Rv 120W- Firewall and Content Filtering

Unanswered Question
May 20th, 2011

Hi All,

I'm having a problem with a RV 120W wireless router.  I'm trying to block streaming video, keywords and block on URLs, but doesn't seem to block anything.  Also tried to control user bandwidth, but still runs at regular speed.  Not sure if the logging is working either.  No logs come up.

I upgraded the firmware to the lastest available.  I'm not sure if it's something not checked off or if this router is trashed.

Looks like it works.  Connects to the internet, but don't know if it's blocking anything.

Any help on this?

Attached is a config file.  It opened in Word Pad.

Thanks,

Vince

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 4.5 (2 ratings)
vdinenna71 Fri, 05/20/2011 - 11:15

After reading through the admin manual, I found that the LAN Group needed

to be populated with IPs of hosts. The LAN Group can be selected in the Content Filter settings.

There should be the ability to enter a range of IPs, but you must enter one at a time.

Still can't block streaming video and audio.

Thanks,

Vince

vdinenna71 Fri, 05/20/2011 - 11:35

After a reboot, that firewall began to block streaming video.

Actually pages with a streaming video window are just black.

Still have a problem with WDS between WAP4410N and RV 120W.

Can't seem to make WAP4410N a repeater for the RV120W.

Thank,

Vince

collegeitdept Wed, 04/18/2012 - 18:44

I am not able to properly block streaming video (Flash) on my new Cisco RV120w.  Can any one please help?

Thank you.

rmanthey Thu, 04/19/2012 - 07:08

Logan,

Are you using the content filtering to try and block the streaming video?

What does your configuration look like currently?

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

collegeitdept Fri, 04/20/2012 - 21:47

Hi Randy,

Thanks for responding.

I'm using content filtering.  I tried blocking in the URL blocking fields the following:

.flv

.swf

.mp4

.wma

etc...

I also had the firewall to always block RTSP:TCP

How should I properly block streaming video (and also if possible P-2-P bittorrent)??

What are the configurations I need to set to block streaming video?

Thanks Randy!

rmanthey Mon, 04/23/2012 - 07:38

Hello Logan,

With the RV120W the settings you have is about the only way to set it up. Much more and your going to block valid traffic. There are other third party solutions that might provide a deeper level on control.

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

collegeitdept Mon, 04/23/2012 - 22:04

But it's not working AT ALL!

It doesn't anything!

I think I may have set it up incorrectly.  Would you kindly provide with a step by step on how to block streaming flash video please??  Even if it only works 70% of the time.

Thanks.

rmanthey Thu, 04/19/2012 - 07:07

Vince,

The RV 120W and the WAP4410N has two different physical chipsets and WDS will not work between the two.

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

vdinenna71 Tue, 04/24/2012 - 06:57

Logan,

Hope this helps in some way.  See attached screenshots off my RV120.  This forum won't let me attach PDF of screenshots.

One thing you have to do is create a group for a set of defined users before you can apply content blocking.

I looked in every section, but I think it's created when you either start a new blocking by keyword or when the wireless is setup and a group is created to allow said group access to the wireless.  Either way, I'm not sure.

Vince

vdinenna71 Tue, 04/24/2012 - 07:11

Ok, I went back and read the RV120W PDF, duh.  The groups I was referring to are LAN Groups.  The steps are below.

From there, you can create keywords and apply blocking to groups based on those keywords.

Configuring LAN Groups

You can create LAN groups, which are groups of endpoints that are identified by

their IP address. After creating a group, you can then configure actions, such as

blocked keywords in a firewall rule, that apply to the group. (See

Adding Blocked

Keywords, page 87

To create a LAN Group:

STEP 1

Choose Networking > LAN > LAN Groups.

STEP 2

Click Add.

STEP 3

Enter the group name; spaces and quotes are not supported. Click Save.

STEP 4

In the LAN Groups page, click the box next to the group you just created and click

Host List.

STEP 5

To add endpoints to the group, click Add.

STEP 6

Enter the IP address of the endpoint and click Save. Repeat steps 4 through 6 for

each endpoint you want to add to the group.

rmanthey Tue, 04/24/2012 - 10:16

Vdinenna71,

The only way to block would be by URL or keywords, not file types. The content filter only inspects the HTTP Get commands of the packets, it can't look into the payload.

For your situation

For a better solution look for a content filter that blocks by DNS vs Http Get. Remember though that many Search Engines will do DNS queries which will circumvent the content filter.

The best solution is a client side IPS, content filter that will block using both technologies, they will also block https traffic that is normally not able to be filtered by network IPS/content filtering devices like the router.

The intended content filter solution for the RV120w is to block basic URL's and keywords.

Sorry for any confusion.

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

collegeitdept Tue, 04/24/2012 - 20:27

Thank you all SOO much for your help.

It worked.

I do have one last question, is there away to not display the "this page has been blocked by Cisco Router" - instead display a blank page?  I know my cheap old Linksys router did that, but that blocked by Cisco page causes a lot more anger.

collegeitdept Sat, 05/05/2012 - 21:39

I have one last question...  I managed to block as much of the streaming video (using URL Blocks of .flv, .wmv, etc...)  how do I block YouTube.com for 23 hours of the day (or allow access for 1 hour a day)...but maintaining all the other blocks intact 24 hours a day?

Thanks.

rmanthey Wed, 04/25/2012 - 06:45

Logan,

with the current firmware no, I have been asked this before, and I also agree it would be nice to be able to modify the page being displayed or redirect it to a webserver where you could control the page that is desplayed. However I am not sure if the hardware in the device would support this added load to the router. The only thing as customers we can do is to do a feature request, which would mean opening a case with the Cisco Small Business Support team. This will make the designers aware of the customers wants and the feature may be added to a future release.

Hope this helps.

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

collegeitdept Mon, 05/07/2012 - 16:27

I have one last question...  I managed to block as much of the streaming video (using URL Blocks of .flv, .wmv, etc...)  how do I block YouTube.com for 23 hours of the day (or allow access for 1 hour a day)...but maintaining all the other blocks intact 24 hours a day?

Also is there a way to block p2p file sharing (BitTorrent)?

Thanks.

collegeitdept Mon, 05/07/2012 - 16:30

Sorry to bother you again,

I setup QoS settings to give my attached VoIP device priority (76%) (medium 51, low 10)... and yet when an server sharing at a maximum rate of 57KBps, I still noticed my VoIP calls are extremely choppy.

Is there a way to improve call quality of VoIP calls set on Priority with the server uploading at a low kpbs but set with medium priority?

Thanks again.

Actions

Login or Register to take actions

This Discussion

Posted May 20, 2011 at 6:38 AM
Stats:
Replies:18 Avg. Rating:4.5
Views:2468 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard