Cisco Small Business RV220W Administration Manual
Cisco Small Business
RV220W Wireless-N Network Security Firewall
ADMINISTRATION
GUIDE
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks,
go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner
does not imply a partnership relationship between Cisco and any other company. (1110R)
© 2011 Cisco Systems, Inc. All rights reserved. 78-19743-01 D0
Contents
Chapter 1: Introduction 11
Product Overview 11
Configuring the RV220W 12
Logging In 12
Setting Up the Cisco RV220W Using the Setup Wizard 13
Using the Getting Started Page 13
Features of the User Interface 14
Suggested Next Steps 15
Chapter 2: Configuring Networking 16
WAN Settings for IPv4 16
Configuring the IPv4 WAN Settings 17
PPPoE Profiles for Point-to-Point Protocol over Ethernet Connections 20
Managing PPPoE Profiles 20
Adding and Editing PPPoE Profile Settings 21
LAN Configuration for IPv4 22
IPv4 LAN (Local Network) 22
VLAN Membership 24
Multiple VLAN Subnets 26
Viewing the Multiple VLAN Subnets Table 26
Entering the Multiple VLAN Subnets Properties 26
Static DHCP 28
Advanced DHCP Configuration 29
DHCP Leased Clients 30
Jumbo Frames 30
Routing 31
Routing Mode 31
Routing Table 32
Static Routes 33
Dynamic Routing 35
Port Management 37
Cisco RV220W Administration Guide 3
Managing Static Routes 33
Configuring Static Routes 34
Contents
Dynamic DNS 38
IPv6 39
IP Mode 39
IPv6 WAN (Internet) 40
Configuring IPv6 LAN Properties 41
Configuring IPv6 Static Routing 43
Managing IPv6 Static Routes 43
Configuring an IPv6 Static Route 44
Configuring IPv6-to-IPv4 Tunneling 45
Configuring an ISATAP Tunnel 46
Configuring Router Advertisement 46
RADVD Advertisement Prefixes 48
Managing Advertisement Prefixes 48
Adding and Editing Advertisement Prefixes 49
Chapter 3: Configuring the Wireless Network 50
About Wireless Security 50
Wireless Security Tips 51
General Network Security Guidelines 52
Basic Settings 53
Security Settings for Wireless Networks 56
MAC Filtering for Wireless Network Access Control 58
Connected Clients 59
Wi-Fi Multimedia and Quality of Service Settings 60
SSID Schedule for Network Availability 61
Advanced Settings 62
Wireless Distribution System (WDS) 63
Chapter 4: Firewall 64
Cisco RV220W Firewall Features 64
Access Rules 66
Cisco RV220W Administration Guide 4
Setting the Default Outbound Policy and Managing Access Rules 66
Adding and Editing Access Rules 67
Changing Access Rule Priorities 71
Contents
Attack Prevention 72
Content Filtering 73
URL Blocking 75
Port Triggering 76
Managing Port Triggering Rules 77
Adding and Editing Port Triggering Rules 77
Port Forwarding 78
Managing Port Forwarding Rules 78
Adding or Editing a Port Forwarding Rule 79
DMZ Host 82
Advanced Firewall Settings 82
One-to-One Network Address Translation (NAT) 83
Managing One-to-One NAT Rules 83
Adding or Editing a One-to-One NAT Rule 84
MAC Address Filtering 85
IP/MAC Address Binding 86
Custom Services 87
Managing Custom Services 87
Adding or Editing a Custom Service 88
Schedules for Firewall Rules and Port Forwarding Rules 89
Managing Schedules 89
Adding or Editing a Schedule 90
Session Settings 91
Internet Group Management Protocol (IGMP) 92
Enabling IGMP and Managing the Allowed Networks Table 92
Adding or Editing the Allowed Networks 93
SIP ALG 93
Firewall Configuration Examples 94
Chapter 5: Cisco ProtectLink Web 98
Getting Started with Cisco ProtectLink Web 98
Global Settings for Approved URLs and Clients 99
Cisco RV220W Administration Guide 5
Approved Clients 99
Approved URLs 100
Contents
Web Protection 101
Overflow Control 101
Web Reputation 102
URL Filtering 103
Updating the ProtectLink License 104
Summary 104
Renewal 105
Chapter 6: Configuring Virtual Private Networks (VPNs) and Security 106
Configuring VPNs 107
Basic VPN Setup 109
Configuring Advanced VPN Parameters 111
Managing IKE and VPN Policies 112
Configuring IKE Policies 113
Configuring VPN Policies 117
Configuring VPN Users 122
Configuring VPN Passthrough 124
SSL VPN Server 124
Access Options for SSL VPN 125
Security Tips for SSL VPN 125
Elements of SSL VPN 126
Portal Layouts 126
Managing Portal Layouts 127
Adding or Editing a Portal Layout 127
SSL VPN Policies 129
About SSL VPN Policies 129
Managing SSL VPN Policies 129
Configuring an SSL VPN Policy 130
Resources for SSL VPN 132
Cisco RV220W Administration Guide 6
Managing Resources 132
Configuring a Resource 132
SSL VPN Port Forwarding 133
Managing Applications and Host Names for Port Forwarding 133
Configuring a TCP Application for SSL VPN Port Forwarding 134
Configuring Host Name Resolution for Port Forwarding 135
Contents
