Page 2
Revised Sep 2014 Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their...
Chapter 6: Configuring Networking Configuring the WAN Settings Configuring the Wired WAN Connections Configuring DHCP Configuring Static IP Configuring PPPoE Configuring PPTP Configuring L2TP Configuring Optional Settings Configuring a Mobile Network Global Settings Mobile Network Setup RV215W Wireless-N VPN Firewall Administration Guide...
Configuring Services Management Configuring Access Rules Adding Access Rules Creating an Internet Access Policy Adding or Editing an Internet Access Policy Configuring Port Forwarding Configuring Single Port Forwarding Configuring Port Range Forwarding Configuring Port Range Triggering RV215W Wireless-N VPN Firewall Administration Guide...
Restarting the Cisco RV215W Restoring the Factory Defaults Running the Setup Wizard Appendix A: Using Cisco QuickVPN Overview Before You Begin Installing the Cisco QuickVPN Software Installing from the CD-ROM Downloading and Installing from the Internet RV215W Wireless-N VPN Firewall Administration Guide...
Page 8
Contents Using the Cisco QuickVPN Software Appendix B: Where to Go From Here RV215W Wireless-N VPN Firewall Administration Guide...
To verify the hardware installation and connection to the Internet, complete the following tasks: Check the LED states. For more information, see Cisco RV215W Wireless-N VPN STEP 1 Firewall Quick Start Guide provided with the device.
The login page displays. Enter the user name and password. STEP 4 The default user name is cisco. The default password is cisco. Passwords are case sensitive. Click Log In. Setup Wizard starts.
Displays the Users page where you can change Administrator Password the administrator password and set up a guest account. See Configuring User Accounts. Launch Setup Wizard Launches the Setup Wizard. Follow the on-screen instructions. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 12
Displays the Wireless Statistics page that shows the state of the radio. See Viewing Wireless Statistics. VPN Status Displays the VPN Status page that lists the VPN managed by this router. See Viewing the VPN Status. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
If you did not enable security (not recommended), leave the wireless encryption fields that were configured with the security type and passphrase blank. Verify your wireless connection and save your settings. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
The back panel view shows you the ports that are connected to a device (lit green). • To view a port connection information, mouse-over the port. • To refresh the port information, click Refresh. • To close the port information window, click Close. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 15
MAC Address—The MAC address of the device. • IPv4 Address—Management IP address of the device. • IPv6 Address—Management IP address of the device (when IPv6 is enabled). • DHCP Server—Status of the device IPv4 DHCP server (enabled or disabled). Cisco RV215W Wireless-N VPN Firewall Administration Guide...
To view a summary of system settings, choose Status > System Summary. To go to the related window, click the underscored parameter. For example, to modify the LAN IP address, click LAN IP. The LAN Configuration window appears. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 17
Mode—Displays Gateway if NAT is enabled, or Router. • DNS 1—Primary DNS server IP address of the WAN port. • DNS 2—Secondary DNS server IP address of the WAN port. • DDNS—Indicates whether the Dynamic DNS is enabled or disabled. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 18
Block WAN Request—Indicates whether WAN request blocking is on or off. • Remote Management—Indicates whether or not Device Manager can be accessed remotely. VPN Setting Status • QuickVPN Connections Available—Number of available QuickVPN connections. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Dropped Number of received and sent packets dropped by the radio, over all configured SSIDs. Multicast Number of multicast packets sent over this radio. Collisions Number of packet collisions reported to the router. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Protocol Protocol that the user uses. You can change the status of a connection to either establish or disconnect the configured VPN client. To terminate an active VPN connection, click Disconnect. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Ext Action—Displays if you can switch between the primary and the secondary VPN connections. If the Rollback enable check box on the Advanced VPN Parameters page is checked, the Switch button is dimmed. If you made any changes, click Save. STEP 2 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
To save log messages to an external USB device, click Save Log to USB. To specify the number of entries to show per page, choose a number from the drop-down menu. Use the page navigation buttons to move between log pages. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Show Simplified Statistic Data and click Save. By default, byte data is displayed in bytes and other numerical data is displayed in long form. To reset the port statistics counters, click Clear Count. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Time Left—Time remaining that the device can be connected to the guest network. (Time limits are configured in the Wireless > Basic Settings > Guest Net Settings page.) • Action—Actions you can perform on the connected device (for example, disconnect). Cisco RV215W Wireless-N VPN Firewall Administration Guide...
