Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Configure Basic Firewall Settings on the RV34x Series Router

Objective

The primary objective of a firewall is to control the incoming and outgoing network traffic by analyzing the data packets and determining whether it should be allowed through or not, based on a predetermined rule set. A router is considered to be a strong hardware firewall due to functions that allow filtering of inbound data. A network firewall builds a bridge between an internal network that is assumed to be secure and trusted and another network, usually an external internetwork such as the Internet that is assumed not to be secure and untrusted.

The objective of this article is to explain how to configure the Basic Firewall Settings on the RV34x Series Router.

Applicable Devices

  • RV34x Series

Software Version

  • 1.0.00.33

Configure Basic Firewall Settings

Step 1. Log in to the web-based utility and choose Firewall >Basic Settings.

Step 2. Check the Enable Firewall check box to activate the Firewall feature.

Note: This is enabled by default.

Step 3. Check the Enable Dos (Denial of Service) check box to secure your network against DoS attacks.

Note: This is enabled by default.

Step 4. Check the Enable Block WAN Request check box to deny ping requests to the RV34x Series Router.

Note: This is enabled by default.

Step 5. In the LAN/VPN Web Management area, check the HTTP and/or the HTTPS check box to enable traffic from these protocols.

  • HTTP — Hyper Text Transfer Protocol is a data transfer protocol used on the Internet.
  • HTTPS — Hyper Text Transfer Protocol Secure is a secure version of HTTP which encrypts packets for increased security.

Note: For this example, the HTTPS check box is checked.

Step 6. (Optional) Check the Enable Remote Web Management check box to enable remote management. Otherwise, skip to Step 11.

Step 7. If you enabled Remote Web Management, enter a port number ranging between 1025 to 65535, which remote management is allowed. The default is 443.

Note: In this example, 1666 is used.

Step 8. Choose the type of protocol used to connect to the firewall by choosing a radio button. The options are HTTP and HTTPS.

Note: In this example, HTTPS is chosen.

Step 9. In the Allowed Remote IP Addresses area, choose a radio button to either allow any IP address to access the network remotely or to specify a range of either IPv4 or IPv6 addresses.

Note: For this example, an IP Range was chosen.

Step 10. (Optional) In the IP Range fields, specify the starting and ending IP addresses to be allowed to access the network. These must be statically assigned hosts on a network.

Note: In this example, the starting IP address is 128.112.59.21 and the ending IP address is 128.112.59.34.

Step 11. (Optional) Check the Enable SIP ALG check box to enable Session Initiation Protocol (SIP) Application Layer Gateway (ALG) to pass through the Firewall. This feature can be enabled to help SIP packets pass through the firewall. A SIP packet is used to initiate connections of voice traffic. If your VoIP provider uses a different Network Address Translation (NAT) traversal protocol, this feature can be disabled which is the default setting.

Note: For this example, this option is left disabled.

Step 12. (Optional) If you enabled SIP ALG check box in Step 11, specify the File Transfer Protocol (FTP) port of SIP ALG in the FTP ALG Port field. The default is 21.

Note: For this example, the default is used.

Step 13. (Optional) Check the Enable UPnP check box to enable Universal Plug and Play (UPnP). This feature is disabled by default.

Note: For this example, it is left disabled.

Step 14. (Optional) Under the Restrict Web Feature area, check the check boxes of the types of web features to block in the Block area. These check boxes are disabled by default. The options are:

  • Java — All web elements containing this type web element will be blocked. This setting can help prevent Java-based web attacks. 
  • Cookies — Cookies are data that is stored in the computer to help websites understand who is accessing them. Blocking them can prevent malicious cookies from accessing data. 
  • ActiveX — It is a plugin developed by Microsoft to improve a browsing experience. Blocking it can prevent malicious ActiveX plug-ins from harming network devices.  
  • Access to Proxy HTTP Server — HTTP Proxy Servers hide details of end users from hackers. They work as middlemen so a client does not access the Internet directly. However, if local users have access to WAN proxy servers, they may be able to find a way around the content filters on the router to access Internet sites blocked by the router.

Note: For this example, the check boxes are left disabled.

Step 15. (Optional) Check the Enable Exception check box to allow only selected web features such as Java, Cookies, ActiveX, or Access to HTTP Proxy Servers and restrict all other. This is disabled by default.

Note: For this example, it is left disabled.

Step 16. (Optional) In the Trusted Domains Table, click the Add button to add domains that are trusted or permitted to access on the network.

Step 17. In the Domain Name field, enter a domain name to be granted access to the network.

Note: For this example, www.facebook.com is used.

Step 18. Click Apply.

Step 19. (Optional) To save the configuration permanently, go to the Copy/Save Configuration page or click the icon at the upper portion of the page.

You should now have successfully configured the Basic Firewall Settings on the RV34x Series Router.

 

Version history
Revision #:
1 of 1
Last update:
‎03-03-2017 12:34 AM