I am trying to set up RV180 @ 2 locations. I have setup Port forwarding for Remote Desktop 3389 (Defined as a custom srvice), FTP and HTTP. When I try to access these services from within LAN it works fine, however from any other location only FTP works and RDP and HTTP are rejected. I have a static IP address. I have tried with both Port Forwarding as well as Access Rules. Please help ASAP.
|Action||Service||Status||Source IP||Destination IP||Internal Port|
|Source IP||Destination IP|
|Always Allow||HTTP||Enabled||Inbound (WAN (Internet) > LAN (Local Network))||Any|
|Always Allow||FTP||Enabled||Inbound (WAN (Internet) > LAN (Local Network))||Any|
|Always Allow||RDP||Enabled||Inbound (WAN (Internet) > LAN (Local Network))||Any|
If this is urgent, I suggest you call the Small Business Support Center. The phone numbers in your area are located here:
Cisco Small Business Community Manager
for Cisco Small Business Products
Have contacted Small Business Support Center. Had a long on-line session but issue could not be resolved. Waiting for further response from the support.
In the meanwhile if anyone has any solution, please respond.
Did you try to use a different browser, like Firefox or IE?
Is remote management is enabled, if so verify that it is not conflicting with your port 80.
For the RDP to work, make sure that it is enable don the computer and that computer is expecting RDP traffic on port that you specified 3389.
Hope that helps.
I think we spoke eariler today on the phone when you called in to speak with the current engineer that was working on your open case.
If you have not already make sure that the devices has the correct default gateway of the RV180 router and make sure that the workstation you are trying to RDP into is ready to except that type of traffic from a outside network.
If you have confirmed this information then what I would try doing is enabling WAN QoS. I have heard from other engineers that sometimes they are able to get port forwarding working this way. I would then look into doing a factory reset and reconfigure of the router to see if it could clear out any odd behavior in the code of the firmware.
I have done testing with this router in the lab and able to get port forwarding working with no problem.
At this point if you are still not able to get port forwarding to work then I would run a packet capture in the router on the LAN side and see if you can see the traffic coming through or not. I would also run a packet capture on the WAN side to see if the traffic is making it to the WAN interface of the router.
Sorry to hear you are running into this issue and hope the information provided to you will help you out.
I set up QoS as advised
|WAN QoS Mode:||Priority|
Priority Bandwidth Allocation Settings
% (Range: 61 - 100, Default: 61)
% (Range: 31 - 60, Default: 31)
% (Range: 10 - 30, Default: 10)
|Total WAN (Internet) Bandwidth:|
Mbps (Range: 1 - 100, Default: 100)
WAN QoS Profile Table
|Name||Priority||Minimum Bandwidth Rate|
Kbps (Range: 1 - Max. Bandwidth)
|Maximum Bandwidth Rate|
Kbps (Range: 100 - 1000000)
It did NOT work.
It is interesting to note that all the 3 services work perfectly as they should with ports forwarded in Modem provided by my ISP, or if I attach WRT54GS router. However as soon as I attach RV180 I start getting these problems. Even my VOIP device does not work when I forward port 5060 to the device.
I have tested IE and Forfox, any FTP client and RDP with ISP provided modem/router as well as WRT54GS and NO issues at all.
Now I am going to set up packet capture on WAN side
I am sorry to hear that you are still having the same issue. Go ahead gather the packet captures on the WAN and LAN side. Once you gather this information let me know so you can email this information and I can review it.
I am sorry that you are still having this issue and will work to get your issue resolved soon.
I have exactly the same issue. I have replaced a "domestic" router with a RV180. The "domestic" router used to port-forward RDP, HTTP to a server on the internal network from internet. Having set up the same rules on the RV180, nothing works. This is clearly a firmware issue as with the old (netgear) router there was never a problem,
The RV can be seen externally via PING (when enabled), and can be logged into using remote management. I also have QuickVPN running to it fine, and once VPN in, can PING the target server for which I am trying to open the RDP port. I can also RDP from the VPN (but this is not what I want to achieve).
I did notice the first time I configured the router that I set the Access Rule, created a custom service for RDP (TCP PORT 3389), then checking the Port Forward Rule Table screen, there was no Port showing for the destination ip. I set this in the Port Forward screen, but it didn't make any difference.
This is used for a small business for which I am consulting - I am embarrassed to have recommended CISCO.
The issue could not be resolved by Cisco support, so all the 4 RV180's had to be returned back to Cisco. It was an embarassment for me as well as I did recommend Cisco to my small business client.
Same issue here and Cisco has admitted to me there is a known bug related to port forwarding, although you will be hard pressed to find any documentation related to this bug. I am also a consultant who has recommended this product to a small business, only to have to replace it with a generic off the shelf router, which worked fine out of the box. I can no longer recommend this product and will be hesitant in the future, as I am a bit dismayed as to how this issue has been addressed.
I am sorry for the issues everyone is having with port forwarding on the RV180. It would best at this point to call us at 866-606-1866 and open a case with us so we can work to resolve your issue.
Yes I am able to get this to work. I have been able to get port forwarding to work with different services. I have RDP working currently right now. I am not sure what the issue can be at this point, so I feel the best way to get the issue resolve is to call in and open a ticket with us.
I am replacing an RVS4000 with an RV180, and I'm trying to just duplicate the port forwarding as much as possible between the two. Please excuse the neophyte questions, but here they are:
The RVS4000 has a field for "External Port," and no equivalent to the RV180's field "Source IP." And the RV180 has no "External Port" field. How is the external port defined in the RV180? Is it always the same as the internal port?
It's funny that RDC seems to be a popular service, but there is no such entry in the default services list and it must be added as a custom service.
As a side note, page 135 of the RV180 pdf manual omits "Web Access" and "Remote Management," the latter being needed to setup QuickVPN. Also, the pdf Bookmarks are a mess in this document; their heirachies are completely wrong.
The first step you will need to do is go under firewall and go under advance settings and click on custom service. You will create a TCP port for 3389, start port is 3389 and end port is 3389. Once you create your custom service then you will need to go to either access rule or port forwarding (weather you create it under access rule or port forwarding they get added to both sections). For this set up, we will go under port forwarding. Once you are under the port forwarding section then you will select your custom service you created from the drop down box (any custom service you create will be at the bottom of the list). Just make sure you action is set to always allow and your destination ip address is were you are wanting to RDP into and your internal port would need to be 3389.
Not sure if you are using port forward for RDP but just using it for part of the example.
Let me know if you have any questions. If all else fail you are welcome to call us at 866-606-1866 all the Cisco Small Business Center.
Thank you very much. It worked great right from the get go. And it's much faster than the RVS4000. I'm curious to hear the diagnosis of the port forwarding trouble that others have encountered.
Yes, I'm using Windows RDC.
On the RV180, when I forward port 443 to our NAS server, in order to make available its browser-based file-server to offsite clients, my QuickVPN now fails to connect. Disabling port 443 forwarding restores QuckVPN functionality. What is the best workaround? This problem didn't happen with the old VRS4000.
Bernard, set the QVPN port for 60443 and see if that helps.
Please rate helpful posts
I did try changing the drop-down port selection in the QuickVPN client from Auto to 60443, but it still will not connect when 443 is forwarded to the NAS on the RV180.
Question: I notice that Remote Management needs to be enabled to use port forwarding, and its default port is 443. Does this have any bearing on the problem?
QuickVPN Client uses either port 443 or 60443. If you need to forward port 443 to a NAS server, you have to enable Remote Management at port 60443 so that all features (NAS, QuickVPN, and remote management) can work well together.
I have done that, and the connection process now proceeds farther. It gets past Activating Policy... but hangs at Verifying Network... After that the "Info/The remote gateway is not responding. Do you want to wait?" dialog box pops up. And waiting doesn't help. I've tried both Auto and 60443 in the "Port for VPN" client dialog box. With 60443 only "Server's certificate doesn't exist on your local computer" pops up only once instead of twice.
Any further thoughts would be most welcome.
I have done that, and the connection process now proceeds farther. It gets past Activating Policy... but hangs at Verifying Network... After that the "Info/The remote gateway is not responding. Do you want to wait?" dialog box pops up. And waiting doesn't help.
The pop-up "remote gateway is not responding" indicated that QuickVPN client cannot ping the LAN IP of RV180, which could be caused by the Windows firewall on the computer that QuickVPN clients running on. To verify this, you can do the following:
While the pop-up is on, try to access other computers in the LAN of RV180 using their LAN IP addresses. This is to test whether the tunnel is actually up or not. If the tunnel is up, you can actually leave the pop-up message there, and the tunnel will stay up. If the tunnel is not up, you would need to verify if the IKE/IPsec handshake has occurred perhaps with a packet capture. This task can be assisted by an engineer when you contact the small business support center.
Here's the log file, which looks similar to those listed in earlier threads:
2012/09/02 16:43:22 [DEBUG]Input VPN Server Address = redacted
2012/09/02 16:43:23 [STATUS]Connecting to remote gateway with IP address: redacted
2012/09/02 16:43:23 [WARNING]Server's certificate doesn't exist on your local computer.
2012/09/02 16:43:26 [STATUS]Remote gateway was reached by https ...
2012/09/02 16:43:26 [STATUS]Provisioning...
2012/09/02 16:43:35 [STATUS]Success to connect.
2012/09/02 16:43:35 [STATUS]Tunnel is configured. Ping test is about to start.
2012/09/02 16:43:35 [STATUS]Verifying Network...
2012/09/02 16:43:41 [WARNING]Failed to ping remote VPN Router!
2012/09/02 16:43:43 [WARNING]Failed to ping remote VPN Router!
2012/09/02 16:43:46 [WARNING]Failed to ping remote VPN Router!
2012/09/02 16:43:49 [WARNING]Failed to ping remote VPN Router!
2012/09/02 16:43:52 [WARNING]Failed to ping remote VPN Router!
2012/09/02 16:43:54 [WARNING]Ping was blocked, which can be caused by an unexpected disconnect.
2012/09/02 16:44:11 [STATUS]Disconnecting...
2012/09/02 16:44:15 [STATUS]Success to disconnect.
2012/09/02 16:44:30 [STATUS]OS Version: Windows 7
I do have the newest version of QuickVPN. My RV180 firmware is 18.104.22.168
So I'm wondering, Why does it work on 443, except when that port is forwarded, but not on 60443?
>So I'm wondering, Why does it work on 443, except when that port is forwarded, but not on 60443?
If port 443 works for you before (without port forwarding to NAS), there is no reason that port 60443 (with forwarding 443 to NAS) would not work for you. You might want to contact the Support center for futher assistance.
I tried leaving the pop-up open and accessing the LAN as you suggested, but no luck. I have RDC access into the system and can see in the RV180's IPsec Connection Status that there are no connections. I guess it's down to calling in a ticket.
Just a final note: I see in the thread https://supportforums.cisco.com/thread/2022966 that the last post shows a similar fact pattern as mine. The ONLY way he got QuickVPN to work is via 443. He closes with "Cisco needs to address the port confilict so 443 can be forwarded for other uses." Here we are nearly 2 years on, locked in battle with the same demon.