SSL VPN Tunnel Client Configuration 136
SSL VPN Client 136
Configured Client Routes for Split Tunnel Mode 138
Managing Client Routes 138
Configuring a Client Route 139
Viewing the SSL VPN Client Portal 139
Chapter 7: Configuring Security 141
Using SSL Certificates for Authentication 141
Importing a Trusted Certificate from a File 143
Importing an Active Self Certificate from a File 143
Generating a Certificate Request 144
Viewing a Certificate Request 145
Using the Cisco RV220W With a RADIUS Server 146
Managing RADIUS Server Configurations 146
Adding or Editing a RADIUS Server Configuration 147
Configuring 802.1x Port-Based Authentication 148
Chapter 8: Configuring Quality of Service 149
WAN QoS Profiles 149
Profile Binding 151
Managing Profile Binding Rules 151
Configuring a Profile Binding Rule 152
CoS Settings 153
CoS Settings for Traffic Forwarding Queues 153
CoS to DSCP Remarking 154
Chapter 9: Administering Your Cisco RV220W 155
Password Rules for Password Complexity 156
Cisco RV220W Administration Guide 7
Contents
Remote Management 157
User Management 158
Domains 158
Managing Domains 159
Configuring a Domain 159
Groups 161
Managing Groups for a Domain 161
Configuring a Group 162
Users 163
Managing Users 163
Configuring a User 164
User Log in Policies 165
User Log in Policies by Client Browser 166
User Log in Policies by IP Address 167
Network Management (SNMP) 169
SNMP Users and Trap Settings 169
Managing User Security Settings and Trap Settings 169
Configuring the User Security Settings for SNMP 170
Configuring SNMP Traps 171
SNMP System Information 171
WAN Traffic Meter 172
Diagnostics 174
Network Tools 174
Capture Packets 176
Logging 176
Logging Policies 176
Managing Logging Policies 177
Configuring a Logging Policy 177
Firewall Logs 178
Remote Logging Configuration 180
Discovery Settings 182
Discovery Settings for Bonjour 182
UPnP Discovery 183
Time Settings 184
Cisco RV220W Administration Guide 8
Contents
Backing Up or Restoring a Configuration 185
CSV File Import for User Accounts 186
Creating a CSV File 186
Importing a CSV File 189
Firmware Upgrade 189
Rebooting the Cisco RV220W 190
Restoring the Factory Defaults 190
Chapter 10: Viewing the RV220W Status 192
Viewing the Dashboard 193
Viewing the System Summary 196
Viewing the Wireless Statistics 199
Viewing the IPsec Connection Status 200
Viewing the VPN Client Connection Status 201
Viewing Logs 202
Viewing Available LAN Hosts 202
Viewing the Port Triggering Status 203
Viewing Interface Statistics 203
Viewing Port Statistics 204
Viewing Open Ports 206
Viewing Active Users 206
Viewing the SSL VPN Connection Information Status 207
Appendix A: Installing the Cisco RV220W 209
Getting to Know the Cisco RV220W 209
Front Panel 209
Back Panel 210
Mounting the Cisco RV220W 211
Placement Tips 211
Wall Mounting 211
Cisco RV220W Administration Guide 9
Contents
Attaching the Antennas 214
Connecting the Equipment 214
Verifying the Hardware Installation 216
Connecting to Your Wireless Network 217
Appendix B: Using Cisco QuickVPN 218
Overview 218
Before You Begin 218
Installing the Cisco QuickVPN Software 219
Installing from the CD-ROM 219
Downloading and Installing from the Internet 221
Using the Cisco QuickVPN Software 221
Appendix C: Glossary 224
Appendix D: Where to Go From Here 228
Cisco RV220W Administration Guide 10
Introduction
This introduction provides information to familiarize you with the product features
and help you get started using the web-based Configuration Utility.
Refer to these topics:
1
• Product Overview, page11
• Configuring the RV220W, page 12
• Setting Up the Cisco RV220W Using the Setup Wizard, page 13
Product Overview
Thank you for choosing the Cisco Small Business RV220W Wireless-N Network
Security Firewall. The Cisco RV220W is an advanced Internet-sharing network
solution for your small business needs. It allows multiple computers in your office
to share an Internet connection through both wired and wireless connections.
The RV220W Network Security Firewall delivers high-performance, high security,
wired and wireless connectivity—to the Internet, other offices, and employees
working remotely—to speed file transfers and help improve the productivity of
employees in a small office. Hybrid VPN capabilities, supporting both IP Security
(IPsec) and Secure Sockets Layer (SSL) VPN, provide flexibility to connect remote
offices as if they were physically attached to the network and extend controlled
network access to partners and others. Business-class security and optional
cloud-based web threat protection help keep the network and business assets
safe.
Cisco RV220W Administration Guide 11
Introduction
Configuring the RV220W
Configuring the RV220W
After connecting your equipment, use the web-based Configuration Utility to
configure your RV220W.
The Cisco RV220W tries to automatically detect and configure your Internet
settings. However, in some cases you might need to manually configure some
settings using the Device Manager. At a minimum, you should change the default
administrator name and password, and set up wireless security. See these topics
for more information about getting started in the Configuration Utility:
• Setting Up the Cisco RV220W Using the Setup Wizard
• Using the Getting Started Page
• Features of the User Interface
1
• Suggested Next Steps
NOTE For information about installation, see Appendix A, “Installing the Cisco
RV220W.”
Logging In
STEP 1 Connect a PC to a LAN port of the Cisco RV220W. If DHCP is enabled (the default
setting), your PC becomes a DHCP client of the RV220W and receives an IP
address in the 192.168.1.xxx range.
Note: You may need to configure your PC to obtain its IP address from a DHCP
server.
STEP 2 Start a web browser on your PC.
STEP 3 In the Address bar, enter the LAN IP address of the RV220W. (default 192.168.1.1).
Note: If Bonjour is enabled (the default setting), the RV220W advertise its record
information to any browsing device attached to its network. As a result, you run
Bonjour or FindIT on your PC to automatically discover the RV220W.
The browser may display a message about the site’s security certificate. The
RV220W uses a self security certificate and this message appears because the
RV220W is not known to your PC. You can safely click Continue (or the option
shown on your particular web browser) to go to the web site.
STEP 4 When the login page appears, enter the user name and password. The default
user name is cisco. The default password is cisco. Passwords are case sensitive.
Cisco RV220W Administration Guide 12
Introduction
Configuring the RV220W
STEP 5 Click Log In.
STEP 1 After logging in to the configuration utility, click Run Setup Wizard in the
1
Note: To prevent unauthorized access, use the Administration > User
Management > Users page to configure more secure login credentials as soon as
possible.
Setting Up the Cisco RV220W Using the Setup Wizard
With the Cisco RV220W powered on and connected to a PC, use the Setup
Wizard to configure the network settings.
To use the Setup Wizard:
navigation tree.
STEP 2 Follow the on-screen instructions to set up the Cisco RV220W.
The Setup Wizard tries to automatically detect and configure your connection. If it
cannot, the Setup Wizard asks you for information about your Internet connection.
If you do not have the required information, contact your Internet Service Provider
(ISP) to obtain it.
During the setup process, the Setup Wizard asks you to enter a new password. To
protect your router from unauthorized access, create a new password that is hard
to guess. While you are entering the password, the Setup Wizard provides you
with instant feedback regarding the strength of the password.
After the Setup Wizard is done configuring the Cisco RV220W, the Getting
Started page appears. See Using the Getting Started Page, page 13 for more
information.
Using the Getting Started Page
Use the links on the Getting Started page to perform the most common
configuration tasks. Click a link to perform a task. After performing a task, be sure
to save your new settings. To return to the Getting Started page, click Getting
Started in the navigation tree.
Cisco RV220W Administration Guide 13
Introduction
Configuring the RV220W
NOTE When you get a new router, be sure to check Cisco.com for firmware updates. Then
1
in the Quick Access section of the Getting Started page, use the Update Device
Firmware link to install your new firmware.
The Getting Started page includes these sections:
• Initial Settings—These links are for common tasks that most users need to
perform to configure the Cisco RV220W for the first time. Although the
default settings are sufficient for many small businesses, you should use
these links to review the settings and make changes as needed.
• Quick Access—These links are for common tasks that may be applicable
to your network.
• Device Status—These links provide access to status information for your
network. After configuring your settings, you should use these links to verify
the configuration.
The Other Resources section includes these links:
• Support—Click the link to visit the Cisco RV Series Routers page on
Cisco.com. This page provides links to technical documentation, product
literature, and other resources.
• Forums—Click this link to visit the Cisco Small Business Support
Community on Cisco.com.
To prevent the Getting Started page from showing when the Device Manager is
started, check Don’t show this on start-up.
Features of the User Interface
• Navigating through the pages
Use the navigation tree in the left pane to open the configuration pages.
Click a menu item on the left panel to expand it. Click the menu names
displayed underneath to perform an action or view a sub-menu.
• Saving your changes
Click Save to save your settings, or click Cancel to reload the page with the
current settings. If a page was opened by using an Add or Edit button, you
can click Back to return to the referring page.
Cisco RV220W Administration Guide 14
Introduction
Configuring the RV220W
1
• Viewing the Help files
To view more information about a configuration page, click the Help link
near the top right corner of the page.
