Instruction/ maintenance manual of the product RV325K9NA Cisco Systems
Go to page of 122
Cis c o Small Busine s s RV320/RV325 Gigabit Dual W AN VPN Rout er ADMINISTR A TION GUIDE.
78-20928-02.
Cisco Small Busines s RV320/RV 325 Admin istration Guide 3 Con t e n ts Chapter 1: Getting Started 7 Using the Getting Started Window 7 Features of the User Interface 8 Chapter 2: System Summary 11 Sy.
Cisco Small Busine ss RV320/RV 325 Administration Guide 4 Con t en ts Advanced Routing 41 Configuring Dynamic Routing 41 Configuring Static Routing 42 Inbound Load Balance 43 USB Device Update 44 Chap.
Cisco Small Busines s RV320/RV 325 Admin istration Guide 5 Con t e n ts Port Status 70 Traffic Statistics 71 VLAN Membership 71 QoS:CoS/DSCP Setting 72 DSCP Marking 72 802.
Cisco Small Busine ss RV320/RV 325 Administration Guide 6 Con t en ts Chapter 10: Log 107 System Log 107 System Statistics 110 Processes 110 Chapter 11: SSL VPN 111 Status 112 Group Management 112 Res.
1 Cisco Small Busines s RV320/ RV325 Administration Guide 7 Get ting St ar te d Thank you f or choosing a Cis co RV320. This chapt er include s inf ormation to help you get started using your device. Using the Get ting St ar te d Window The default settings are sufficient f or many small business es.
Getting Started Fea tures of the Us er In ter face 8 Cisco Small Busines s RV320/R V325 Administration Guide 1 STEP 7 T o configure other settings , use the links in the navigation tr e e.
Get ting Star ted F eat ures o f the User In ter f ace Cisco Small Busines s RV320/ RV325 Administration Guide 9 1 Help T o view inf ormation about the se lected configuration page, click Help near the top right corner of the web int er face. If your web browser displa ys a warning mes sage about the pop-up window , allow the blocked cont ent .
Getting Started Fea tures of the Us er In ter face 10 Cisco Small Busines s RV320/R V325 Administration Guide 1.
2 Cisco Small Busines s RV320/ RV325 Administration Guide 11 System Summ ar y The Syst em Summar y displa ys information about the current status of the device connections , status, s ettings , and logs . System Informa tion Syst em inf orm ation descriptions : • Ser ial Nu mber — Serial number of the devic e.
System Summary Configur a tion (W izar d) 12 Cisco Small Busines s RV320/R V325 Administration Guide 2 C onfigura tion ( Wizard) T o acce ss the Internet connection setup wizard and be prompt ed through the pr ocess, cl ick Se tu p W iza rd to launch the Wizard .
System S ummar y IPv4 and I Pv6 Cisco Small Busines s RV320/ RV325 Administration Guide 13 2 • VL AN— VLAN ID of this por t . There ar e t wo pr e defined VLANs : 25 and 100 . VLAN 25 can b e used f or guest VL AN acces s and VL AN 100 can be used f or V oice traffic.
System Summary Sec ur ity S ta tus 14 Cisco Small Busines s RV320/R V325 Administration Guide 2 S e curit y Sta tus This se ction displa ys the status of the se curity f eatur es : • SPI (Stateful Pack et Insp ec tion) —Status of the firewall: On (green) or Of f (red).
System S ummar y SSL VPN S ta tus Cisco Small Busines s RV320/ RV325 Administration Guide 15 2 • PPTP T unnel(s) Use d— Point -t o-Point T unneling Prot o col (PPTP) tunnels in use.
System Summary Log Setting Status 16 Cisco Small Busines s RV320/R V325 Administration Guide 2.
3 Cisco Small Busines s RV320/ RV325 Administration Guide 17 Se t up Use the Setup > Net work page t o set up your LAN, W AN (Int ernet), DMZ, and s o fo r t h . Se t up N e t wo r k T o open the Network page, click Setup > Net work . Some IS Ps requir e that you as sign a hostname and domain name to identify your dev ice.
Setup Se tup Ne twor k 18 Cisco Small Busines s RV320/R V325 Administration Guide 3 Adding or Editing an IPv4 Network By default one IPv 4 LAN subnet work is configur ed, 192. 168. 1 . 1 . One subnetwork is usually sufficient for most small business es .
