Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SA520 as replacement for RV082 - Firewall problem

I've been banging my head against the wall trying to replace our aging RV082 router with the SA520 unit.  We've successfully used the RV082 with one-to-one NAT for years but wanted to take a step up once we started having problems with it.  Please realize that I'm somewhat of a novice when it comes to routing technologies so I thought I could just setup static routes in place of 1to1 NAT and then setup firewall rules.  I'm pretty sure I was wrong on that when I found the reference on this forum to setup a firewall rule like this:

From Zone Insecure (WAN1)

To Zone Secure (LAN)

Service HTTP

Action ALLOW always

Source Hosts Any

Internal IP Address

External IP Address Other

Other IP Address

(public IP address)

So, after reading the documentation, I still don't know what static routes are for if not for doing what I wanted, google is no help and I can't seem to set up according to the instructions in chapter 5 of the manual.

Knowing that there was a bug related to this issue, I updated to the latest firmware 1.1.42 but I also tried 1.1.21 with identical results.  The problem is illustrated in the attached graphic.  There is no "Other" option available to me!  Similarly, when I try to setup an outbound rule that I'm not sure whether I need or not, I have no ability to set the address for the rule.

I can't put this new unit in until I have solved this problem and any help would be appreciated.


Everyone's tags (3)
Cisco Employee

Re: SA520 as replacement for RV082 - Firewall problem

you don't need an outbound rule, since by default outbound traffic is allowed.
Is your dedicate wan (primary) ip address ? If so, please select
the dedicate wan option.

New Member

Re: SA520 as replacement for RV082 - Firewall problem

I called support and the answer was, in retrospect, rather obvious. 

I have to define an IP Alias for each external address and then use firewall rules to map internal addresses to those external addresses.  The piece I was missing was that I didn't understand what the IP Alias function was for.