Suggested Next Steps
Cisco recommends that you change some default settings to provide better
security and performance. In addition, you may need to manually configure some
settings. A suggested outline of steps follows:
• Change the administrator name and password. See Users, page 163.
• Change the idle timeout value. The Device Manager, by default, logs you out
after 10 minutes of inactivity. For more information, see User Management,
page 158.
• Enable remote management, which is a convenience to you when
configuring the router, and which is required if you want to enable a VPN.
See User Management, page 158.
• If your connection is not working, or your Internet service requires a login
account and password, see WAN Settings for IPv4, page 16.
• If you already have a DHCP server on your network, and you do not want
the Cisco RV220W to act as a DHCP server, see LAN Configuration for
IPv4, page 22.
• Configure your wireless network, especially wireless security. See
Chapter 3, “Configuring the Wireless Network.”
• Configure your Virtual Private Network (VPN).
- You can quickly set up a Gateway-to-Gateway or Client-to-Gateway
VPN by using the VPN > Basic VPN Setup page. For more information,
see Basic VPN Setup, page 109.
- Alternatively, for a simpler VPN setup, you can enable remote
management, configure user accounts, and distribute Cisco QuickVPN
to your remote workers. The Cisco QuickVPN software is found on the
CD that shipped with your router. Also see Using Cisco QuickVPN,
page 218.
Cisco RV220W Administration Guide 15
Configuring Networking
The Networking menu provides access to configuration pages where you can
configure your WAN, LAN, and other IPv4 and IPv6 network settings.
Refer to these topics:
• WAN Settings for IPv4, page 16
• LAN Configuration for IPv4, page 22
2
• Routing, page 31
• Port Management, page 37
• Dynamic DNS, page 38
• IPv6, page 39
WAN Settings for IPv4
Use the Networking > WAN menu to set up your Internet connection for your IPv4
network.
• Configuring the IPv4 WAN Settings, page 17
• PPPoE Profiles for Point-to-Point Protocol over Ethernet Connections,
page 20
NOTE For instructions on configuring your RV220W for an IPv6 network, see the “IPv6”
section on page 39.
Cisco RV220W Administration Guide 16
Configuring Networking
WAN Settings fo r I P v4
NOTE If your service provider requires PPPoE, first configure a PPPoE profile. See PPPoE
STEP 1 In the Internet Connection Type section, choose the type specified by your
2
Configuring the IPv4 WAN Settings
Follow these instructions to configure your Internet connection for your IPv4
network.
Profiles for Point-to-Point Protocol over Ethernet Connections, page 20.
To open this page: In the navigation tree, choose Networking > WAN (Internet) >
IPv4 WAN (Internet).
service provider. Then enter the required settings for the selected type.
• Automatic Configuration - DHCP—Choose this option if your service
provider gave you a dynamic DHCP connection to the Internet, or your PC
receives its IP address from your cable or DSL modem. This address can
change. No additional settings are required for this connection type.
• Static IP—Choose this option if your service provider gave you an IP
address that does not change. Enter the IP address, mask, default gateway,
and DNS server information. The fields are described in the table below this
step.
• PPPoE—Choose this option if your service provider gave you a Point-to-
Point Protocol over Ethernet (PPPoE) connection to the Internet (used mainly
with asymmetric DSL). In the PPPoE section, choose a PPPoE Profile Name.
If you have not yet created PPPoE profiles, click the Configure Profile
button. For more information, see PPPoE Profiles for Point-to-Point
Protocol over Ethernet Connections, page 20.
• PPTP—Choose this option if your service provider gave you a Point-to-Point
Tunneling Protocol (PPTP) connection to the Internet (used in Europe). In the
PPTP section, enter your user name, password, and connection type, IP
address, and server IP address. Also enable encryption if supported. The
fields are described in the table below this step.
• L2TP—Choose this option if your service provider gave you a Layer 2
Tunneling Protocol (L2TP) connection to the Internet (used in Europe). In the
L2TP section, enter your user name, password, and connection type, IP
address, and server IP address. Optionally, enter the secret phrase. The
fields are described in the table below this step.
Cisco RV220W Administration Guide 17
Configuring Networking
WAN Settings fo r I P v4
2
IP Address or My
IP Address
Subnet Mask Enter the subnet mask specified by your service provider.
Default Gateway Enter the IP address of the default gateway specified by
Primary DNS
Server,
Secondary DNS
Server
User Name Enter the user name for your Internet account.
Password Enter the password for your Internet account.
Secret If required by your service provider, enter the secret phrase
MPPE Encryption If your service provider’s PPTP server supports Microsoft
Connection Type Choose the connection type:
Enter the IP address that was assigned to your account.
your service provider.
For domain name resolution, enter the IP address of the
DNS servers specified by your service provider. The
Primary DNS Server is required for a Static IP connection.
used to log in to the server.
Point-to-Point Encryption (MPPE), check the Enable box.
Server IP
Address
• Keep Connected—The Internet connection is
always on.
