Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
327
Views
0
Helpful
10
Replies

Baseline Approach...

jay.johnson1
Level 1
Level 1

‎11-13-2010 11:21 AM

Okay, here's a few of my observations I've baselined before upgrading the firmware:

1) Admin Password:  Unless I looked over something again, there is no place to change the default admin password. 

2) Port Forwarding:  It appears only "port triggering" and "one-to-one NAT" are the only options (no "single port forwarding" or "port range forwarding" available).  Additionally, I set my pbx up on Vlan 3 (173.16.3.0).  When I tried to use one-to-one NAT to forward to the box based on current port forwarding restrictions, it said I could no use the aforementioned ip range because it was not a recognized address from the primary vlan (172.16.30.0).  It's great to have single port forwarding so as to "only allow" specific ports as opposed to opening up a range all the time that's succeptible to attacks.  Port range forwarding is good in cases where you need a range to be identified (although risky depending upon the application, it's an acceptible risk nonetheless).  Gotta have these two

3)  VPN:  The IPSEC vpn appears pretty solid; I haven't tried the SSL VPN yet only because I'm unfamiliar with it's configuration on this particular device; after I flash the firmware, that's the next VPV configuration I'll try.

4) DDNS:  Updated without any problems with dyndns.com.  I like the option that now tells the router to update with dyndns.com every 30 days so the user doesn't have to .

5) DHCP:  Appears to work right out of the box without any fidgeting involved.  I tried connecting via DHCP 5 times and it worked each time.

6)  Wireless:  Showed pretty good strength.  I haven't gotten into playing around with the various wlan ssids available (4), but that's soon to come.

7) Vlan:  Confusing as Hell... I know I can do this in CISCO IOS but it's been giving me fits "ALL MORNING" trying to configure it via GUI on this router.  As a matter of fact, it's just as confusing (if not, more) trying to configure vlans on this router as it is trying to do in on the CISCO SLM2008 Gigabit Smart Switch (mine died about a week ago and I've only had it for a year at best )  Additionally, my pbx server hasn't been responding well behind this device at all even though I've disable SIP ALG (my trunks won't come online; see picture). 

Regardless of some of the "growing pains," I'm still "geeked" about testing this device

I'll post back once I flash the router and see if items #1 and #2 are already addressed via the firmware upgrade...  In the meantime, I'm taking it offline and putting my 871w back up because I need my phones up and running.

Jay

Certified: CCNA (R/S, Security, Voice), CCDA, CCNP (R/S)
Preview file
144 KB
Preview file
92 KB
0 Helpful
10 Replies 10

jay.johnson1
Level 1
Level 1

‎11-14-2010 05:08 AM

After updating the firmware, the router is playing nice with my infrastructure right from jump!! 

Couple things to note:

1)  I found where to change/add and administrator account and password (it's all based around SSL; learning curve *smile*)

2) Still only seeing "port triggering" and "one-to-one NAT" for port forwarding options.  Adding "Single Port Forwarding" and "Port Range Forwarding" would be a definite benefit."

Another thing I noticed (positive) after upgrading is that my voice server fired right up.  All my trunks are showing green (see attached).  The Vlan part is still a little tricky (at least to me anyways) but overall, it's handling great.  I was streaming a file wirelessly from my media server while having a VoIP conversation with someone (I separated data and voice with their own vlans) and call quality was excellent to include no hiccups from the video.

The only other issue I'm having right now is that when I take all the ports out of the native vlan, some of the devices on different vlans aren't responding but I think that's more of a configuration issue based on my current lack of knowledge about some of the processes on this router.

Overall, Don, you guys have outdone yourselves on this *two thumbs up with a snap to accentuate tester satisfaction*. 

Simon, Kevin, and Eric, I'm getting ready to test quickvpn, so if you guys want access to see some things, I'll have some accounts created for you in a moment; I'm currently using this as my primary router.

Jay

Certified: CCNA (R/S, Security, Voice), CCDA, CCNP (R/S)
0 Helpful

jay.johnson1
Level 1
Level 1
In response to jay.johnson1

‎11-14-2010 07:32 AM

Guys,

I located where portforwarding is in this router...  First let me say "FORGET EVERYTHING WE KNOW ABOUT PREVIOUS SETUPS IN LINKSYS ROUTERS."  Navigating through this router can be likened to when Microsoft went from NT 4.0 to Windows 2000 (or XP to Vista for that matter); it's a completely new design so everything you once knew where to find is someplace else.  Forgive me for saying so, this setup "sorta" reminds me of how NetGear had their menus setup

Nonetheless, see the attached pictures to define the single port forwarding options now.  Port forwarding can be a two-fold process "if" a port you need is not already defined (see first attachment).

Oh, here's something of interest.  When using voice, the ports normally identified (from what I'm learning) are UDP 5000, 5060, 5062, 5064, 5065, 5080, 5082, and 5084.  By default, these ports are already forwarding and don't need to be opened on the router.  However, I've been told that UDP port range 8000 - 8004 and as well as UDP port range 10000 - 20000 should be forwarded.  "I'M NOT FORWARDING 8000 - 8004 NOR 10000 - 20000 ON THIS ROUTER YET I'M GETTING GOOD VOICE TRAFFIC INBOUND AND OUTBOUND...  *SCRATCH*  *SCRATCH*  This leads me to believe these ports are already open too.

