Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

RVS4000 HTTP Blocking

Hi,

I'm having some trouble getting a Cisco RVS4000 router working like I'd want...

Basically, I want to configure it to block HTTP access. I've set the access control rules using the web interface and configured the web interface to use HTTPS. However, when I test it, HTTP traffic is still being allowed.

At the moment I'm just testing, but I need to implement this for a company so I'd really like to get it right.

My test setup is pretty much two PCs; both connected to the router's LAN ports. One machine is a web server, which I connect to from the other machine for testing. I could configure the web server to require HTTPS, but I specifically want to use the router to perform this filtering.

One thing I suspect is that because both PCs connect to the router via LAN, it's treating the connections like a switch would and therefore bypassing the router's firewall configuration. Also, when using the tracert command to trace the route from one machine to the other, the router doesn't show up as a hop which enforces my suspicion that the router config is being bypassed.

Can anyone say whether there is any truth to this?

I've also heard that UPnP could messing me around, but I've disabled it and there's been no change.

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: RVS4000 HTTP Blocking

Hi James,

As you suspected, since the 2 PCs are on the same LAN, the client will send the web request directly to the web server and the router will not firewall the traffic. The firewall policies you can specify are only for inbound (i.e. WAN -> LAN) connections or outbound (i.e. LAN -> WAN) connections.

If you move the web server to be outside of the router, do your policies work? This would be a more accurate test of your configuration.

Hope that helps.

-Mike

2 REPLIES
Cisco Employee

Re: RVS4000 HTTP Blocking

Hi James,

As you suspected, since the 2 PCs are on the same LAN, the client will send the web request directly to the web server and the router will not firewall the traffic. The firewall policies you can specify are only for inbound (i.e. WAN -> LAN) connections or outbound (i.e. LAN -> WAN) connections.

If you move the web server to be outside of the router, do your policies work? This would be a more accurate test of your configuration.

Hope that helps.

-Mike

New Member

Re: RVS4000 HTTP Blocking

Hi Mike,

Thanks for the reply.

However, since posting, I contacted Cisco tech support and they helped me through all the settings

and I now have everything working as I need. I have now moved the web server outside of the router

and all the policies are working fine.

But it's nice to have confirmation that the traffic isn't being firewalled through the LAN .

Thanks again,

James

401
Views
0
Helpful
2
Replies
CreatePlease to create content