• Idle Time—The Internet connection is on only when
traffic is present. If the connection is idle—that is, no
traffic is occurring—the connection is closed. You
might want to choose this if your ISP charges based
on the amount of time that you are connected. If you
choose this connection type, enter the number of
minutes after which the connection shuts off in the
Idle Time field.
Enter the IP address of the PPTP or L2TP server specified
by your service provider.
Cisco RV220W Administration Guide 18
Configuring Networking
WAN Settings fo r I P v4
STEP 2 In the MTU Size section, choose the MTU Type. (See MTU (Maximum
STEP 3 In the Router MAC Address section, specify the MAC address source. The
2
Transmission Unit) in the glossary.)
• Default—Unless a change is required by your ISP, Cisco recommends that
you use the default setting, 1500 bytes.
• Custom—If your ISP requires a custom MTU setting, choose Custom and
enter the MTU Size specified by your provider.
RV220W has a unique 48-bit local Ethernet hardware address. In most cases, the
RV220W’s default MAC address is used to identify your Cisco RV220W to your
ISP. However, you can change this setting if required by your ISP.
• Use Default Address (recommended).
• Use this computer's MAC—Choose this option to assign the MAC address
of the computer that you are using to configure the RV220W.
• Use This MAC—Choose this option if you want to manually enter a MAC
Address that is expected by your ISP. Then enter a MAC Address in the
format of XX:XX:XX:XX:XX:XX, where X is a number from 0 through 9 or a
letter from A through F.
STEP 4 Click Save to save your settings, or click Cancel to redisplay the page with the
current settings.
Cisco RV220W Administration Guide 19
Configuring Networking
WAN Settings fo r I P v4
2
PPPoE Profiles for Point-to-Point Protocol over Ethernet
Connections
If you have a Point-to-Point Protocol over Ethernet (PPPoE) connection to the
Internet (used mainly with asymmetric DSL), create a PPPoE profile for your PPPoE
connection. You can create multiple profiles, which are useful if you connect to the
Internet using different service provider accounts.
• Managing PPPoE Profiles, page 20
• Adding and Editing PPPoE Profile Settings, page 21
Managing PPPoE Profiles
Use the Networking > WAN (Internet) > PPPoE Profiles page to view, add, edit, or
delete PPPoE profiles.
To open this page: In the navigation tree, choose Networking > WAN (Internet) >
PPPoE Profiles.
Perform these tasks:
• To add a profile, click Add. Then enter the settings on the Add/Edit PPPoE
Profile Configuration page. See Adding and Editing PPPoE Profile
Settings, page 21.
• To edit a profile, check the box and then click Edit. Then enter the settings on
the Add/Edit PPPoE Profile Configuration page. See Adding and Editing
PPPoE Profile Settings, page 21.
• To delete a profile, check the box and then click Delete. To select all profiles,
check the box in the heading row, and then click Delete. When the
confirmation message appears, click OK to continue with the deletion, or
otherwise click Cancel.
Cisco RV220W Administration Guide 20
Configuring Networking
WAN Settings fo r I P v4
STEP 1 Enter this information:
2
Adding and Editing PPPoE Profile Settings
Use the Add/Edit PPPoE Profile Configuration page to enter the settings for a
PPPoE profile.
To open this page: From the Networking > WAN (Internet) > PPPoE Profiles
page, click Add or select a profile and then click Edit.
• Profile Name—Enter a descriptive name to identify the profile (for example,
“ISPOne”).
• Username—Enter the user name for accessing your ISP account (for
example,
• Password—Enter the password for accessing your ISP account.
john@ISPname.net
).
• Authentication Type—Choose one of the following options:
- Auto-negotiate—The server sends a configuration request specifying
the security algorithm set on it. The RV220W then sends back
authentication credentials with the security type sent earlier by the
server.
- PAP —The RV220W uses Password Authentication Protocol (PAP) when
connecting with the ISP.
- CHAP—The RV220W uses Challenge Handshake Authentication
Protocol (CHAP) when connecting with the ISP.
- MS-CHAP—The RV220W uses Microsoft Challenge Handshake
Authentication Protocol when connecting with the ISP.
- MS-CHAPv2—The RV220W uses Microsoft Challenge Handshake
Authentication Protocol Version 2 when connecting with the ISP.
• Connection Type—Choose one of the following options:
- Keep Connected—The Internet connection is always on.
- Idle Time—The Internet connection is on only when traffic is present. If
the connection is idle—that is, no traffic is occurring—the connection is
closed. You might want to choose this if your ISP charges based on the
amount of time that you are connected. If you choose this connection
type, enter the number of minutes after which the connection shuts off in
the Idle Time field.
Cisco RV220W Administration Guide 21
Configuring Networking
LAN Configuration for IPv4
STEP 2 Click Save to save your settings, or click Cancel to reload the page with the
current settings.
