RV042 Can't get forwarding, firewall, and client to gateway VPN to work together
I'm trying to set up a RV042 to do the following:
1) Block all WAN connections, except for:
2) Allow all port 80 connections, and forward to 10.4.20.60
3) Allow all port 443 connections, and forward to 10.4.20.60
4) Allow port 22 connections from specific IP addresses, and forward to 10.4.20.60
5) After a remote client has connected using Client to Gateway VPN, allow that remote client to access anything on the LAN
I'm able to do #1-4 above, but I can't get #5 to work. Or I can get #5 to work, but can't implement the restrictions I need in #1-4. Attached are some relevant screenshots. I think the problem is that I have Forwarding rules set up that require me to have a firewall rule to Deny All Traffic from WAN1 (unless I'm specifically allowing it). In the Access Rules screenshot, rule #6 is the problem. If I enable it (thereby denying all WAN1 traffic), then VPN clinents can't access anything on the LAN. However if disable this rule, VPN clinents can access anything on the LAN, but the firewall also opens up all outside connections to SSH, since that's set up in the Forwarding rules. I would have thought that once a remote client is connected using client to gateway VPN, then that client is considered to be on the LAN, as far as the firewall is concerned. Thus a firewall rule (like #6) that is specified for WAN1 shouldn't effect remote VPN clients.
Hello, This article will describe how to configure PPTP VPN on the new
RV340/345 routers from the Small Business series. RV340/345
Configuration The first step is to enable the PPTP Server: Go to VPN ->
PPTP Server Change PPTP Server: from Off to On Selec...
Article ID:5748 Use TheGreenBow VPN Client to Connect with RV34x Series
Router Introduction A Virtual Private Network (VPN) connection allows
users to access, send, and receive data to and from a private network by
means of going through a public or share...
Article ID:5728 Configure a Teleworker VPN Client on the RV34x Series
Router Objective The Teleworker VPN Client feature minimizes the
configuration requirements at remote locations by allowing the device to
work as a Cisco VPN hardware client. When the T...