Home » Cisco Manuals » Bridges & Routers » Cisco RV042 » Manual Viewer

Cisco RV042 User Guide - Page 76

Configuration of Scenario 2, Configuration of the One-to-One NAT Rules

UPC - 745883560530

Add to My Manuals
Save this manual to your list of manuals

Page 76 highlights

Appendix D IPSec NAT Traversal Configuration of Scenario 2 In this scenario, Router B is the RVL200 Initiator, while Router A is the RVL200 Responder. Router B will have the Remote Security Gateway IP address set to a public IP address that is associated with the WAN IP address of Router A, which is behind the NAT. Hence the public IP address (192.168.99.1) must be mapped to the WAN IP address (192.168.11.101, a private IP address) of Router A through the two one-to-one NAT rules: •• 192.168.99.1 => 192.168.111.11 (on NAT 2) •• 192.168.111.11 => 192.168.11.101 (on NAT 1) WAN: 192.168.99.11 NAT 2 - RV042 LAN: 192.168.111.1 WAN: 192.168.99.22 Router B - RVL200 Initiator LAN: 192.168.2.0/24 Configuration of the One-to-One NAT Rules The one-to-one NAT rules must be configured on NAT 2 - RV042 and NAT 1 - RVO42. One-to-One NAT Rule on NAT 2 - RV042 192.168.99.1 => 192.168.111.11 Follow these instructions for the one-to-one NAT rule on NAT 2 - RV042. 1. Launch the web browser for a networked computer. 2. Access the web-based utility of NAT 2 - RV042. (Refer to "Chapter 4: Advanced Configuration" for details.) 3. Click the Setup tab. 4. Click the One-to-One NAT tab. 5. For the One-to-One NAT setting, select Enable. WAN: 192.168.111.101 NAT 1 - RV042 LAN: 192.168.11.1 WAN: 192.168.11.101 Router A - RVL200 Responder LAN: 192.168.1.0/24 192.168.2.100 192.168.1.101 Traffic in Scenario 2 NOTE: Both the IPSec initiator and responder must support the mechanism for detecting the NAT router in the path and changing to a new port, as defined in RFC 3947. 10/100 4-Port VPN Router Setup > One-to-One NAT 6. In the Private Range Begin field, enter 99.1. 7. In the Public Range Begin field, enter 111.11. 8. In the Range Length field, enter an appropriate value. The range length cannot exceed the number of valid IP addresses. To map a single address, enter 1. 9. Click Add to List. 10. Click Save Settings. Refer to "Chapter 4: Advanced Configuration" for more details about one-to-one NAT rules. One-to-One NAT Rule on NAT 1 - RV042 192.168.111.11 => 192.168.11.101 Follow these instructions for the one-to-one NAT rule on NAT 1 - RV042. 1. Launch the web browser for a networked computer. 2. Access the web-based utility of NAT 1 - RV042. (Refer to "Chapter 4: Advanced Configuration" for details.) 3. Click the Setup tab. 69

