RV042 v3 - Block WAN Request - bad implemented!

zavodny · ‎11-28-2012

Hello,

I would like to ask You if You have same problem as me. I would like to allow PING on RV042 from WAN side only from specific IP address, but when I set the rule, RV042 does not respond on WAN side, because Block WAN Request is Enabled.

BUT! When I disable "Block WAN Requests", now any IP can ping my router from WAN side. Although I set access rule to Deny Ping from WAN side to anyone, it still responds.

Do you know sollution?

jonatrod · ‎11-28-2012

Good morning

Thanks for using our forum

Hi Tomas Zavodny my name is Johnnatan and I am part of the Small business Support community

I'm not sure if you disable the option “Block Wan Request” your device creates a rule in the firewall, can you check this? if your device creates the rule, follow this procedure

In this priority order, create 2 rules in your firewall device.

1. A rule that allow ping your device from your specific source(s) address(es)

2A rule that deny ping from any other source.

3 With the lowest priority, the rule that your device creates.

I hope you find this answer useful, if it was satisfactory for you, please mark the question as Answered.

Please rate post you consider useful.

Greetings,

Johnnatan Rodriguez Miranda.

Cisco network support engineer.

Cisco has a very useful tool called GuideMe, is made for small business products, and your device is in this category, you can use this address for accesing the tool: http://sbkb.cisco.com/CiscoSB/Loginr.aspx?alt1 = & pid = 4 & eroute = Super, is very easy to use, just complete the 3 spaces on this way:

Select a category: (Select the device type on request), eg Routers

Enter model: (Type the model on request), eg RV042

Question: (Type what you want to know about the device), eg VPN

And it'll be showing all the information you need about what you wrote.

“Please rate useful posts so other users can benefit from it” Greetings, Johnnatan Rodriguez Miranda. Cisco Network Support Engineer.

jakewaldo · ‎06-12-2014

Hello,

did you resolve this or get anywhere.I tried the solution that was recommended to you but this did not work for and I have to either have "Block WAN Requests" disabled and every one can ping regardless of firewall rules OR set "Blaock WAN Requests" to enabled and cannot ping at all and again regardless of firewall rules.

Firmware is v4.1.1.01-sp (Dec 6 2011 20:03:18)

chrebert · ‎06-14-2014

Hello,

There is not a way to set an access rule that blocks traffic destined for the RV042's WAN interface itself. The only options for ACLs are traffic going from WAN to LAN, or from LAN to WAN (and DMZ) and a ping going to the WAN interface isn't really either of those two. You can either enable or disable pings, but there isn't really a way to limit it to a certain IP.

I also understand the need for obscuring your information, but screenshots where the source and destination are totally blocked make it pretty difficult to figure out exactly what you've configured. However, since there isn't a way to do what your attempting it doesn't really matter in this case.

Christopher Ebert - Advanced Network Support Engineer

Cisco Small Business Support Center

jakewaldo · ‎06-16-2014

Hello chrebert,

thanks for your replay,

Sorry, my mistake, I am not referring to a RV042 but a RV082. With previous older versions (hardware and firmware) I have not had this issue before. All previous versions allowed for the Block WAN Request to be left enabled and I would then create rules to allow ping traffic through. I have about 15 of these units out at different sites and they all work fine. This newer model has changed in some way and the only way to allow ping is to lower security.

Firmware version on the older models is: 1.3.6 (Jan 12 2007 08:34:24) , even 1.3.5 worked ok.

NOTE: I am unable to click the "reply" buttons on your web site. The only way for me to be able to post anything is to reply to the initial poster and then hit the Submit button, this then allows me to type my query and submit again. I have tried uninstalling Java and reinstalling (7.60)