IMS—The unique identification associated with the GSM, UMTS, or LTE network mobile phone users. • Carrier—Mobile network carrier. • Service Type—Type of service accessed. • Signal Strength—Strength of the wireless mobile network signal. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
• Configuring the WAN Settings • Configuring the LAN Settings • Cloning the MAC Address • Configuring Routing • Port Management • Configuring Dynamic DNS • Configuring the IP Mode • Configuring IPv6 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
From the Internet Connection Type drop-down menu, choose Static IP. STEP 2 Enter this information: STEP 3 Internet IP Address IP address of the firewall WAN port. Subnet mask Subnet mask of the firewall WAN port. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Keep Alive When you select this option, the Internet connection is always on. In the redial period field, enter the number of seconds after which the device attempts to reconnect if it is disconnected. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
IP address of the default gateway. PPTP Server IP address of the Point-To-Point Tunneling Protocol (PPTP) server. Username The username assigned to you by the ISP. Password The password assigned to you by the ISP. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Configuring Optional Settings. STEP 4 Click Save. STEP 5 Configuring L2TP To configure the L2TP settings: Choose Networking > WAN. STEP 1 From the Internet Connection Type drop-down menu, choose L2TP. STEP 2 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 31
PAP—Password Authentication Protocol (PAP) is used to connect to the ISP. CHAP—Challenge Handshake Authentication Protocol (CHAP) is used to connect to the ISP. MS-CHAP or MS-CHAPv2—Microsoft Challenge Handshake Authentication Protocol is used to connect to the ISP. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Use the Mobile Network page to configure the device to connect to a Mobile Broadband USB modem that is connected to its USB interface. To display the Mobile Network window, choose Networking > WAN > Mobile Network. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Authentication used by your service provider. The value can be changed by choosing the authentication type from the drop-down list. The default is Auto. If you do not know which type of authentication to use, select Auto. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
In the Monthly Bandwidth Cap field, enter the maximum amount of data in STEP 3 megabytes that is allowed to pass before the device takes an action, such as sending an email to an administrator. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
In the Failover Check Interval field, enter the time (in seconds) after which the STEP 5 device must attempt to detect the presence of traffic on the secondary connection. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Use this page to load the USB module files that support USB dongles. Contact Cisco Support to acquire USB module files. The Dynamic Load USB Modem List shows the 3G and 4G USB dongle module files that are supported on the device.
Also, instead of using a DNS server that maps Internet domain names (for example, www.cisco.com) to IP addresses, you can use a Windows Internet Naming Service (WINS) server. A WINS server is the equivalent of a DNS server, but uses the NetBIOS protocol to resolve hostnames.
Allows the device to act as the DHCP server in the network. Disable Disables DHCP on the device when you want to manually configure the IP addresses of all of your network devices. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
VLANs can group endpoints without regard to the physical location of the equipment or users. The device has a default VLAN (VLAN 1) that cannot be deleted. You can create up to four other VLANs on the device. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 41
VLAN is first created. Click Save. STEP 4 To edit the settings of a VLAN, select the VLAN and click Edit. To delete a selected VLAN, click Delete. Click Save to apply changes. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
A and F (inclusive). To edit the settings of a static DHCP client, select the client and click Edit. To delete a selected DHCP client, click Delete. Click Save to apply the changes. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
LAN IP address, but it cannot be identical to the IP address given to the LAN interface of this gateway. To configure DMZ: Choose Networking > LAN > DMZ Host. STEP 1 Check Enable to enable DMZ on the network. STEP 2 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
The max age is the time period that the router waits to receive a hello message. If the max age is reached, the router tries to change the spanning tree. Enter a number from 6 to 40. The default is 20. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
You can configure the speed and flow control settings of the device LAN ports. To configure port speeds and flow control: Choose Networking > Port Management. STEP 1 Configure this information: STEP 2 Port The port number. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
For example, some ISPs register your computer NIC card MAC address when the service is first installed. When you place a router behind the cable modem or DSL modem, the MAC address from the device WAN port is not recognized by the ISP. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
(Recommended) Click this button to set the device to act as a gateway. Keep this default setting if the device is hosting your network connection to the Internet and is performing the routing functions. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Select the RIP Send Packet Version (RIPv1 or RIPv2). The version of RIP used to send routing updates to other routers on the network depends on the configuration settings of the other routers. RIPv2 is backward compatible with RIPv1. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Destination LAN IP Enter the IP address of the destination LAN. Subnet Mask Enter the subnet mask of the destination network. Gateway Enter the IP address of the gateway used for this route. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
DDNS provider such as DynDNS.com, TZO.com, 3322.org, or noip.com. The router notifies dynamic DNS servers of changes in the WAN IP address, so that any public services on your network can be accessed by using the domain name. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 51
00:MM, where MM is a randomly picked number between 0 and 59. Monthly—Update on the first day of the month at 00:MM, where MM is a randomly picked number between 0 and 59. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Use IPv4 and IPv6 on the LAN ports and IPv4 on the WAN:IPv4 WAN ports. LAN:IPv4+IPV6, Use IPv4 and IPv6 on both the LAN and WAN ports. WAN:IPv4+IPv6 LAN:IPv4, WAN:IPv6 Use IPv4 on the LAN and IPv6 on the WAN ports. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
LAN:IPv4+IPv6, WAN:IPv4+IPv6 Configuring the IP Mode for instructions on how to set the IP mode. Configuring DHCPv6 If your ISP provides you with a dynamically assigned address, configure the device as a DHCPv6 client. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 54
IP address of the server at the ISP. Static DNS 1 IP address of the primary IPv6 DNS server. Static DNS 2 IP address of the secondary IPv6 DNS server. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 55
Keeps the WAN link up by sending a keep alive message through the port. In the redial period field, enter the number of seconds after which the device attempts to reconnect if it is disconnected. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 56
IPv6 prefix length. Default IPv6 Gateway IP address of the default IPv6 gateway. Static DNS 1 IP address of the primary DNS server. Static DNS 2 IP address of the secondary DNS server. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
STEP 2 IPv6 Address Enter the IPv6 address of the device. The default IPv6 address for the gateway is fec0::1 (or FEC0:0000:0000:0000:0000:0000:0000:0001). You can change this 128-bit IPv6 address based on your network requirements. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 58
Client lease time duration (in seconds) for which IPv6 addresses are leased to endpoints on the LAN. Choose Networking > IPv6 > IPv6 LAN Configuration. STEP 5 In the IPv6 Address Pools Table, click Add Row. STEP 6 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
STEP 1 In the list of static routes, click Add Row. STEP 2 Enter this information: STEP 3 Name Route name. Destination IPv6 address of the destination host or network for this route. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
180 seconds, the routes learned from the neighbor are considered as unreachable. After another 240 seconds, if no routing update is received, the router removes these routes from the routing table. On the device, RIPng is disabled by default. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
This is stateless IPv6 auto configuration, and the device distributes IPv6 prefixes to all nodes on the network. To configure the RADVD: Choose Networking > IPv6 > Router Advertisement. STEP 1 Enter this information: STEP 2 RADVD Status Check Enable to enable RADVD. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 63
(interpreting the router preference value). These values are ignored by hosts that do not implement router preference. This feature is useful if there are other RADVD-enabled devices on the LAN. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
IPv4 network. It is used when an end user wants to connect to the IPv6 Internet using their existing IPv4 connection. Global/Local—A locally unique IPv6 address that you can use in private IPv6 networks or a globally unique IPv6 Internet address. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 65
Prefix Lifetime Prefix lifetime, or the length of time over which the requesting router is allowed to use the prefix. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
32 characters in length. To protect your network, change the default wireless network name to a unique name to distinguish your wireless network from other wireless networks that may exist around you. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 67
• Enable MAC address filtering. Cisco routers and gateways give you the ability to enable MAC address filtering. The MAC address is a unique series of numbers and letters assigned to every networking device.
Combine letters and numbers to avoid using standard words that can be found in the dictionary. General Network Security Guidelines Wireless network security is useless if the underlying network is not secure. Cisco recommends that you take the following precautions: •...
Choose this option if you have only Wireless-B devices in your network. G Only Choose this option if you have only Wireless-G devices in your network. N Only Choose this option if you have only Wireless-N devices in your network. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 70
Voice data, these types of applications can increase battery life by approximately 25% and minimize transmit delays. (Optional) Configure the settings of the four wireless networks (see Editing the STEP 8 Wireless Network Settings). Click Save. STEP 9 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
SSID. WMM (Wi-Fi Multimedia) Check this box to enable WMM. WPS Hardware Button Check this box to map the device WPS button on the front panel to this network. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
(Optional) In the Passphrase field, enter an alphanumeric phrase (longer than eight STEP 7 characters for optimal security) and click Generate Key to generate four unique WEP keys in the WEP Key fields. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 73
STEP 2 In the Select SSID field, choose the SSID for which to configure the security STEP 3 settings. From the Security Mode menu, choose one of the three WPA Personal options. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 74
In the Select SSID field, choose the SSID for which to configure the security STEP 3 settings. From the Security Mode menu, choose one of the three WPA Enterprise options. STEP 4 (WPA-Enterprise only) In the Encryption field, choose one of the following options: STEP 5 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
MAC Address Table from accessing the wireless network. This option is selected by default. • Permit—Select this option to allow devices with the MAC addresses listed in the MAC Address Table to access the wireless network. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
The following restrictions and configuration guidelines apply: • One guest network can be configured for each device. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 77
Click Save. The system notifies you that the physical Ethernet ports on the device STEP 7 are excluded from the VLAN that you have assigned to the guest network. In addition, Wireless Isolation with SSID and WMM are automatically enabled. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
WMM No Click to enable this feature. Acknowledgement Enabling WMM No Acknowledgement can result in more efficient throughput, but higher error rates in a noisy Radio Frequency (RF) environment. Default setting is disabled. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 79
Auto to have the device automatically use the fastest possible data rate and enable the Auto-Fallback feature. Auto-Fallback will negotiate the best possible connection speed between the device and a wireless client. The default is Auto. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 80
Setting the Fragmentation Threshold too low may result in poor network performance. Only minor reduction of the default value is recommended. In most cases, it should remain at its default value of 2346. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Check the Allow wireless signal to be repeated by a repeater box to enable STEP 2 WDS. To manually enter the MAC address of a repeater click Manual, or choose Auto to STEP 3 have the router automatically detect remote access points. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Device PIN Status—WPA device personal identification number (PIN) status. Device PIN—Identifies the PIN of a device trying to connect. PIN Lifetime—The lifetime of the key. If the time expires, a new key is negotiated. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 83
Configuring the Wireless Network Configuring WPS After you configure WPS, the following information appears at the bottom of the WPS page: Wi-Fi Protected Setup Status, Network Name (SSID), and Security. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
From Zone (LAN/WAN/DMZ) and To Zone (LAN/WAN/DMZ). • Schedules as to when the router should apply rules. • Keywords (in a domain name or on a URL of a web page) that the router should allow or block. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
(insecure WAN), you must create a firewall rule for each service. Configuring Basic Firewall Settings To configure basic firewall settings: Choose Firewall > Basic Settings. STEP 1 Configure the following firewall settings: STEP 2 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 86
Enabling this setting blocks Java applets from being downloaded. Click Auto to automatically block Java, or click Manual and enter a specific port on which to block Java. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 87
Enabling this feature blocks proxy servers. Click Auto to automatically block proxy servers, or click Manual and enter a specific port on which to block proxy servers. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Enter the port on which remote access is allowed. Port The default port is 443. When remotely accessing the router, you must enter the remote management port as part of the IP address. For example: https://<remote-ip>:<remote-port>, or https://168.10.1.11:443 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
In the Name field, enter a unique name to identify the schedule. This name is STEP 3 available on the Firewall Rule Configuration page in the Select Schedule list. (See Configuring Access Rules.) Cisco RV215W Wireless-N VPN Firewall Administration Guide...
STEP 4 drop-down menu: • • • TCP & UDP • ICMP In the Start Port field, enter the first TCP or UDP port of the range that the service STEP 5 uses. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
For example, you may want to apply a rule allowing certain types of traffic before blocking other types of traffic. To reorder access rules: Choose Firewall > Access Rules. STEP 1 Click Reorder. STEP 2 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Choose All Traffic to allow the rule to apply to all applications and services, or choose a single application to block: • Domain Name System (DNS), UDP or TCP • File Transfer Protocol (FTP) • Hyptertext Transfer Protocol (HTTP) Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 93
Address Range—The rule applies to traffic originating from an IP address located in a range of addresses. Enter the starting IP address in the Start field, and the ending IP address in the Finish field. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Adding or Editing an Internet Access Policy To create a Internet access policy: Choose Firewall > Internet Access Policy. STEP 1 Click Add Row. STEP 2 In the Status field, check Enable. STEP 3 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 95
From the Type drop-down menu, choose how to block a website (by specifying the URL or by specifying a keyword that appears in the URL). c. In the Value field, enter the URL or keyword used to block the website. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Choose Firewall > Single Port Forwarding. A preexisting list of applications is STEP 1 displayed. In the Application field, enter the name of the application for which to configure STEP 2 port forwarding. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
In the IP Address field, enter the IP address of the host on the LAN side to which STEP 8 the specific IP traffic will be forwarded. In the Enable field, check the Enable box to enable the rule. STEP 9 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
In the Triggered Range fields, enter the port number or range of port numbers that STEP 3 will trigger this rule when a connection request from outgoing traffic is made. If the outgoing connection uses only one port, enter the same port number in both fields. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 99
In the Interface drop-down menu, choose Both (Ethernet & 3G), Ethernet, or 3G. STEP 5 In the Enable field, check the Enable box to enable the rule. STEP 6 Click Save. STEP 7 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
You do not have to configure VPN policies. Remote users can connect by using the PPTP client from a Microsoft computer. There is no need to install a VPN client. However, be aware that security vulnerabilities have been found in this protocol. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
VPN Clients Remote Access with Cisco QuickVPN For quick setup with basic VPN security settings, distribute Cisco QuickVPN software to your users, who can then securely access your network resources. Use this option if you want to simplify the VPN setup process. You do not have to configure VPN policies.
Instruct users to obtain the free Cisco QuickVPN software from Cisco.com, and STEP 2 install it on their computers. See Using the Cisco QuickVPN Software To enable access using Cisco QuickVPN on your device, you must enable remote STEP 3 management to open port 443 for SSL. See Configuring Basic Firewall Settings.
To edit settings for a QuickVPN user, check the box and click Edit. Make changes and click Save. To delete a QuickVPN user, check the box , click Delete and click Save. For more information about QuickVPN, see Appendix A, “Using the Cisco QuickVPN Software.” Cisco RV215W Wireless-N VPN Firewall Administration Guide...
For example, you can configure the device at a branch site to connect to the router at the corporate site, so that the branch site can securely access the corporate network. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 105
Remote Endpoint—Choose the way the remote endpoint, or the router to which the device will connect, is identified. For example, by an IP address such as 192.168.1.1, or by a fully qualified domain name such as cisco.com. • Remote WAN (Internet) IP Address—Enter the public IP address or domain name of the remote endpoint.
The default values used in the basic VPN settings are those proposed by the VPN consortium and they assume you are using a pre-shared key, or password, that is known to both the device and the router on the other end (for example, a Cisco RV220W). To view the default values: Choose VPN >...
In the IKE SA Parameters section, the Security Association (SA) parameters STEP 2 define the strength and mode for negotiating the SA. You can configure the following settings: • Encryption Algorithm—Choose the algorithm used to negotiate the SA: 3DES AES-128 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 108
DPD message before considering the peer to be dead. Check the XAUTH Type Enable check box to configure extended authentication STEP 3 for your IPsec VPN policy. Provide the authentication username and password. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Remote Endpoint—Select the type of identifier that you want to provide for the gateway at the remote endpoint: IP Address or FQDN (Fully Qualified Domain Name). Enter the identifier in the space provided. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 110
For a Manual policy type, enter the settings in the Manual Policy Parameters section: • SPI-Incoming, SPI-Outgoing—Enter a hexadecimal value between 3 and 8 characters; for example, 0x1234. • Encryption Algorithm—Select the algorithm used to encrypt the data: 3DES AES-128 AES-192 AES-256 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 111
The default value is 3600 seconds. The minimum value is 300 seconds. • Encryption Algorithm—Select the algorithm used to encrypt the data. • Integrity Algorithm—Select the algorithm used to verify the integrity of the data. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
To import a certificate: Choose VPN > Certificate Management. STEP 1 Click the Import Certificate From a File button. STEP 2 Click Browse and locate the certificate file. STEP 3 Click Install Certificate. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 113
You can export certificates for clients to your computer or to an external location on a USB drive. The certificate for the client allows QuickVPN users to securely connect to the Cisco RV215W. QuickVPN users must place the certificate in the install directory of the QuickVPN client.
PPTP Check Enable to allow PPTP tunnels to pass through the device. L2TP Check Enable to allow Layer 2 Tunneling Protocol (L2TP) tunnels to pass through the device. Click Save. STEP 3 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Configuring Quality of Service (QoS) The Cisco RV215W lets you configure the following quality of service (QoS) features: • Configuring Bandwidth Management, page 116 • Configuring QoS Port-Based Settings, page 119 • Configuring CoS Settings, page 120 • Configuring DSCP Settings, page 121 Quality of service (QoS) assigns priority to various applications, users, or data flows, or guarantees a level of performance to a data flow.
STEP 1 In the Bandwidth Management field, check Enable. The maximum bandwidth STEP 2 provided by your ISP appears in the Bandwidth section. In the Bandwidth Priority Table, click Add Row. STEP 3 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 118
To delete an entry from the table, check the relevant box, click Delete and click Save. To add a new service definition, click the Service Management button. You can define a new service to use for all firewall and QoS definitions. See Configuring Services Management. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Configuring Quality of Service (QoS) Configuring QoS Port-Based Settings Configuring QoS Port-Based Settings You can configure QoS settings for every LAN port on the Cisco RV215W. The device supports 4 priority queues that allow for traffic prioritization per physical switch port.
STEP 1 Choose the Ethernet or 3G radio button. STEP 2 For each CoS priority level in the CoS Settings Table, choose a priority value from STEP 3 the Traffic Forwarding Queue drop-down menu. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
For each DSCP value in the DSCP Settings Table, choose a priority level from the STEP 4 Queue drop-down menu. This maps the DSCP value to the selected QoS queue. Click Save. STEP 5 To restore the default DSCP settings, click Restore Default and Save. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Configuring Date and Time Settings, page 134 • Backing Up and Restoring the System, page 135 • Upgrading Firmware or Changing the Language, page 139 • Restarting the Cisco RV215W, page 141 • Restoring the Factory Defaults, page 142 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Password Aging Check Enable to expire passwords after a specified time. Password aging time Enter the number of days after which the password expires (1–365). The default is 180 days. Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Configuring User Accounts The device supports two user accounts for administering and viewing settings: an administrative user (default user name and password: cisco) and a guest user (default user name: guest). The guest account has read-only access. You can set and change the username and password for both the administrator and guest accounts.
In the SNMP System Information section of the SNMP page, you can enable SNMP. Before you can use SNMP, install SNMP software on your computer. The device supports only SNMPv3 for SNMP management and SNNPv1/2/3 for SNMP trap messages. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Choose Administration > SNMP. STEP 1 Under SNMPv3 User Configuration, configure the following settings: STEP 2 UserName Select the account to configure (admin or guest). Access Privilege Displays the access privileges of the selected user account. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
STEP 2 IP Address Enter the IP address of the SNMP manager or trap agent. Port Enter the SNMP trap port of the IP address to which the trap messages will be sent. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
You can use the PING utility to test connectivity between this router and another device in the network. You can also use the Ping tool to test connectivity to the Internet by pinging a fully qualified domain name (for example, www.cisco.com). To use PING: Choose Administration >...
Page 129
Choose Administration > Diagnostics > Network Tools. STEP 1 In the Internet Name field, enter the Internet name of the host. STEP 2 Click Lookup. The nslookup results appear. STEP 3 Click Close when done. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
STEP 3 mirroring, do not use it for any other traffic. Click Save. STEP 4 Configuring Logging The Cisco RV215W allows you to configure logging options. Configuring Logging Settings To configure logging: Choose Administration > Logging > Log Settings. STEP 1 In the Log Mode field, check Enable.