Setup Se tup Ne twor k Cisco Small Busines s RV320/ RV325 Administration Guide 19 3 T o configure WAN C o n n e c t i o n S e t t i n g s , select a W AN interface and click Edit .
Setup Se tup Ne twor k 20 Cisco Small Busines s RV320/R V325 Administration Guide 3 - Configure t o R A and DHCP v6 automatically—Provide Stat ele ss an d Stateful IPv6 address es f or L AN-side PCs . Static IP Choos e this option if y our ISP as signed a permanent IP address to your account .
Setup Se tup Ne twor k Cisco Small Busines s RV320/ RV325 Administration Guide 21 3 PPPoE Choo se this option if y our ISP use s PPPo E (Po int-t o-Point Prot o col over Ethernet) t o establish Internet connections (typical f or DS L lines).
Setup Se tup Ne twor k 22 Cisco Small Busines s RV320/R V325 Administration Guide 3 T o configure the IPv6 parameters, che ck Enable . The DHCP v6 client proces s and requests f or prefix delegation through the select ed interface are enabled. Us e this option when your ISP is capable of sendin g LAN prefixes by using DHCP v6.
Setup Se tup Ne twor k Cisco Small Busines s RV320/ RV325 Administration Guide 23 3 • Conne ct ion Timers —Connection is dis connected after a period of inactivit y . - Co nnec t on De mand — When this f eature is enabled, the device automatically establishes your connection.
Setup Se tup Ne twor k 24 Cisco Small Busines s RV320/R V325 Administration Guide 3 Stateless Address Autoconfiguration (IPv6) Choos e this option if your ISP uses IP v6 Router Solicitations and R out.
Setup Se tup Ne twor k Cisco Small Busines s RV320/ RV325 Administration Guide 25 3 IPv6 in IPv4 Tunnel (IPv6) Choo se this option if y our ISP us es IP v6 in IP v 4 T unnel to establish Internet connections . Yo u m u s t e n t e r a n I P v 4 Static IP addres s.
Setup Se tup Ne twor k 26 Cisco Small Busines s RV320/R V325 Administration Guide 3 6to4 Tunnel (IPv6) Choos e this option t o establish an auto-tunnel in an IPv4 network (or real IP v 4 Internet connection) acr os s tw o independ ent IP v6 net works.
Setup Se tup Ne twor k Cisco Small Busines s RV320/ RV325 Administration Guide 27 3 IPv6 Rapid Deployment (6rd) Tunnel (IPv6) Choo se this option if y our ISP us es 6rd T unnel (IP v6 Rapid D eployment) t o establish Internet connections . Ent er the set tings provided by y o ur ISP .
Setup Se tup Ne twor k 28 Cisco Small Busines s RV320/R V325 Administration Guide 3 USB 1 or USB2 Por t S et tings USB p or t configuration manages the c onnection bet ween this devic e and the USB dongle. It also manag es W AN por t fail over (r edundancy) .
Setup Se tup Ne twor k Cisco Small Busines s RV320/ RV325 Administration Guide 29 3 Set ting Failover and Rec over y While both an Ethernet and mobile net work link might be a vailabl e, only one connection at a time can be us ed to establish a W AN link .
Setup Se tup Ne twor k 30 Cisco Small Busines s RV320/R V325 Administration Guide 3 - Ex tra Charge —Cost in doll ars if a g iv en peri od of ti me i s e xceeded. - Stop conne ction ...—Che ck t o enable dropping the connection when the time ex ce eds the given time.
Setup DMZ Enable Cisco Small Busines s RV320/ RV325 Administration Guide 31 3 DMZ Enable A DMZ is a subnetwork that is open to the public but behind the fir ewall. A DMZ all ows yo u to red irect pac kets c omi ng in to your W AN p or t to a sp ec ific IP a ddres s in your LAN.
Setup Passw ord 32 Cisco Small Busines s RV320/R V325 Administration Guide 3 ! CAUT IO N The pas sword cannot be recovered if it is lo st or f orgotten. If the password is lost or f orgot ten, the device must be r eset to the fact or y default set tings, removing all configuration change s.
Setup Ti m e Cisco Small Busines s RV320/ RV325 Administration Guide 33 3 When Minimum Pass word Co mplexit y - Enable is checked, the Password Strength Meter indicates the password str ength, b ased on the c omple xit y rules . The scale range s fr om red (unacceptable) to yellow (acceptable) to gr e en ( strong).
Setup DMZ Host 34 Cisco Small Busines s RV320/R V325 Administration Guide 3 T o configure NTP and time settings , choos e Setup > Time . • Time Zone — T ime zone r elative to Gr e en wich Mean T ime (GMT ) . • Daylight Savings Time —Enable or dis able the adjustment f or da ylight savings time.
Setup (Port) Forwarding Cisco Small Busines s RV320/ RV325 Administration Guide 35 3 Use this function to establish a web ser ver or FTP ser v er . Make sur e that you enter a valid IP addr es s. ( T o run an Internet ser ver , it might b e neces sar y to use a static IP addr es s.
Setup (Por t) F orwarding 36 Cisco Small Busines s RV320/R V325 Administration Guide 3 • Por t Range— Range of por t numbers reser ved f or this ser vic e. STEP 4 Click Sa v e . Configurin g Port Triggering Port triggering allows the devic e t o mo nit or outgoing data f or spe cific por t numbers .
Setup Port Address T ransla tion Cisco Small Busines s RV320/ RV325 Administration Guide 37 3 Por t A ddres s T ranslation Port Address T ranslation (P A T ) is an extension of Network Addres s T r anslation (NA T ) that p ermits multiple devices on a L AN t o be mappe d to a single public IP address to conser ve IP addres ses .
Setup Se tti ng Up On e- to- On e N A T 38 Cisco Small Busines s RV320/R V325 Administration Guide 3 Adding or Editing a S er vic e Name T o add or edit an entr y on the Ser vic e list: STEP 1 Click Se r v ice Ma na ge me n t . If the web br ows er displa ys a warning about the pop-up window , allow the blocked c ont ent .
Setup MAC Address Cloning Cisco Small Busines s RV320/ RV325 Administration Guide 39 3 T o enable this f eatur e, check Enable . T o add an entr y to the list , click Add and ent er the following inf ormation: • Private Rang e B egin— Star ti ng IP addr es s of the internal IP addres s range that you want t o map to the public range.
Setup Assigning Dynamic DNS to a W AN Interface 40 Cisco Small Busines s RV320/R V325 Administration Guide 3 A s signing D ynamic DNS to a W AN In ter fac e Dynamic D omain Name Syst em (DDNS) s er v .
Setup Advance d Routing Cisco Small Busines s RV320/ RV325 Administration Guide 41 3 Advanc e d Routing This f eature enables dynamic routing and adds static rout es to the ro uting table f o r IP v 4 and IP v6. T o view the r outing table, click View Routing T able .
Setup Advanc ed Routing 42 Cisco Small Busines s RV320/R V325 Administration Guide 3 ( VLSM) . RIP v 1 als o lacks suppor t f or rout er authentication, making it vulnerable to attacks . RIP v2 carrie s a subnet mask and suppor ts password authentication securit y .
Setup Inboun d L oad Balan ce Cisco Small Busines s RV320/ RV325 Administration Guide 43 3 T o delete an entr y from the list, click the entr y that you want t o delete, and then click Del et e . T o view curr ent data, click View Routing T able . The Routing T able Entr y List appears .
Setup USB Devic e Update 44 Cisco Small Busines s RV320/R V325 Administration Guide 3 STEP 6 Click SPF Set tings to add SPF t ext . S PF (Sender P olicy Framework) is an email validation syst em that prev ents email spam by detecting email spo ofing (a common vulnerabilit y) by verifying sender IP address es .
4 Cisco Small Busines s RV320/ RV325 Administration Guide 45 DHCP Dynamic Host C onfiguration Prot oc ol (DHCP) is a network prot ocol that is us ed to configure network device s t o communicate on an IP network .
DHCP DHCP Setup 46 Cisco Small Busines s RV320/R V325 Administration Guide 4 DHCP S etup DHCP Setup configures DHCP f or IP v 4 or IP v6. It also allows some device s t o download their configuration from a TFTP se r ver .
DHCP DHCP S etup Cisco Small Busines s RV320/ RV325 Administration Guide 47 4 • Client Lease Time —Amount of time in minute s that a network user is allowed to connect to the rout er with the current IP address . V alid values are 5 t o 43200 minut es .
DHCP V iewing the DHCP Status 48 Cisco Small Busines s RV320/R V325 Administration Guide 4 • DHCP Rela y —Pa s s e s D HC P re qu e st s a nd rep li e s fro m a no th er D HC P ser ver through the device. • Client Le ase Time —Amount of time that a net work user is allowe d t o connect to the rout er with the curr ent IP addres s.
DHCP Option 82 Cisco Small Busines s RV320/ RV325 Administration Guide 49 4 • DHCP A vailable— Numb er of dynamic IP addr es ses available. • To t a l — T otal numb er of dynamic IP addr es ses managed by the DHCP ser ver . The Client T able shows the DHCP client inf ormation: • Client Host Name— Name assigned to a client host .
DHCP IP and MAC Binding 50 Cisco Small Busines s RV320/R V325 Administration Guide 4 IP and MA C Binding When the device is configured as a DHCP ser ver or f or DHCP rela y , you can bind static IP ad dr es ses to up to 100 net work device s, such as a we b ser ver or an F TP ser ver .
DHCP DNS Local Databas e Cisco Small Busines s RV320/ RV325 Administration Guide 51 4 Edit or Delete Bound Entries To Edit the set tings, s elect an entr y in the list and click Edit . The inf ormation appears in the te x t fields . Mak e the changes , and click Sa ve .
DHCP Rout er Adver tis ement (IPv6) 52 Cisco Small Busines s RV320/R V325 Administration Guide 4 T o change the T CP /IP c onnection set tings , f or example, on a PC running W i ndows, go to the L ocal Area Connection Proper t ies > In ternet Protoc ol > TCP /IP Proper ties window .
DHCP Rout er Adver tis ement (IPv6) Cisco Small Busines s RV320/ RV325 Administration Guide 53 4 ent er the Adver tis ement Inter val ; the int er val at which Router Advertisement mes sages are sent. Enter an y value bet ween 10 and 1800 seconds . The default is 30 seconds .
DHCP Rout er Adver tis ement (IPv6) 54 Cisco Small Busines s RV320/R V325 Administration Guide 4.
5 Cisco Small Busines s RV320/ RV325 Administration Guide 55 System Man agement Syst em Management configures advance d set tings, such as diagno stic t ools , and per f orms tasks such as firmwar e upgr ad es, backu ps , a nd d evi ce r eboots.
System Management Dual W AN Connections 56 Cisco Small Busines s RV320/R V325 Administration Guide 5 • Dow ns tr eam — Maximum downstr eam bandwidth pr ovided by your ISP .
Syste m Mana geme nt Band widt h Ma nagemen t Cisco Small Busines s RV320/ RV325 Administration Guide 57 5 T o enable the pr otocol binding, check the box to enable this rule, o r uncheck the box to disable it. To Edit the settings , sele ct an entr y in the list .
System Management Ban dwid th Mana geme nt 58 Cisco Small Busines s RV320/R V325 Administration Guide 5 Maximum Band width Provide d by ISP Ent er the ma ximum bandwidth settings as specified by your ISP : • Upstre am— Maximum upstream bandwidth provided by your ISP .
Syste m Mana geme nt SNMP Cisco Small Busines s RV320/ RV325 Administration Guide 59 5 • Priorit y— Cho ose the priorit y f or this s er vice : High or Low . Default priority level is Medium, which is implied and not shown in the web int er face. Check the box t o enable this ser vice.
System Management SNMP 60 Cisco Small Busines s RV320/R V325 Administration Guide 5 • Tr a p C o m m un i t y N a m e — Password sent with each trap t o the S NMP manager . The string can be up to 64 alphanumeric charact ers . The def ault is public .
Syste m Mana geme nt Disc over y -Bonjour Cisco Small Busines s RV320/ RV325 Administration Guide 61 5 STEP 5 Click Sav e . T o add or edit a us er : STEP 1 Click Add or select a user and click Edit in the Us er T able. STEP 2 Enter the User Name . STEP 3 Select the Group fr om the drop-down menu.
System Management LLDP Proper ties 62 Cisco Small Busines s RV320/R V325 Administration Guide 5 LLDP Proper tie s Link Lay er Dis cover y Pr ot oc ol (LLDP) is a v endor -neutral prot o col in the Int.
Syste m Mana geme nt Using D iagno s tic s Cisco Small Busines s RV320/ RV325 Administration Guide 63 5 Using Diagno stic s The Diagnostic pag e acces se s two built-in t ools , DNS Name L ookup and Ping. If you suspect a problem with connectivity , you can use the se tools t o inv estigate the cause.
System Management Fir mw are Up gr ad e 64 Cisco Small Busines s RV320/R V325 Administration Guide 5 F irmware Upgrade This f eature downloads the firmwar e f or your device from a PC or a USB Flash drive and installs it . The window displays the F irmware V ersion currently running on the device.
Syste m Mana geme nt Re sta r t Cisco Small Busines s RV320/ RV325 Administration Guide 65 5 Alt ernatively , you can choos e a language in the f ollowing ways: • On the L o gin page, choose a language from the La ng u ag e drop-down list .
System Management Bac kup a nd R est or e 66 Cisco Small Busines s RV320/R V325 Administration Guide 5 B ackup and Re store Configuration files can be impor ted, e xp or t e d, and copied. The rout er has two managed configuration files , star tup and mirror .
Syste m Mana geme nt Back up a nd R e s tor e Cisco Small Busines s RV320/ RV325 Administration Guide 67 5 STEP 3 Click Sav e and choos e a file location. Optionally , enter a filename and click Sa ve . TIP The default filenames are St artup .co n fig and Mi r ro r .
System Management Bac kup a nd R est or e 68 Cisco Small Busines s RV320/R V325 Administration Guide 5.
6 Cisco Small Busines s RV320/ RV325 Administration Guide 69 Por t Management Use Port Management to configure port s ettings and view the status of the por t . Y ou can enable p ort mirr oring, disable a p or t , or set the priority , spee d, duple x mode, and auto-negotiation.
Port Management Por t St atu s 70 Cisco Small Busines s RV320/R V325 Administration Guide 6 • Dis able— Check this box to disable a por t . By default, all por ts are enabled. • EEE —Check this box to enable Energy-Efficient Ethernet that r educe s the consumption of power during pe rio ds of low data activity .
Por t Management T raf f i c St at i st i c s Cisco Small Busines s RV320/ RV325 Administration Guide 71 6 Traf f i c St at i s t i c s T o open this page, select Por t Management > T raffic St a tistic s in the na vigation tree. F or the s elected por t , the Statistic s table displa ys the f ollowing : • Por t ID —Location of the por t .
Port Management QoS:C oS/DSCP Setting 72 Cisco Small Busines s RV320/R V325 Administration Guide 6 Q oS:C oS/DS CP S et ting This option gr oups traffic by clas se s of ser vice (CoS) , ensuring bandwidth and higher priorit y f or the sp ecified s er vice s.
Por t Management 802. 1 X C onf igura tion Cisco Small Busines s RV320/ RV325 Administration Guide 73 6 802. 1 X C onfigura tion Po r t -based net work acces s contr ol uses the physical acces s chara.
Port Management 802. 1 X C onfigur ation 74 Cisco Small Busines s RV320/R V325 Administration Guide 6.
7 Cisco Small Busines s RV320/ RV325 Administration Guide 75 F irewall The primar y objective of a firewall is t o c ontro l the incoming and outgoing net work traffic by analy zing the data pack ets and det ermining whether it should b e allowed through or not , base d on a pr e det ermined rule set .
Firewall Acc ess Rules 76 Cisco Small Busines s RV320/R V325 Administration Guide 7 • Remote Management —Allows r emote management of the device when enabled.
Fi re wa l l Acc ess Rule s Cisco Small Busines s RV320/ RV325 Administration Guide 77 7 Adding an Access Rule to th e IPv4 Access Rule Table T o add (or edit) an IPv 4 acc es s rule: STEP 1 Click the IP v4 tab. STEP 2 Click Add (or select the row and click Edit ).
Firewall Conten t Filter 78 Cisco Small Busines s RV320/R V325 Administration Guide 7 STEP 6 Sel ect th e So ur ce I nt erf ace from the dr op- down me nu. STEP 7 Sel ect th e Source IP Prefix Length from the dr op- down menu. If you selected Single , ent er the source IP pr efix .
Fi re wa l l Conten t Filt er Cisco Small Busines s RV320/ RV325 Administration Guide 79 7 STEP 3 Enter a wor d in the Ke y w o rd colum n. STEP 4 Click Sav e . Accepting Allowed Domains T o specifically accept a domain: STEP 1 Select Acc ept Allowed Dom ains .
Firewall Conten t Filter 80 Cisco Small Busines s RV320/R V325 Administration Guide 7.
8 Cisco Small Busines s RV320/ RV325 Administration Guide 81 VPN A VPN is a connection b etwe en two endpoints in dif f erent networks that allows private data t o be s ent securely over a shar ed or public net work , such as the Internet.
VPN Summar y 82 Cisco Small Busines s RV320/R V325 Administration Guide 8 • Dom ai n Na me 1 thr ough 4 —If this r out er has a static IP address and a regist er ed domain name, such as MyS er ver .M yDomain.com , enter the Dom ai n Na me to use f or authentication.
VPN Gateway to Ga teway Cisco Small Busines s RV320/ RV325 Administration Guide 83 8 • Remote Client —IP addres s and subnet mask of the R e mot e Client . • De tails — IP add re s s o f t he Rem ote Gate way . • Tu n ne l T e s t— Status of the VPN tunnel.
VPN Gateway to Gateway 84 Cisco Small Busines s RV320/R V325 Administration Guide 8 • Enable— Check this b o x to enable the VPN tunnel, or uncheck it to disable the tunnel. By default , the tunnel is enabled. Lo cal Group S etup Ent er the settings f or the L o cal Gr oup Setup f or this rout er .
VPN Gateway to Ga teway Cisco Small Busines s RV320/ RV325 Administration Guide 85 8 - Dyna mi c I P + E-mail Addr .(USER FQDN) Authentic ation— This rout er has a dynamic IP addr es s and does not hav e a Dynamic DNS hostname. Enter an Email Addres s t o use f or authentication.
VPN Gateway to Gateway 86 Cisco Small Busines s RV320/R V325 Administration Guide 8 Remote Group Setup Ent er the set tings f or the Remot e Group Setup f or this r outer : • Remote Se curit y Gatewa y Typ e— Method f or identifying the router t o establish the VPN tunnel.
VPN Gateway to Ga teway Cisco Small Busines s RV320/ RV325 Administration Guide 87 8 • Lo cal S ecuri t y Group Type — LAN resources that can use this tunnel. The L o cal Securit y Group is f or this rout er ’ s L AN resources ; the R emote Securit y Group is f or the other r outer ’ s L AN resources .
VPN Gateway to Gateway 88 Cisco Small Busines s RV320/R V325 Administration Guide 8 • P erf ect Fo rwa rd Sec r ecy — Wh e n P e rf ec t F o rw ar d Se c r ec y ( P F S ) i s enabled, IKE Phase 2 .
VPN Gateway to Ga teway Cisco Small Busines s RV320/ RV325 Administration Guide 89 8 Advanc e d Set tings for IKE with Pre shared K ey and IKE with C ertific ate F or mo st users , the basic settings should suf fice ; advanced users can click Adva nced to displa y the advance d set tings.
VPN Gateway to Gateway 90 Cisco Small Busines s RV320/R V325 Administration Guide 8 • NA T T raversal— Network Addres s T ranslation (NA T ) enables us ers with privat e L AN addr es ses to acces s Internet r e sources by using a publicly routable IP addr e ss as the sou r c e addr es s.
VPN Clie nt to Gateway Cisco Small Busines s RV320/ RV325 Administration Guide 91 8 • Split DNS— Sends some of the DNS requests to one DNS ser ver and other DNS r eque sts t o another DNS ser ver , b ased on spe cified domain name s. When the r outer r e ceives an addr es s r esolution request from client, it inspec ts the domain name.
VPN Cli ent to Gateway 92 Cisco Small Busines s RV320/R V325 Administration Guide 8 • Easy VPN —Allows r emot e users to connect this devic e by using Cisco VPN Client (also known as Cis co E asy V PN Clie nt ) utility (available on the product CD) : - V ersion 5.
VPN Clie nt to Gateway Cisco Small Busines s RV320/ RV325 Administration Guide 93 8 Configuring Easy VPN Enter the f ollowing inf ormation: • Name— Name to describe the tunnel.