LAN Configuration for IPv4
Use the Network > LAN (Local Network) menu to set up your IPv4 LAN. This menu
includes the following options:
• IPv4 LAN (Local Network), page 22
• VLAN Membership, page 24
• Multiple VLAN Subnets, page 26
2
• Static DHCP, page 28
• Advanced DHCP Configuration, page 29
• DHCP Leased Clients, page 30
• Jumbo Frames, page 30
NOTE For IPv6 LAN configuration, see Configuring IPv6 LAN Properties, page 41.
IPv4 LAN (Local Network)
For most applications, the default settings are satisfactory. You can make changes
to suit your requirements. For example, you may want to make the following types
of changes:
• DHCP server options: If you want another PC on your network to be the
DHCP server, or if you are manually configuring the network settings of all of
your PCs, disable DHCP.
• DNS server or WINS server: Instead of using a DNS server, you can use a
Windows Internet Naming Service (WINS) server. A WINS server is the
equivalent of a DNS server but uses the NetBIOS protocol to resolve
hostnames. The RV220W includes the WINS server IP address in the DHCP
configuration when acknowledging a DHCP request from a DHCP client.
You can also enable a DNS proxy. When enabled, the RV220W then acts as
a proxy for all DNS requests and communicates with the ISP's DNS servers.
When disabled, all DHCP clients receive the DNS IP addresses of the ISP.
Cisco RV220W Administration Guide 22
Configuring Networking
LAN Configuration for IPv4
STEP 1 In the Network section, keep the default Host Name, or enter a new name to
STEP 2 In the LAN (Local Network) Configuration section, keep the default IP Address
2
• IP address range: If machines on your LAN use different IP address ranges
(for example, 172.16.2.0 or 10.0.0.0), you can add aliases to the LAN port to
give PCs on those networks access to the Internet. This allows the RV220W
to act as a gateway to additional logical subnets on your LAN. You can
assign the RV220W an IP address on each additional logical subnet.
To open this page: In the navigation tree, choose Networking > LAN (Local
Network) > IPv4 LAN (Local Network).
identify your router. This field allows alpha-numeric characters and the hyphen.
The default host name consists of the word “router” followed by the last 3 bytes of
LAN MAC address (in Hex-decimal form). This allows the Cisco FindIT Network
Discovery Utility to identify Cisco Small Business devices on the LAN.
and Subnet Mask, or change them as needed for your network.
Note: If you change the LAN IP address, you will need to use the new IP address to
launch the configuration utility. You may need to release and renew the IP address
of your PC, if using DHCP, or configure a static IP address in the same subnet as
the RV220W.
STEP 3 In the DHCP section, choose the DHCP Mode and enter the required settings.
Note: If you need to reserve IP addresses for devices on your network, click the
Configure Static DHCP button. For more information, see Static DHCP, page 28.
• DHCP Server—Choose this option to allow the Cisco RV220W to
dynamically assign IP addresses to devices in the network. By default, the
Cisco RV220W functions as a DHCP server to the hosts on the Wireless LAN
(WLAN) or LAN network and assigns IP and DNS server addresses. With
DHCP enabled, the RV220W's IP address serves as the gateway address to
your LAN. The PCs in the LAN are assigned IP addresses from a pool of
addresses. Each address is tested before it is assigned to avoid duplicate
addresses on the LAN. If you choose this option, enter this information:
- Domain Name—Enter the domain name for your network (optional).
- Starting and Ending IP Address—Enter the first and last of the
contiguous addresses in the IP address pool. Any new DHCP client
joining the LAN is assigned an IP address in this range. You can save part
of the range for PCs with fixed addresses. These addresses should be in
the same IP address subnet as the RV220W's LAN IP address.
Cisco RV220W Administration Guide 23
Configuring Networking
LAN Configuration for IPv4
STEP 4 In the LAN (Local Network) Proxy section, check Enable to enable the Cisco
2
- Primary and Secondary DNS Server—DNS servers map Internet
domain names (for example, www.cisco.com) to IP addresses. Enter the
server IP addresses in these fields if you want to use different DNS
servers than are specified in your WAN settings.
- Lease time—Enter the duration (in hours) for which IP addresses are
leased to clients.
• DHCP Relay—Choose this option to enable the relay gateway to transmit
DHCP messages from a DHCP server on another subnet. Then enter the
address of the DHCP server in the Remote DHCP Server field.
• None—Use this to disable DHCP on the Cisco RV220W. If you want another
device on your network to be the DHCP server, or if you are manually
configuring the network settings of all of your PCs, disable DHCP.
RV220W to act as a proxy for all DNS requests and to communicate with the ISP's
DNS servers.
STEP 5 Click Save to save your settings, or click Cancel to reload the page with the
current settings.
VLAN Membership
Use the Networking > LAN (Local Network) > VLAN Membership page to enable,
create, and manage VLAN (Virtual LAN)s. The router is configured with a default
VLAN, VLAN 1, and all devices are members.
