cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2752
Views
0
Helpful
8
Replies

RV180 firewal rules and portforwarding are completely messed up

Zorglub75
Level 1
Level 1

Greetings,

First problem :

I recently discovered that I cannot reorder firewall rules when I create more than 10 of them.

The Access Rules page displays only 10 rules. Rules on the second page cannot be reorder towards the first page.

Is this normal behavior ???? This is a MAJOR issue to me.

Second problem :

I need to forward a RANGE of ports, but I cannot ! I can only forward a single port, which is completely incoherent with the fact that I have selected a custom service which I created and which contains a RANGE of ports !

In advance, thank you

8 Replies 8

Zorglub75
Level 1
Level 1

I must add that there is (was ?) a similar problem with the RV120W.

Looks like the problem is not solved...

jtuminaro
Level 1
Level 1

I have the same issue. I have a few custom services with ranges of ports to forward. However when I setup the port forward it makes me choose 1 internal port and ends up only forwarding that 1 port. And way around this?

Thanks

Hi,

Thanks, glad to see I'm not alone having to cope with such stupid bugs...

I read on other threads that a 1.0.2.2 firmware for RV180 was partially released (https://supportforums.cisco.com/thread/2161468)

Will this new firmware be released soon ? Does it correct these bugs ?

I can wait for the next release if I'm sure this solves my problems. Otherwise I'm probably going to switch to another brand.

chdh
Level 1
Level 1

I have the beta firmware 1.0.2.2 for the RV180W. It's still the same. When I try to reorder a rule from the second page to the first page, i get the error message "Invalid position Enter a value between 11 and 14".

And it's still not possible to forward a range of ports. While you can define a range of ports as a custom service, all the ports within the range are forwarded to the same destination port.

And custom services are not sorted by name and it's not possible to reorder them.

The new beta firmware 1.0.2.2 fixes a bug with port forwarding when the WAN is connected through PPPoE. TCP data was only transmitted in one direction. But there is another serious bug. TCP connections that arrive at the local server through a forwarded port are associated with the local IP address of the router (e.g. 192.168.1.1), instead of the public IP address of the remote node. I don't know if this only happens when the WAN is connected through PPPoE. Can anybody confirm this?

Another problem is that PPTP passthrough (Windows VPN) does not work behind PPPoE, see

https://supportforums.cisco.com/message/3828872

RiverX912
Level 1
Level 1

I have same problems.

1. User cannot move access rules between display pages. This is big problem to user. Seems should be easy to fix;

2. Source IP of inbound traffic (I use static IP) is translatated to private IP. Not sure if this is by design, but it caused issues with VOIP (SIP) application.

Kai, the wrong source IP of forwarded ports is a known bug (CSCue49377) which is listed in the release notes of Firmware 1.0.2.6. They seem to have no automated tests to detect such a grave bug before they release a new firmware. Or they have released the new firmware despite this bug. In both cases, this is absolutely inacceptable and unprofessional.

Since Cisco does still not allow us humble users to access the bug database, we cannot see whether this bug is fiixed and whether a beta firmware is available. Maybe if we wait another 9 months or so for the next firmware release, this bug will perhaps be fixed.

see also: https://supportforums.cisco.com/thread/2196509

chromiumcat
Level 1
Level 1

This appears to work, and is based on my experiences with other firewalls of various kinds.

Say for example, we have a server that wants a range of ports from the outside world forwarded to it through the firewall.

The server is at 192.168.1.222, and the service it is offering is at ports range 4500 to 4700 of both TCP and UDP.

Let's go to the following settings:

Firewall

     Advanced Settings

          Custom Services

           In the custom service table, we are going to ADD a service.

          Give it a name like ServiceTCP

          Change Type to TCP

          Set Start Port to 4500

          Set Finish Port to 4700

     Save

          In the custom service table, we are going to ADD another service.

          Give it a name like ServiceUDP

          Change Type to UDP

          Set Start Port to 4500

          Set Finish Port to 4700

      Save

We now go to

     Access Rules

     In the Default Outbound Policy table we click Add Rule

     Connection Type: leave as Inbound

     Action: Change to Always Allow

     Service: select and scroll down to "ServiceTCP" (we set this service up earlier in the Custom Services)

     Source IP: leave as Any

     Send to Local Server (DNAT IP): change to 192.168.1.222

     Hit SAVE

     Select Add Rule again, and repeat the above steps for creating an access rule, but this time with Service as "ServiceUDP" (we set this service up earlier in the Custom Services)

     Hit SAVE

Now you should see two access rules, one for Service TCP, and one for Service UDP.

Now if you look at

     Port Forwarding

      There will be two rules listed. They show the custom services that we defined earlier, and the destination IP.

     The port ranges are specified in the custom services, and do not show in this Port Forwarding table.

     If you were to have tried to directly configure rules for port-forwarding in this table, you will have discovered that it does not accept more than one port, and that it won't let you leave the field blank.

This appliance is a little weird and totally non-intuitive.

Mine is a Cisco RV180W, firmware 1.0.0.30