VPN Cli ent to Gateway 94 Cisco Small Busines s RV320/R V325 Administration Guide 8 Local Group Setup Enter the f ollow ing inf ormat ion: • Loc al S ecurit y Gateway Type— Method f or id entifying the rout er to establish the VPN tunnel. The Remot e Se curity Gat eway is the other r outer .
VPN Clie nt to Gateway Cisco Small Busines s RV320/ RV325 Administration Guide 95 8 • Lo cal S ecuri t y Group Type — Spec ify th e LAN r esour ces th at can access this tunnel. - IP Addres s— Choose this option to allow only one LAN device to acce ss the VPN tunnel.
VPN Cli ent to Gateway 96 Cisco Small Busines s RV320/R V325 Administration Guide 8 • IP + Email Addre ss (USER FQDN) Authentication— Client has a static IP address and you want t o us e an y em ail addres s f or authentication. The current W AN IP addres s appears automatically .
VPN Clie nt to Gateway Cisco Small Busines s RV320/ RV325 Administration Guide 97 8 IPSec Setup F or encr yption to be suc ces sful, the two ends of a VPN tunnel mu st agr e e on the methods of encr yption, de cr yption, and authentication. Enter e xactl y the same sett ings on both r outers.
VPN Cli ent to Gateway 98 Cisco Small Busines s RV320/R V325 Administration Guide 8 • Preshared Key— Pre sh are d ke y to us e to a ut he nt ic ate th e rem ote IK E p e er . Y ou can en t er up to 30 k eybo ar d chara cters or hexadecimal values, such as My_@ 123 or 4d795f 40313233.
VPN Clie nt to Gateway Cisco Small Busines s RV320/ RV325 Administration Guide 99 8 • AH Hash Algorithm— Authentication Header (AH) pr otocol describ es the pack et f ormat and def ault standar ds f o r packet struc ture.
VPN VPN Passthrough 100 Cisco Small Busines s RV320/R V325 Administration Guide 8 VPN Pas sthrough VPN P assthrough allows VPN clients t o pass through this r outer and connect t o a VPN endpoint and i s enabled by de fault. T o open this page, s elect VPN > VPN Pas sthrough in the na vigation tree.
9 Cisco Small Busines s RV320/RV 325 Administration Guide 101 C er tific a te Man agemen t A digital c ert ificat e cer tifie s the ownershi p of a public ke y by the named subject of the cer tificate.
Certificate Management My Cer tificat e 102 Cisco Small Busines s RV320/R V325 Administration Guide 9 Exporting or Displaying a Certificate or Private Key The client cer tificate enables the client t o conne ct t o the VPN.
Cer tificate Management T rusted SSL Cer tifica te Cisco Small Busines s RV320/RV 325 Administration Guide 103 9 T ruste d S SL C er tific a te Secure Sockets La yer (SS L ) is the standard security technology for cr eating an encr ypted link bet ween a web ser ver and a browser .
Certificate Management Certifi ca te G ener at or 104 Cisco Small Busines s RV320/R V325 Administration Guide 9 T o ex por t or display a cer tificat e, click the Exp ort C er tifica te icon. A pop-up window displa ys where y ou can Open the cer tificate f or insp ection or Sa v e the cer tificate t o a P C.
Cer tificate Management CSR Authoriza tion Cisco Small Busines s RV320/RV 325 Administration Guide 105 9 • K ey Encr yption Length —L ength of the ke y . • V alid Duration —Number of days the cer tificate is valid. STEP 2 Click Sav e . The My Cer tificat e window appears .
Certificate Management C S R A ut h or i zati on 106 Cisco Small Busines s RV320/R V325 Administration Guide 9.
10 Cisco Small Busines s RV320/RV 325 Administration Guide 107 Lo g L o gs document the status of the syst em, either by using traps or periodically . Sys te m Log Configure Short Me ss age Ser vice (S MS) logs and aler ts . T o open this page, select Log > System Log in the navigation tr e e.
Log Sys tem Log 108 Cisco Small Busines s RV320/R V325 Administration Guide 10 Configure ema il Notification T o configure E-mail notification, check En able and complete the f ollowing : • Mail S er ver —Name or IP addr es s of the mail ser ver .
Lo g Syst em Log Cisco Small Busines s RV320/RV 325 Administration Guide 109 10 Configure the Logs T o trigger log entries, select the events: • Syn Flo oding —T C P c o n n e c t i o n s r e q u e s t s a r e b e i n g r e c e i v e d f a s t e r t h a n t h e device can proces s them.
