RV016 firewall policies via telnet (rules, chains, etc.)
I am having some troubles finding information about how to configure firewall policies (rules, chains, etc.) via telnet on a RV016.
The reason for that is that i keep getting some log entries "connection refused - policy violation" and "blocked" even with my firewall wide open (only allow rules on all interfaces, SPI and block wan request disabled, multicast and https enabled, etc.... ). Also, with these exact same rules, i can only connect via PPTP with the firewall disabled. The minute i tick the enable option the tunnel never gets to authentication phase.
I then started reading OpenRG manual and many things are quite similar, but some other entries are missing from that manual (maybe some changes made by cisco???).
I am trying to figure out some service ids, chains (e.g. the rv016 has some rules redirecting to chains 10, 100, 200 but i can not find them anywhere), and so on. I have only one rv016 and about 60 connections to it so i can not experiment that much without having the whole company on my neck with internet problems.
Is there any manual that can be sent to me, publicly or privately (firstname.lastname@example.org), or config file via busybox shell that i can access to understand this better?
Thanks in advance and hope some one from cisco can give me a hand on this.
You will find two firewall settings areas via telnet: /nk/fw and /fw.
I set the /fw/enabled option to 0 (disabled).
I left the /nk/fw section activated but removed the default firewall rules (the ones which are greyed out in the webinterface; use the command rg_conf_del nk/fw/rule/[0,1,2,3,....] for the respective rule)
This way the firewall is wide open and I barely get connection refused, the internet speed is equal to other routers, vpn connections can get in. You can still use the web interface to configure website blocking (via url or keyword), but firewall rules themselves don't seem to work.
The disabled section (/fw) has several policies for access,deny and jumps. I suspect that if you study it and experiment with it you will be able to understand what does what and configure the firewall correctly. I managed to lock the router by removing a rule and had to do a hard reset to get access to it again.
If you find any new info, please post it here too, so we can do what cisco doesn't seem to care.
Configure DHCP WAN Settings on the RV34x Router
A Wide Area Network (WAN) is a network that covers a broad area. A user or network of users can connect to the Internet through an Internet Service Provider (ISP) who offer...
Configure Static IP WAN Settings on the RV34x Router
A Wide Area Network (WAN) is a network that covers a broad area. A user or network of users can connect to the Internet through an Internet Service Provider (ISP) who ...