that application only on the required port or
range of ports. The gateway has a list of common applications and games with
corresponding outbound and inbound ports to open. You can also specify a port
triggering rule by defining the type of traffic (TCP or UDP) and the range of
incoming and outgoing ports to open when enabled.

Cisco RV180/RV180W Administration Guide 87

Configuring the Firewall

Configuring Port Forwarding

STEP 1 Choose Firewall > Port Triggering.

STEP 2 Click Add.

STEP 3 Specify an easily-identifiable name for this rule.

STEP 4 Check the Enable box to enable the rule.

STEP 5 Select whether the port uses TCP, UDP, or both protocols.

STEP 6 In the Outgoing (Trigger) Port Range section, specify the port number or range of

4

Adding a Port Triggering Rule

To add a port triggering rule:

port numbers that will trigger this rule when a connection request from outgoing
traffic is made. If the outgoing connection uses only one port, then specify the
same port number in the Start Port and End Port fields.

STEP 7 In the Incoming (Response) Port Range section, specify the port number or range

of port numbers used by the remote system to respond to the request it receives.
If the incoming connection uses only one port, then specify the same port number
in the Start Port and End Port fields.

STEP 8 Click Save.

Configuring Port Forwarding

Port forwarding is used to redirect traffic from the Internet from one port on the
WAN to another port on the LAN. The port forwarding rules menu allows selection
of a service. Common services are available or you can define a custom service
and associated ports to forward.

The Port Forwarding Rule Table lists all the available port forwarding rules for this
device and allows you to configure port forwarding rules. The table contains the
following information:

• Action—Whether to block or allow traffic (always or by schedule) that

meets these filter rules, and when the rule is applicable.

• Service—Service for which this port forwarding rule is applicable.

Cisco RV180/RV180W Administration Guide 88

Configuring the Firewall

Configuring Port Forwarding

4

• Status—A port forwarding rule can be disabled if not in use and enabled

when needed. The port forwarding rule is disabled if the status is disabled
and it is enabled if the status is enabled. Disabling a port forwarding rule
does not delete the configuration.

• Source IP—The source IP address for traffic from which traffic is forwarded

(Any, Single Address or Address Range).

• Destination IP—The IP address of the server to which traffic is forwarded.

• Internal Port—To which port traffic will be forwarded.

Adding a Port Forwarding Configuration

To configure port forwarding:

STEP 1 Choose Firewall > Port Forwarding.

STEP 2 Click Add.

STEP 3 Choose the action:

• Always Block—Always block the selected type of traffic.

• Always Allow—Never block the selected type of traffic.

• Block by Schedule—Blocks the selected type of traffic according to a

schedule. Choose the schedule from the drop-down list. See Creating

Schedules, page 96.

• Allow by Schedule—Allows the selected type of traffic according to a

schedule. Choose the schedule from the drop-down list. See Creating

Schedules, page 96.

STEP 4 Under Service, select one of the common or custom services defined for this

device:

• AIM (AOL Instant Messenger)

• BGP (Border Gateway Control)

• BOOTP_CLIENT (Bootstrap Protocol client)

• BOOTP_SERVER (Bootstrap Protocol server)

• CU-SEEME (videoconferencing) UDP or TCP

• DNS (Domain Name System), UDP or TCP

Cisco RV180/RV180W Administration Guide 89

Configuring the Firewall

Configuring Port Forwarding

4

• FINGER

• FTP (File Transfer Protocol)

• HTTP (Hyptertext Transfer Protocol)

• HTTPS (Secure Hypertext Transfer Protocol)

• ICMP (Internet Control Message Protocol) type 3 through 11 or 13

• ICQ (chat)

• IMAP (Internet Message Access Protocol) 2 or 3

• IRC (Internet Relay Chat)

• NEWS

• NFS (Network File System)

• NNTP (Network News Transfer Protocol)

• PING

• POP3 (Post Office Protocol)

• PPTP (Point-to-Point Tunneling Protocol)

• RCMD (command)

• REAL-AUDIO

• REXEC (Remote execution command)

• RLOGIN (Remote login)

• RTELNET (Remote telnet)

• RTSP (Real-Time Streaming Protocol) TCP or UDP

• SFTP (Secure Shell File Transfer Protocol)

• SMTP (Simple Mail Transfer Protocol)

• SNMP (Simple Network Management Protocol) TCP or UDP

• SNMP-TRAPS (TCP or UDP)

• SQL-NET (Structured Query Language)

• SSH (TCP or UDP)

• STRMWORKS

Cisco RV180/RV180W Administration Guide 90

Configuring the Firewall

Configuring Port Forwarding

4

• TACACS (Terminal Access Controller Access-Control System)

• TELNET (command)

• TFTP (Trivial File Transfer Protocol)

• RIP (Routing Information Protocol)

• IKE

• SHTTPD (Simple HTTPD web server)

• IPSEC-UDP-ENCAP (UDP Encapsulation of IPsec packets)

• IDENT protocol

• VDOLIVE (live web video delivery)

• SSH (secure shell)

• SIP-TCP or SIP-UDP

STEP 5 Select the Source IP:

• Any—Specifies that the rule being created is for traffic from the given

endpoint.

• Single Address—Limit to one host. Requires the IP address of the host to

which this rule would be applied.

• Address Range—This is used to apply this rule to a group of computers/

devices within an IP address range. Requires a from IP address and to IP
address.

STEP 6 If you chose Single Address in Step 5, enter the IP address in the Start field.

STEP 7 If you chose Address Range in Step 5, enter the starting IP address of the range in

the Start field and the ending IP address of the range in the Finish field.

STEP 8 If you chose Always Allow, Block by Schedule, or Allow by Schedule in Step 3:

a. Enter the Destination IP address, or the address where traffic meeting the rule

should be sent.

b. In the Internal Port field, enter the port to which traffic should be forwarded.

STEP 9 Click Save.

Cisco RV180/RV180W Administration Guide 91