Log Syst em Sta tistics 110 Cisco Small Busines s RV320/R V325 Administration Guide 10 Additional Information (Log Buttons) If the web browser displa ys a warning about the p op-up window , allow the blocked content . Click Re fresh to u p da te th e da t a.
11 Cisco Small Busines s RV320/RV 325 Administration Guide 111 S SL VPN A SS L VPN (Secure Sockets La yer virtual private network) allows users to establish a se cur e, remote-acces s VPN tunnel t o this devic e by using a web browser . Users do not nee d a soft ware o r hardwar e client preinstalled on their computers.
SSL VPN Sta tus 112 Cisco Small Busines s RV320/R V325 Administration Guide 11 Status Pr ovides the status of the SS L VPN tunnels . A user can be logge d out from this window . T o open this page, s elect SSL VP N > Status in the na vigation tree.
SSL VPN Group M ana geme nt Cisco Small Busines s RV320/RV 325 Administration Guide 113 11 Delete a Group T o delet e a gr oup, click the name of the group that y ou want t o remov e in the SSL Status table and click De le te .
SSL VPN Gr oup Management 114 Cisco Small Busines s RV320/R V325 Administration Guide 11 • My De sktop —Enables RDP5 and VNC. Remote Desktop Pr otocol Client Enhancements ( RDP5 ) ActiveX bo okmar.
SSL VPN Reso ur c e Management Cisco Small Busines s RV320/RV 325 Administration Guide 115 11 Re s our c e Management SS L VPN suppor ts c ommon Micr o soft terminal ser vic es including W ord, Excel, Po werPoint, Ac ces s, Outlo ok , Int ernet Explor er , FrontP age, and ERP .
SSL VPN Advanc ed S etting 116 Cisco Small Busines s RV320/R V325 Administration Guide 11 Advanc e d S et ting Advance d SS L VPN set tings limit the ra nge of IP addres s that can acce ss ser vic es, change the ser vice p ort , or modif y the banners.
12 Cisco Small Busines s RV320/RV 325 Administration Guide 117 Wizar d From the W izard page, you can launch the Basic Setup wizard that guides you through the pr o ces s of initial configuratio n of the device. The Acc es s Rule wizar d guides you through the pr oc es s of configuring the securit y policy f or the net work .
Wizard Acces s R ule Se tu p 118 Cisco Small Busines s RV320/R V325 Administration Guide 12.
13 Cisco Small Busines s RV320/RV 325 Administration Guide 119 Us er Man agement User management c ontr ols domain and user acc ess , primarily use d f or PPTP , Cisco VPN Client (als o known as EasyVPN), and S SL VPN. T o open this page, select User Man agement in the na vigation tree.
User Manageme nt 120 Cisco Small Busines s RV320/R V325 Administration Guide 13 • LDAP —Lightweight Director y Acces s Prot o col. - Dom ai n —Domain name users s elect to log int o the SS L VPN por tal. - LDAP Ser ver Addre ss —IP v 4 addres s of the LD AP ser v er .
14 Cisco Small Busines s RV320/RV 325 Administration Guide 121 Wher e to Go F rom Her e Suppor t Cisco Small Busine ss Suppor t Communit y w w w .cisco.com/ go/ smallbizsuppor t Online T echnical Suppor t and Documentation (Login Required) w ww .cisco.
Where to Go From Here 122 Cisco Small Busines s RV320/R V325 Administration Guide 14 Cisco and the Cisco logo are trademarks or regist ered trademarks of Cisco and/or its affiliates in the U.S. an d other countries . To view a list of Cisco trademarks, go t o this URL: www.
An important point after buying a device Cisco Systems RV325K9NA (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought Cisco Systems RV325K9NA yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data Cisco Systems RV325K9NA - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, Cisco Systems RV325K9NA you will learn all the available features of the product, as well as information on its operation. The information that you get Cisco Systems RV325K9NA will certainly help you make a decision on the purchase.
If you already are a holder of Cisco Systems RV325K9NA, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime Cisco Systems RV325K9NA.
However, one of the most important roles played by the user manual is to help in solving problems with Cisco Systems RV325K9NA. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device Cisco Systems RV325K9NA along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center