SA520 as replacement for RV082 - Firewall problem

Unanswered Question
Apr 17th, 2010
User Badges:

I've been banging my head against the wall trying to replace our aging RV082 router with the SA520 unit.  We've successfully used the RV082 with one-to-one NAT for years but wanted to take a step up once we started having problems with it.  Please realize that I'm somewhat of a novice when it comes to routing technologies so I thought I could just setup static routes in place of 1to1 NAT and then setup firewall rules.  I'm pretty sure I was wrong on that when I found the reference on this forum to setup a firewall rule like this:

From Zone Insecure (WAN1)

To Zone Secure (LAN)

Service HTTP

Action ALLOW always

Source Hosts Any

Internal IP Address

External IP Address Other

Other IP Address

(public IP address)

So, after reading the documentation, I still don't know what static routes are for if not for doing what I wanted, google is no help and I can't seem to set up according to the instructions in chapter 5 of the manual.

Knowing that there was a bug related to this issue, I updated to the latest firmware 1.1.42 but I also tried 1.1.21 with identical results.  The problem is illustrated in the attached graphic.  There is no "Other" option available to me!  Similarly, when I try to setup an outbound rule that I'm not sure whether I need or not, I have no ability to set the address for the rule.

I can't put this new unit in until I have solved this problem and any help would be appreciated.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
weilia Mon, 04/19/2010 - 18:17
User Badges:
  • Cisco Employee,

you don't need an outbound rule, since by default outbound traffic is allowed.
Is your dedicate wan (primary) ip address ? If so, please select
the dedicate wan option.

instantexpert Tue, 04/20/2010 - 11:48
User Badges:

I called support and the answer was, in retrospect, rather obvious. 

I have to define an IP Alias for each external address and then use firewall rules to map internal addresses to those external addresses.  The piece I was missing was that I didn't understand what the IP Alias function was for.