Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 608
  • Last Modified:

LAN to WAN network traffic being blocked

I have a small business network with about 50 internal devices during the working day, IPhones, Androids, computers, servers, etc.  Since the middle of last year I started getting a message from my gateway router that the CPU was over 90% with nothing else significant in the logs.  So two days ago I decide to change the gateway appliance to a CISCO model RV016 a pretty simple device that should easily handle the traffic I have. Users noticed that IPhones email refresh was taking longer than before, so I put the router in a higher state of logging all errors and sending me an email when it gets to 50 items. Some recent logs are attached, most of the inside originating ip's are from phones and droids but some are from my own computer (192.168.0.29). Can anyone tell me what kind of traffic this is and what I might be able to do to stop these errors. Note the firewall is enabled but according to Cisco there is no LAN to WAN filter enabled???
Help, Thanks, Vincent
GateWayAS-Security-Notification1.txt
GateWayAS-Security-Notification2.txt
GateWayAS-Security-Notification3.txt
GateWayAS-Security-Notification4.txt
0
Vincent Costanza
Asked:
Vincent Costanza
3 Solutions
 
ITEdgeCommented:
It is almost exclusively HTTP and HTTPS traffic.  Since you're specifically referencing mail, are the devices trying to contact and Exchange server?

Is there any sort of content filter or stateful packet inspection going on?
0
 
KimputerCommented:
The logs shows connection to the usual sites, such as Yahoo, Amazon, Facebook etc. and some cloud based hosts like akamai. There's definitely some filtering going on, as the log files states it's a Policy violation.
0
 
Vincent CostanzaOwnerAuthor Commented:
ITEdge,
NO exchange server on site, all company email is google business, personal devices are allowed to use WiFi and not sure what most of them are doing. I am not even sure if this is slowing down the appliance.
the device firmware has a Stateful Packet Inspection switch and it is in the disabled position.
Kimputer,
I agree, how is it that there is no outgoing filtering if the logs is showing policy violation for outgoing packets.

All, I have attached a manual for the gateway and have noticed the protection link that is a third party dynamic content filtering but this is also disabled on the device and has been discontinued by Cisco, Yet even the latest firmware has the option to enable this function.

 Thanks for your continued help on this,
Vincent
rv0xx-AG-78-19576.pdf
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
KimputerCommented:
Seems other people have disabled the firewall to remove these Policy Violations.

Step1:
http://www.linksysinfo.org/index.php?resources/enabling-telnetd-on-the-rv042-rv082-and-rv016.5/

Step 2:
follow guide
http://wildcat.espix.org/doc/bbox2/various/openrg_configuration_guide.pdf

You will find two firewall settings areas via telnet: /nk/fw and /fw.

Set the /fw/enabled option to 0 (disabled).

Leave the /nk/fw section activated but remove the default firewall rules (the ones which are greyed out in the webinterface; use the command  rg_conf_del nk/fw/rule/[0,1,2,3,....] for the respective rule
0
 
Vincent CostanzaOwnerAuthor Commented:
Cisco must have changed the telnet password in my version of the firmware.. 4.2.2.2...
Still trying
0
 
Dan CraciunIT ConsultantCommented:
Use the authentication data from the web login.
I.e. the password when you login via telnet will be the same as when you login via the web interface (default admin admin, but you probably changed it to admin somethingelse).

HTH,
Dan
0
 
Vincent CostanzaOwnerAuthor Commented:
yes I changed it but the web password does not work, I did see on the Cisco forum that some routers its different especially the ones that used to be Linksys models
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now