08-03-2012 01:29 PM - edited 03-21-2019 06:06 AM
I have a number of customers using the RV120w Small Business Firewall/Router in their business, and am having problems deploying the UC320w into these networks in a greyfield scenario. I am following the published Cisco document for configuring the up-front firewall, but cannot get the RV120w to forward the required packets to the UC320w. All customers are using NexVortex SIP trunking. With the RV120w, inbound calls either do not ring the phones or ring but exhibit one-way communication when answered. I have had good success when deploying the UC320w greyfield behind the RV180w (very similar device), set up in the identical way.
Has anyone else had success using the RV120w with latest firmware in a UC320w greyfield deployment?
What ports should be forwarded to the UC320w?
Here is my router configuration on both RV120w and RV180w devices:
VLAN 4 created, untagged on LAN port 4
VLAN 4 configured with IP 192.168.2.253 (255.255.255.252)
DHCP off on VLAN 4
VLAN 1 untagged on LAN ports 1, 2, 3
VLAN 1 configured with IP 192.168.10.5 (255.255.255.0)
DHCP off on VLAN 4 (DHCP provided on customer network by Small Business Server)
WAN configured with public static IP address from DSL modem
Port forwarding configured for the Small Business Server (Ports 80, 443, 25, etc. forwarded to server static LAN IP)
DMZ Mode configured to forward all remaining incoming traffic to the UC320 at 192.168.2.254
(I have tried forwarding only SIP ports, etc, but have had best success with DMZ)
Enable SIP ALG Option in Firewall
UC320w configuration:
UC320w Topology: Routes Voice Only
UC320w VLAN 1 configured at 192.168.10.6 (255.255.255.0)
UC320w VLAN 100 at defaults
UC320w WAN configured at 192.168.2.254 (255.255.255.252) GW 192.168.2.253
Thanks,
Andy Williams
08-03-2012 01:54 PM
Andy,
I have sent internal email asking for details on your questions related to the RV120W and RV180W routers with the UC320W.
I will post a reply once I have an answer back on from the Cisco Small Buisness Router team.
Regards,
Randy
08-03-2012 02:54 PM
Hi,
There is an open issue with the DMZ;
CSCts32168 Issue—When the DMZ is enabled, access to a device through the WAN is not allowed.
Workaround—Use port forwarding instead.
http://www.cisco.com/en/US/docs/routers/csbr/rv120w/release/notes/rv120_rn_v1_0_3_10.pdf
-Tom
08-04-2012 05:28 PM
Based on this info, I tried disabling the DMZ and adding an access rule at the bottom of my list of 5 other port forwards. This last access rule is to "allow any service from any address" and route the packets to the UC320w on VLAN4's subnet. This does not work any better. Maybe this "allow any service" fails in the same way as the DMZ checkbox?
Can someone provide info on what TCP and UDP ports should be forwarded from my NexVortex SIP provider to the UC320w? I will give configuring just specific ports a try.
Thanks,
Andy Williams
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide