We help IT Professionals succeed at work.

Cisco RV042G Firewall Rule

243 Views
Last Modified: 2015-08-05
Following up to the post I just completed on the Cisco RV042G VPN, now I need to establish a rule in the firewall to allow VPN connections. My goal is to lock down access into any of the LAN connections until a user has authenticated through VPN. The firewall is in the default state, no changes. So when I go to add a rule to the firewall, IPSec is listed as an option. I am pretty sure I have this part right, but I won't swear to it.

What I am confused by is the Source Interface, Source IP and Destination IP.

Source Interface - I am using WAN1 as my internet connection so I assume this should be my selection here.
Source IP: Any, Single, Range - Is this to allow any external IP address connections through VPN or limit it to a single or a range?
Destination IP: Any, Single, Range - ???
Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2015

Commented:
You said "My goal is to lock down access into any of the LAN connections until a user has authenticated through VPN."  The VPN users will not be able to access your LAN connection until they connect to the VPN anyway so you do not need any additional rule for this.

Source Interface - I've used this router before and there are 2 WAN ports.  You need to select which WAN port the traffic is coming from.
Source IP: Keep it ANY because you want your remote users to connect from anywhere via VPN.  You can limit the VPN from an IP range or an IP if for example you're connecting a remote branch to corporate head office (router to router VPN) so you will want to allow only a certain IP range or even only one IP address to connect to the H.O.
Destination IP: Any or select a specific IP range (if you only want them to be able to access a certain servers in a certain IP range then you can specify.  Otherwise leave it as ANY).

Wayne

Author

Commented:
Ok I don't disagree that there may be additional configuration to accomplish my end goal, but my first goal is to not allow any of these connections until I have an authenticated user through VPN. So what I am asking is how do I set up the VPN rule in the firewall correctly to begin with.
CERTIFIED EXPERT
Top Expert 2015

Commented:
I see your challenge.  I have used a much older version of this router and the interface is different.  Let find the manual and have a look first.

Author

Commented:
Here is the manual. I am not a firewall guy so evening reading this is not helping.
Cisco-rv0xx-AG-78-19576.pdf
CERTIFIED EXPERT
Top Expert 2015

Commented:
I think this is what you want.  You can also use PPTP VPN instead of IPSEC.  This info will show you how to enable the tunnel as well as create the VPN users as well as how to connect to it.

Setup a PPTP VPN Connection on a Windows PC with RV016, RV042, RV042G and RV082 VPN Routers
CERTIFIED EXPERT
Top Expert 2015

Commented:
gacto, here is a video that can help you setup PPTP VPN

VPNs using PPTP through Cisco's Small Business Routers

Author

Commented:
Wayne88,

I am looking over this information now, but based on the research I have done so far I thought the Client To Gateway IPSec VPN was a much more secure option than PPTP.

Author

Commented:
looking over the documents you have attached I am not sure that my original post was clear. Let me try this again:

I have already configured a Client To Gateway VPN tunnel on my Cisco RV042G router. Now I am attempting to add a rule in the firewall to allow for VPN connections. While adding that rule there are three parameters that I am not sure hot to set:

1. Source Interface - I am using WAN1 as my internet connection so I assume this should be my selection here.
2. Source IP: Any, Single, Range - Is this to allow any external IP address connections through VPN or limit it to a single or a range?
3. Destination IP: Any, Single, Range - ???
CERTIFIED EXPERT
Top Expert 2015
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.