Up to four new VLANs can be created. The configured VLANs are listed in the
VLAN Membership Table.
To open this page: Choose Networking > LAN (Local Network) > VLAN
Membership.
Cisco RV220W Administration Guide 24
Configuring Networking
LAN Configuration for IPv4
STEP 1 Check the VLAN Enable box to enable the creation and management of additional
STEP 2 Perform these tasks:
2
VLANs. To disable this feature, uncheck the box.
• To add a new VLAN, click Add Row. Then enter these settings:
- VLAN ID—Enter a numerical VLAN ID that will be assigned to endpoints
in the VLAN membership. The VLAN ID can range from 2 to 4094. VLAN
ID 1 is reserved for the default VLAN, which is used for untagged frames
received on the interface, and VLAN ID 4092 is reserved and cannot be
used. After a new VLAN entry is saved, the VLAN ID cannot be changed.
- Description—Enter a short description to identify this VLAN.
- Inter VLAN Routing—Check the box to enable routing between this and
other VLANS, or uncheck the box to disable this feature.
- Device Management—Check the box to enable this feature, or uncheck
the box to disable it. This setting determines whether or not clients can
access the Cisco RV220W Configuration Utility on this VLAN. To prevent
access to this utility from this VLAN, disable this feature.
- Port 1-4—For each of the ports, choose one of the following options:
- Tagged—Used when connecting to switches carrying multiple VLANs.
- Untagged—Access ports connecting to end devices like printers and
workstations.
• To change the settings for an existing VLAN, check the box and then click
Edit. To select all VLANs, check the box in the heading row. Then edit the
settings as described above.
• To delete a VLAN, check the box and then click Delete. To select all VLANs,
check the box in the heading row. When the confirmation message appears,
click OK to continue with the deletion, or otherwise click Cancel.
STEP 3 Click Save to save your settings, or click Cancel to reload the page with the
current settings.
Cisco RV220W Administration Guide 25
Configuring Networking
LAN Configuration for IPv4
2
Multiple VLAN Subnets
When you create a VLAN, a subnet is created automatically for the VLAN. You can
then further configure the subnet properties, including the IP address, the subnet
mask, and the DHCP settings.
• Viewing the Multiple VLAN Subnets Table, page 26
• Entering the Multiple VLAN Subnets Properties, page 26
Viewing the Multiple VLAN Subnets Table
To open this page: In the navigation tree, choose Networking > LAN (Local
Network) > Multiple VLAN Subnets.
VLANs are listed in the table. The information includes the IP address, the subnet
mask, the DHCP mode (DHCP Server or DHCP Relay), and the DNS Proxy Status
(Enabled or Disabled).
To edit the VLAN subnet properties, check the box and then click Edit. Then enter
the settings on the Edit Multiple VLAN Subnet page. See Entering the Multiple
VLAN Subnets Properties, page 26.
Entering the Multiple VLAN Subnets Properties
To open this page: Choose Edit on the Networking > LAN (Local Network) >
Multiple VL AN Subnets page.
STEP 1 In the LAN (Local Network) Configuration section, keep the default IP Address
and Subnet Mask, or change them as needed for your network.
Note: If you change the LAN IP address of VLAN 1, you will need to use the new IP
address to launch the configuration utility. You may need to release and renew the
IP address of your PC, if using DHCP, or configure a static IP address in the same
subnet as the RV220W.
STEP 2 In the DHCP section, choose the DHCP Mode and enter the required settings.
Note: If you need to reserve IP addresses for devices on your network, click the
Configure Static DHCP button. For more information, see Static DHCP, page 28.
• DHCP Server—Choose this option to allow the Cisco RV220W to
dynamically assign IP addresses to devices in the VLAN subnet. By default,
the Cisco RV220W functions as a DHCP server to the hosts in the subnet. If
you choose this option, enter this information:
- Domain Name—Enter the domain name for the VLAN subnet (optional).
Cisco RV220W Administration Guide 26
Configuring Networking
LAN Configuration for IPv4
2
- Starting and Ending IP Address—Enter the first and last of the
contiguous addresses in the IP address pool for this subnet. Any new
DHCP client joining the LAN is assigned an IP address in this range. You
can save part of the range for PCs with fixed addresses. These
addresses should be in the same IP address subnet as the VLAN IP
address that you specified above.
- Primary and Secondary DNS Server—DNS servers map Internet
domain names (for example, www.cisco.com) to IP addresses. Enter the
server IP addresses in these fields if you want to use different DNS
servers than are specified in your WAN settings.
- Lease time—Enter the duration (in hours) for which IP addresses are
leased to clients.
• DHCP Relay—Choose this option to enable the relay gateway to transmit
DHCP messages between multiple subnets. Then enter the address of the
relay gateway in the Relay Gateway field.
• None—Use this to disable DHCP on the VLAN subnet. If you want another
device on your network to be the DHCP server for devices on the VLAN
subnet, or if you are manually configuring the network settings of all of your
computers, disable DHCP.
STEP 3 In the LAN (Local Network) Proxy section, check Enable to enable the VLAN
subnet to act as a proxy for all DNS requests and to communicate with the ISP's
DNS servers.
STEP 4 Click Save to save your settings, or click Cancel to reload the page with the
current settings. If you are connected to the Cisco RV220W by the LAN port that is
a member of this VLAN, the system reboots and connects you to the RV220W
using its new IP address.
Cisco RV220W Administration Guide 27
Configuring Networking
LAN Configuration for IPv4
STEP 1 Perform one of these tasks:
2
Static DHCP
You can configure a static IP Address and MAC Address for a known computer or
device on the LAN network from the LAN Interface menu.
To open this page: In the navigation tree, choose Networking > LAN (Local
Network) > Static DHCP. Or from the Networking > LAN (Local Network) > IPv4
LAN (Local Network) page, click Configure Static DHCP.
• To reserve a static IP address for a client, click Add. Then enter the settings,
as described below.
- IP Address—Enter the IP address of the device. This address should be
outside the DHCP address range specified on the Networking > LAN
(Local Network) > IPv4 LAN (Local Network) page. The DHCP server
will serve the reserved IP address only to the device with the
corresponding MAC address.
- MAC Address—Enter the MAC address of the device, without
punctuation. The punctuation is added automatically, using the following
format: XX:XX:XX:XX:XX:XX where X is a number from 0 to 9 (inclusive) or
an alphabetical letter between A and F (inclusive).
• To edit an entry, check the box and then click Edit. To select all entries, check
the box in the heading row. Then enter the settings, as described above.
• To delete an entry, check the box and then click Delete. To select all entries,
check the box in the heading row.
STEP 2 Click Save to save your settings, or click Cancel to reload the page with the
current settings. After saving or canceling, you can add, edit, or delete other
entries.
Cisco RV220W Administration Guide 28
Configuring Networking
LAN Configuration for IPv4
STEP 1 In the Automatic Configuration Download section, configure automatic download
2
Advanced DHCP Configuration
You can configure the Cisco RV220W to download a configuration file from a TFTP
server by using Option 66, Option 67, and Option 160. You also can associate
different client devices with different configuration files. When you reboot the
router, it will download the specified files.
To open this page: Choose Networking > LAN (Local Network) > Advanced
DHCP Configuration.
of configuration files:
• Check Enable to enable downloading of configuration files. Uncheck the box
to disable this feature.
• Choose the TFTP Server Type:
- Host Name—Choose this option to identify the server by its host name.
Enter the host name of the TFTP server in the TFTP server host name
field.
- Address—Choose this option to identify the server by its IP address.
Enter the IP address in the TFTP Server IP field.
STEP 2 Click Save to enable the downloads, or click Cancel to reload the page with the
current settings.
Note: The mapping table is available only if you enabled Automatic Configuration
Download and saved the settings.
STEP 3 In the DHCP Client Device vs. Configuration File Mapping Table, perform these
tasks:
• To specify a configuration file for a device that is not listed, click Add. Then
enter the settings, as described below.
- IP Address—Enter the IP address of the device. This address should be
outside the DHCP address range specified on the Networking > LAN
(Local Network) > IPv4 LAN (Local Network) page. The DHCP server
will serve the reserved IP address only to the device with the
corresponding MAC address.
- MAC Address—Enter the MAC address of the device, without
Cisco RV220W Administration Guide 29
punctuation. The punctuation is added automatically, using the following
format: XX:XX:XX:XX:XX:XX where X is a number from 0 to 9 (inclusive) or
an alphabetical letter between A and F (inclusive).
Configuring Networking
LAN Configuration for IPv4
STEP 4 Click Save to save the settings, or click Cancel to reload the page with the current
2
- Configuration Filename—Enter the filename of the configuration file to
use for the device with the specified MAC address.
• To edit an entry, check the box and then click Edit. Then enter the settings,
as described above.
• To delete an entry, check the box and then click Delete.
settings. After this step, you can add, edit, or delete other entries.
DHCP Leased Clients
Use the Networking > LAN (Local Network) > DHCP Leased Client page to view
the endpoints that are receiving IP addresses from the Cisco RV220W’s DHCP
server.
To open this page: In the navigation tree, choose Networking > LAN (Local
Network) > DHCP Leased Client.
The endpoints are listed by IP address and MAC address. You cannot edit this list.
Jumbo Frames
Use the Jumbo Frames page to allow devices to send frames within the LAN
containing up to 9,000 bytes of data per frame. A standard Ethernet frame contains
1,500 bytes of data.
To open this page: Choose Networking > LAN (Local Network) > Jumbo
Frames.
STEP 1 Check the Enable box to enable this feature. Uncheck the box to disable it.
STEP 2 Click Save to save your settings, or click Cancel to reload the page with the
current settings.
Cisco RV220W Administration Guide 30
Loading...