Section	Page
Chapter 1: Introduction	8
Introduction to the Router	8
Introduction to VPNs	8
VPN Examples	8
VPN Router to VPN Router	8
Computer (using VPN client software) to VPN Router	9
Chapter 2: Product Overview	10
Front Panel	10
Back Panel	10
Right Side Panel	10
Left Side Panel	10
Chapter 3: Installation	11
Physical Installation	11
Horizontal Placement	11
Wall-Mounting Placement	11
Cable Connections	11
Chapter 4: Advanced Configuration	13
Overview	13
How to Access the Web-Based Utility	13
System Summary	13
System Information	14
Configuration	14
Port Statistics	14
Network Setting Status	15
Firewall Setting Status	15
VPN Setting Status	15
Log Setting Status	15
Setup Tab > Network	16
Network	16
Setup > Password	19
Password	20
Setup > Time	20
Time	20
Setup > DMZ Host	20
DMZ Host	20
Setup Tab > Forwarding	21
Forwarding	21
Setup > UPnP	22
UPnP	22
Setup > One-to-One NAT	23
One-to-One NAT	23
Setup > MAC Clone	23
MAC Clone	24
Setup > DDNS	24
DDNS	24
Setup > Advanced Routing	25
Advanced Routing	25
DHCP > Setup	26
Setup	27
DHCP > Status	28
Status	28
System Management Tab > Dual-WAN	28
Dual-WAN	28
System Management > Bandwidth Management	30
Bandwidth Management	31
System Management > SNMP	32
System Management > Diagnostic	33
Diagnostic	33
System Management > Factory Default	34
Factory Default	34
System Management > Firmware Upgrade	34
Firmware Upgrade	34
Restart	35
System Management > Setting Backup	35
Import Configuration File	35
Export Configuration File	35
Port Management > Port Setup	35
Basic Per Port Config.	35
Port Management > Port Status	36
Port Status	36
Firewall > General	36
General	36
Firewall > Access Rules	37
Access Rules	38
Add a New Access Rule	38
Firewall > Content Filter	39
Content Filter	40
ProtectLink	40
VPN > Summary	40
Summary	40
VPN > Gateway to Gateway	42
Add a New Tunnel	42
IPSec Setup	45
VPN > Client to Gateway	47
Add a New Tunnel	48
IPSec Setup	51
VPN > VPN Client Access	53
VPN Client Access	54
VPN > VPN Pass Through	54
VPN Pass Through	55
VPN > PPTP Server	55
PPTP Server	55
Connection List	55
Log > System Log	55
System Log	56
Log > System Statistics	57
Wizard	58
Basic Setup	58
Access Rule Setup	61
Support	63
Manual	63
Linksys Web Site	63
Logout	63
Appendix A: Troubleshooting	64
Appendix B: Linksys QuickVPN for Windows 2000, XP, or Vista	65
Introduction	65
Computer (using VPN client software) to VPN Router	65
Linksys QuickVPN Instructions	65
Router Configuration	65
Export a Client Certificate from the Router	65
Add VPN Client Users	66
Linksys QuickVPN Client Installation and Configuration	66
Install from the CD-ROM	66
Download from the Internet	67
Install the Client Certificate	67
Use of the Linksys QuickVPN Software	67
Linksys QuickVPN Connection	67
Version Number of Linksys QuickVPN	68
Appendix C: Gateway-to-Gateway VPN Tunnel	69
Overview	69
Before You Begin	69
Configuration when the Remote Gateway Uses a Static IP Address	69
Configuration of the RVL200	69
Configuration of the RV042	70
Configuration of PC 1 and PC 2	70
Configuration when the Remote Gateway Uses a Dynamic IP Address	71
Configuration of the RVL200	71
Configuration of the RV042	71
Configuration of PC 1 and PC 2	72
Configuration when Both Gateways Use Dynamic IP Addresses	72
Configuration of the RVL200	72
Configuration of the RV042	73
Configuration of PC 1 and PC 2	73
Appendix D: IPSec NAT Traversal	74
Overview	74
Before You Begin	74
Configuration of Scenario 1	74
Configuration of Router A	74
Configuration of Router B	75
Configuration of Scenario 2	76
Configuration of the One-to-One NAT Rules	76
Configuration of Router B	77
Configuration of Router A	77
Appendix E: Bandwidth Management	79
Overview	79
Creation of New Services	79
Creation of New Bandwidth Management Rules	80
Appendix F: Firmware Upgrade	81
Overview	81
How to Access the Web-Based Utility	81
Upgrade the Firmware	81
Alternative Firmware Upgrade Option	81
Appendix G: Trend Micro ProtectLink Gateway Service	83
Overview	83
How to Access the Web-Based Utility	83
How to Purchase, Register, or Activate the Service	83
System Summary	83
ProtectLink	84
How to Use the Service	84
ProtectLink > Web Protection	85
ProtectLink > Email Protection	86
ProtectLink > License	86
Appendix H: Specifications	88
Appendix I: Warranty Information	89
Exclusions and Limitations	89
Obtaining Warranty Service	89
Technical Support	90
Appendix J: Software License Agreement	91
Software in Linksys Products:	91
Software Licenses:	91
Schedule 1	91
Linksys Software License Agreement	91
END OF SCHEDULE 1	92
Schedule 2	92
GNU GENERAL PUBLIC LICENSE	92
END OF SCHEDULE 2	95
Schedule 3	95
OpenSSL License	96
Original SSLeay License	96
END OF SCHEDULE 3	97
Appendix K: Regulatory Information	98
FCC Statement	98
Safety Notices	98
Industry Canada Statement	98
Avis d’Industrie Canada	98
User Information for Consumer Products Covered by EU Directive 2002/96/EC on Waste Electric and Electronic Equipment (WEEE)	99

Match case Limit results 1 per page

IPSec NAT Traversal

10/100 4-Port VPN Router

Appendix D

Configuration of the One-to-One NAT Rules

The one-to-one NAT rules must be configured on

NAT 2 - RV042 and NAT 1 - RVO42.

One-to-One NAT Rule on NAT 2 - RV042

192.168.99.1 => 192.168.111.11

Follow these instructions for the one-to-one NAT rule on

NAT 2 - RV042.

Launch the web browser for a networked computer.

Access the web-based utility of NAT 2 - RV042. (Refer to

“Chapter 4: Advanced Configuration” for details.)

Click the

Setup

tab.

Click the

One-to-One NAT

tab.

For the One-to-One NAT setting, select

Enable

Setup > One-to-One NAT

In the

Private Range Begin

field, enter

99.1

In the

Public Range Begin

field, enter

111.11

In the

Range Length

field, enter an appropriate value.

The range length cannot exceed the number of valid

IP addresses. To map a single address, enter

Click

Add to List

Click

10.

Save Settings

Refer to “Chapter 4: Advanced Configuration” for more

details about one-to-one NAT rules.

One-to-One NAT Rule on NAT 1 - RV042

192.168.111.11 => 192.168.11.101

Follow these instructions for the one-to-one NAT rule on

NAT 1 - RV042.

Launch the web browser for a networked computer.

Access the web-based utility of NAT 1 - RV042. (Refer to

“Chapter 4: Advanced Configuration” for details.)

Click the

Setup

tab.

Configuration of Scenario 2

In this scenario, Router B is the RVL200 Initiator, while

Router A is the RVL200 Responder. Router B will have

the Remote Security Gateway IP address set to a public

IP address that is associated with the WAN IP address of

Router A, which is behind the NAT. Hence the public IP

address (192.168.99.1) must be mapped to the WAN IP

address (192.168.11.101, a private IP address) of Router A

through the two one-to-one NAT rules:

192.168.99.1 => 192.168.111.11 (on NAT 2)

•

192.168.111.11 => 192.168.11.101 (on NAT 1)

•

192.168.1.101

192.168.2.100

WAN: 192.168.99.22

Router B - RVL200

Initiator

LAN: 192.168.2.0/24

WAN: 192.168.99.11

NAT 2 - RV042

LAN: 192.168.111.1

WAN: 192.168.111.101

NAT 1 - RV042

LAN: 192.168.11.1

WAN: 192.168.11.101

Router A - RVL200 Responder

LAN: 192.168.1.0/24

Traffic in Scenario 2

NOTE:

Both the IPSec initiator and responder

must support the mechanism for detecting the

NAT router in the path and changing to a new

port, as defined in RFC 3947.