Page 131
To enable these logging settings, check this box. Click Save. STEP 5 To edit an entry in the Logging Setting Table, select the entry and click Edit. Make your changes, then click Save. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Administering Your Router Configuring Logging Configuring E-mail Settings You can configure the Cisco RV215W to send event logs, new firmware alerts and 3G alerts by e-mail. We recommend that you set up a separate e-mail account for sending and receiving e-mail alerts.
Page 133
Time If you chose a daily or weekly schedule for sending logs, choose the time of day at which to send the logs. Click Save. STEP 5 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Administering Your Router Configuring Bonjour Configuring Bonjour Bonjour is a service advertisement and discovery protocol. On the Cisco RV215W, Bonjour only advertises the default services configured on the device when Bonjour is enabled. To enable Bonjour: Choose Administration > Bonjour.
When the firewall is working as configured, you can back up the configuration for restoring later. During backup, your settings are saved as a file on your PC. You can restore the firewall settings from this file. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
You can download the startup configuration to other Cisco RV215W devices for easy deployment. Mirror configuration Select this option to instruct the device to back up the startup configuration after 24 hours of operation without any change in the startup configuration.
USB devices. Click Start to Upload. STEP 4 The device uploads the configuration file and uses the settings it contains to update the startup configuration. The device then restarts and uses the new configuration. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
To generate an encryption key: Choose Administration > Backup/Restore Settings. STEP 1 Click Show Advanced Settings. STEP 2 In the box, enter the seed phrase used to generate the key. STEP 3 Click Save. STEP 4 Cisco RV215W Wireless-N VPN Firewall Administration Guide...
STEP 4 upgraded, check one of the following check boxes: • Notify via Admin GUI— Receive notifications on the RV215W Administration GUI when you log on the next time. • Email to — Receive notifications through e-mail alerts. Click Email Address to configure e-mail settings.
Download the latest firmware to your PC or to a USB device. To download the STEP 3 latest version of the firmware from cisco.com to a USB device, click Start Download in Save to USB from cisco.com. To upgrade to the latest firmware version, choose one of the following options to...
Using Cisco QuickVPN Overview This appendix explains how to install and use the Cisco QuickVPN software that can be downloaded from Cisco.com. QuickVPN works with computers running Windows 7, Windows XP, Windows Vista, or Windows 2000. (Computers using other operating systems will have to use third-party VPN software.) This appendix includes the following sections: •...
Installing the Cisco QuickVPN Software Installing the Cisco QuickVPN Software Installing from the CD-ROM Insert the Cisco RV215W CD-ROM into your CD-ROM drive. After the Setup STEP 1 Wizard begins, click the Install QuickVPN link. The License Agreement window appears.
Page 145
The Setup Wizard copies the files to the chosen location. Copying Files Finished Installing Files Click Finish to complete the installation. Proceed to “Using the Cisco QuickVPN STEP 5 Software,” on page 146. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Appendix B, “Where to Go From Here,” go to the Software Downloads link. STEP 1 Enter Cisco RV215W in the search box and find the QuickVPN software. STEP 2 Save the zip file to your PC, and extract the .exe file.
Page 147
To terminate the VPN tunnel, click Disconnect. To change your password, click Change Password. For information, click Help. If you clicked Change Password and have permission to change your own STEP 9 password, the Connect Virtual Private Connection window appears. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 148
New Password field. Then enter the new password again in the Confirm New Password field. Click OK to save your new password. STEP 11 You can change your password only if the Allow User to Change Password box NOTE has been checked for that username. Cisco RV215W Wireless-N VPN Firewall Administration Guide...
Page 149
Software Downloads Go to tools.cisco.com/support/downloads, and (Login Required) enter the model number in the Software Search box. Product Documentation Wireless-N VPN Firewall www.cisco.com/en/US/products/ps9923/ tsd_products_support_series_home.html Cisco Partner Central www.cisco.com/web/partners/sell/smb (Partner Login Required) Marketplace www.cisco.com/go/marketplace Cisco RV215W Wireless-N VPN Firewall Administration Guide...