If I were to take off the port forwarding for the following ranges on my 871w, my phones won't ring (if I recall) on outbound calls, yet on this router, nothing was required to be done which may indicate that not all traffic is blocked by default, but I'll wait for the "big gun" (a.k.a. "Eric") to get his router so I can verify this with him.

Other than that, this router is still continuing to impress... 

Jay

Certified: CCNA (R/S, Security, Voice), CCDA, CCNP (R/S)
Preview file
112 KB
0 Helpful

linksysinfo
Level 4
Level 4
In response to jay.johnson1

‎11-14-2010 01:31 PM

Jay you might find some of the ports that are needed to be opened are infect opened automatically when the LAN side device initiates the seism first of all. Also, also make sure UPNP is disabled or port forwarding is not worth the effort.    The screen shots are exactly like the RV120W as cisco has a demo site for this device,  Can't wait till I get mine though guessing this will be some time before I see it here.  Does the rv220w do PPPoA or just PPPoE?

Regards Simon
0 Helpful

jay.johnson1
Level 1
Level 1
In response to linksysinfo

‎11-14-2010 03:18 PM

That appears to be the case (ports being opened automatically) which means the RV220w still has a little "consumer router" in it *heh*

Yes, it does PPPoE and PPPoA.  I run it across my fiber connection (Verizon); I bridged my fiber modem when I was it was a router/gateway device so I could use my WRVS4400N initially; now I just use it as an access point since my gigabit switch perished

I'm noticing some "possible" issues with the Vlan portion of it, but I'll wait to make full comments when you guys get yours.  I know how to configure vlans, but on this little thing, it's confusing as all get out... Once intervlan routing is configured, all segments "should" talk, but they don't.  Maybe I'll make a camtasia video and describe what I'm talking about...

Jay

Certified: CCNA (R/S, Security, Voice), CCDA, CCNP (R/S)
0 Helpful

linksysinfo
Level 4
Level 4
In response to jay.johnson1

‎11-15-2010 12:13 AM

Being a comsumer product will allow it to be used by more than just the "enterprise" crowd. this should be a great way of getting more sales due to its webgui and not like a Cisco Router with IOS support.

Glad it does PPPoA. the girlfriends house is on ADSL adn in the UK we seem to all use PPPoA for the connection.  We only have the drappy "Sky Router" DG934G" which is seriously locked down. i have managed to crack the firmware so it is now a Netgear DG834G with a 3rd party firmware (DGTeam's) which allows me to put it into modem only mode. Though there is no easyway of getting connectivty upstairs.  I have howeer on loan some Billon AV200 Powerline/Homeplugs so am going to see if it all works out:)  it will be an experience to say the least with "homeplugs" lol.

I am basically going to try this aproach.

Sky ADSL modem <-> Homeplug to Homeplug upstairs <-> RV220W

Then all laptops/iPad/Xbox and DMA will be on G/N wifi and Main PC/NAS/Printer on Gb Lan - well thats the theory anyway

Regards Simon
0 Helpful

ddiep
Level 4
Level 4
In response to linksysinfo

‎11-15-2010 09:37 AM

Simon,

>Sky ADSL modem <-> Homeplug to Homeplug upstairs <-> RV220W

>Then all laptops/iPad/Xbox and DMA will be on G/N wifi and Main PC/NAS/Printer on Gb Lan - well thats the theory anyway

Let us know after you tried out.

Btw, there is a mix up of shipping on your unit. The depot guy could not track down your units and some others. I'm still checking to see if your unit is sending out properly. Sorry about that. I'll keep you posted.

Don

0 Helpful

linksysinfo
Level 4
Level 4
In response to ddiep

‎11-15-2010 10:40 AM

Thanks for the info, I was hoping to get the unit this week as i am off work all week, but this now looks unlikely

Regards Simon
0 Helpful

linksysinfo
Level 4
Level 4
In response to ddiep

‎11-16-2010 04:10 AM

If you could email me once the unit has shipped that would be great.

Thanks Don.

Regards Simon
0 Helpful

ddiep
Level 4
Level 4

‎11-15-2010 09:21 AM

Jay,

>The only other issue  I'm having right now is that when I take all the ports out of the  native vlan, some of the devices on different vlans aren't responding

Let us know if you're still having this issue.

>Overall, Don, you guys have outdone yourselves on this *two thumbs up with a snap to accentuate tester satisfaction*.

Thanks!

>"I'M NOT FORWARDING 8000 - 8004 NOR 10000 - 20000 ON THIS ROUTER  YET I'M GETTING GOOD VOICE TRAFFIC INBOUND AND OUTBOUND...  *SCRATCH*   *SCRATCH*  This leads me to believe these ports are already open too.

Let me check w/ engineer who's testing voice side and get back to you on this.

>Once intervlan routing is configured, all segments "should" talk, but they don't.

It should. If you can, I suggested you check out the "Available LAN hosts" and then ping the device (from different vlan) from the router. Let us know what you find out.

0 Helpful

linksysinfo
Level 4
Level 4
In response to ddiep

‎11-15-2010 09:25 AM

Jay,Don

AFAIK the 10000-20000 ports were defined i think from a Vonage website. these are incoming - but only once your vonage device initiated the call. thus no need to port forward.  port forwarding would only be needed if the initial TCP/UDP session was started outside of the WAN to gain access to you LAN sided devices.

Regards Simon
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents