Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3592
Views
15
Helpful
19
Replies

RV220W Hair-pinning

phil_m_casey
Level 1
Level 1

‎05-12-2011 03:16 PM

I'm having the same Hair-pinning issue as in this post

https://supportforums.cisco.com/message/3356389#3356389

Do you have any idea if and when a new firmware is going to come out that address it and or the PPTP VPN issue?

Between this issue the PPTP issue and the fact that I can not get my Blackberry Playbook to connect to the IPsec VPN I'm thinking about returning the RV220W and going with another.

Thanks,

Phil

Labels:
0 Helpful
19 Replies 19

Joergen Thomsen
Level 1
Level 1
In response to Te-Kai Liu

‎08-19-2011 06:21 PM

The hair-pinning is not working for many other ports e.g. 900, 13000, 1023, 24

Using the LAN address to these closed ports makes it possible to capture SYN packets at the server.

When using the WAN IP they are disappearing, probably in the RV220W.

Also a telnet to the closed telnet port 23 returns faster than to the closed port 24.

BTW port 13000 is OPEN and responding on the LAN address. There is a port forwarding rule defined  for this port.

0 Helpful

jda
Level 1
Level 1
In response to linksysinfo

‎08-18-2011 04:05 AM

You probably have PPTP server enable, when you do so it completely mess the referral address and everything that goes thru the router seen to come from his address, Was not fixed in the last fw I got from support (1.0.2.3)

I’ sorry to say but with the rv220 my opinion from CISCO have dropped a lot the RTM fw is completely unacceptable..

Joergen Thomsen
Level 1
Level 1
In response to jda

‎08-18-2011 12:04 PM

The PPTP server was enabled (and not used), but disabling it made no difference.

An IPsec tunnel is used and source addresses through that one are OK. Disabling it made no difference.

This is with the 1.0.2.4 software.

0 Helpful

linksysinfo
Level 4
Level 4
In response to Joergen Thomsen

‎08-23-2011 09:57 AM

Joergen. 

v1.0.2.4 is now an official Firmware release.  there are many known issues all listed in the released notes.

http://www.cisco.com/en/US/docs/routers/csbr/rv220w/release/notes/RV220W_Release_Notes_1.0.2.4.pdf

Simon

Regards Simon
0 Helpful

Joergen Thomsen
Level 1
Level 1
In response to linksysinfo

‎03-08-2013 02:46 AM

The RV220W hair-pinning problem is back

Firmware Version
1.0.4.17

I just made a minor change to the firewall and then all access from the LAN using the public IP-address was directed to the router itself.

The method of manually doing edit/save each of now 40 rules did not solve the problem.

Next then save and restore of the configuration (followed by a reboot) did not solve the problem.

However, I had forgotten that the access rule


 Always Allow Any Enabled Inbound (WAN (Internet) > LAN (Local Network)) 192.168.1.5 - 192.168.1.254

fixes the problem, but it is a bad solution suffering from security risks.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents