Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1836
Views
0
Helpful
5
Replies

Can I use RV042G for this?

Plamen Mladenov
Level 1
Level 1

‎03-25-2013 06:34 AM

Hello,

I'm trying to make an attached topology.

This router should be attached to 2 different ISPs on both WAN interfaces (ISP1 with IP address - A.B.C.D, and ISP2 with IP W.X.Y.Z) and I want to use DMZ, too. My idea is to make a L2/L3 segmentation with 2 VLANs - Vlan RED for DMZ (private network 192.168.1.0/24)  and vlan BLUE for Internal network (network 192.168.2.0/24). I checked in the manual that vlans are supported, but I can't see anything about 802.1q, can I use one trunk port or I should use 2 physical cables?

There should be inter-vlan routing and basic stateful firewall, so PCs in Vlan Blue should be able to initiate connections to DMZ servers, but the opposite should be denied. Router should make a port forwarding on its both WAN interfaces and forward incomming traffic (from Internet) to DMZ servers (with NAT). Both DMZ servers and internal PCs should have an internet access with NAT over both WAN uplinks.

Can I use RV042G for this setup and if not at all - are there any cisco SMB device which can do this?

Thanks!

Plamen

Labels:
Preview file
42 KB
0 Helpful
5 Replies 5

Te-Kai Liu
Level 7
Level 7

‎03-25-2013 08:16 AM

RV042G support port-based VLAN (i.e. no 802.1q), and computers on different VLANs are isolated from each other.

However, RV042G supports multiple subnets on the LAN side. The topology you depicted can be supported with some access rules and port forwarding rules configured.

0 Helpful

Plamen Mladenov
Level 1
Level 1
In response to Te-Kai Liu

‎03-25-2013 10:15 AM

Hi Te-Kai Liu,

Greet to hear that! So if we assume that router has an IP address - 192.168.2.1 for Blue VLAN (PC network), can I make port forwarding rules something like:

If http traffic from PC network is comming to 192.168.2.1 on port 80 -> forward this to 192.168.1.10 (Web server on Red vlan).

If Yes - which source IP will Web server see the http request - PC real IP or 192.168.2.1 (if this IP is used on router for Red vlan) ?

Regards,

Plamen

0 Helpful

Te-Kai Liu
Level 7
Level 7
In response to Plamen Mladenov

‎03-25-2013 10:54 AM

With the current firmware, port forwarding can only forward traffic to the default LAN subnet (192.168.1.x) from both WAN IP addresses.

0 Helpful

Plamen Mladenov
Level 1
Level 1
In response to Te-Kai Liu

‎03-25-2013 11:10 AM

In this case I beleive that I should use only one internal subnet (default LAN) and place servers in the same Vlan as PCs.

Do you know - are there any ways to log into this router via SSH or telnet. Actually is this is a linux based OS and can I do things with iptables?

0 Helpful

Te-Kai Liu
Level 7
Level 7
In response to Plamen Mladenov

‎03-25-2013 11:34 AM

No telnet/SSH is supported for RV0xx routers. (The hidden telnet interface is used only for R&D.)

0 Helpful
Customers Also Viewed These Support Documents