Sorry, but why would you even think of suggesting adding a reverse dns entry?

I didn't say I couldn't connect to the router's web page using the FQDN. I said I could not log in using it. To be more clear: I can't log in on it anymore when I call up the web page using hostname.fqdn like I have always done for years. I CAN log in if I call up the web page using the IP address.

To be even more clear, with either the FQDN or IP, the router's login page is displayed, I can enter the username and password, and even click the "Log In" button. The difference is, when i click the button, or hit enter, I can log in when I use an IP as the URL. There is no response when I click the "Log In" button or hit enter when I use the FQDN URL.

Bob.

 - When the IP-based logon is  used you may try  to check logs and or (authentication) logs on the device and see if any additional (error)-info is reported when the FQDN-based logons are tried. The reason I talked about  Reverse DNS is that sometimes in subsequent firmware version , security is enhanced and extra checks  could, for instance be done by verifying the FQDN of the certificate versus the used ip-address. This may not be the case indeed, but could be checked by analyzing network traffic from the device and verifying what kind of traffic is still 'going on' when the FQDN-based logon hangs.

 M.

Seems to me a reverse DNS check for a router would have dubious value. Especially when there are network problems. If the unit is to do any "certificate" checking at all, I would hope Cisco would implement standard stuff like a CRL check.

There is no entry in the log when I try to log on by FQDN with either a valid or invalid username or password. The web interface is still very slow. This very much seems like a bug and needs to be triaged in a lab. Are you able to report it? If not, how do I go about it?

Thanks,

Bob.

              >If not, how do I go about it?

- As stated try to  analyze what the device is doing when the FQDN-based logon hangs , by analyzing traffic to or from it. Mirror it's connection-port through a span setup or something similar. Perhaps it tries to reach something else (?) Remains to be seen - indeed.

 M.

Marce1000:

I don't have advanced equipment for mirroring ports. However...

I created a rule in my Symantec firewall to Block All and Record in Packet Log.

I moved it to the first position.

I opened up the login page to the RV320.

I typed in the username and password.

I opened up the Symantec firewall Traffic Log and cleared the entries.

I clicked the "Log In" button on the RV320 login page.

I also changed the rule to Allow All.

Only traffic that was recorded when I hit the Log In button in either case was on port 443.

Same thing if I disable the firewall entirely (except no log entries).

The RV is not hanging. The button clicks visually over and over. Just nothing happens inside. If I enter an invalid password when accessing via IP, the username and password are cleared and a message box with red lettering is displayed. When accessed via URL, nothing - just the button does its normal visual click thingy.

Is there anyway someone at Cisco can verify this works on an RV320 with this firmware over there?

I scanned through the firmware release notes but didn't see anything that mentioned a change to the way this logs on. Like I said, the certificate has worked for years. And how do we know this is even certificate related? The certificate itself is quite valid.

Thanks,

Bob.

Ref : https://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/rv320/quick_start/rv320_qsg_en.pdf

           Following the below guidelines issue a soft reset or at last resort a hard reset of the device 

 RESET—Reboot or reboot and restore defaults:
• To reboot the unit and retain the current configuration, press and hold
RESET for at least 3, but no more than 10 seconds, by using a paper
clip or a pen tip.
• To reboot the unit and restore the factory default configuration, press
and hold in the RESET button for more than 10 seconds. Changes you
have made to the configuration of your device are lost.

M.

marce1000

I tried a soft reset using the reset button, followed by a software factory reset (the one that preserved certificates).

The router has sped up a bit, and is now just slow (like before) instead of "very slow". One issue solved.

I still can't log in using FQDN.

So how do I escalate this?

Thanks,

Bob.

 https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

 M.