Page 1
ADMINISTRATION GUIDE Cisco Small Business RV315W Broadband Wireless VPN Router...
Page 2
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.
Chapter 2: Using the Setup Wizard Starting the Setup Wizard Configuring WAN Connection Configuring Default LAN Settings Configuring Wireless Connection Completing the Setup Wizard Chapter 3: Viewing System Status Device Information WAN Connection Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 5
Configuring 3G Wireless Connection Chapter 5: Networking Configuring DDNS Configuring ALG Configuring Port Forwarding Configuring Single Port Forwarding Configuring Port Range Forwarding Configuring Port Triggering Configuring DMZ Configuring Software DMZ Configuring Hardware DMZ Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Configuring Flow Control Policies Configuring Session Limits Chapter 8: Security Configuring Firewall Configuring DDoS Configuring Content Filtering Configuring Access Control Configuring Access Control Objects Configuring Access Control Policies Configuring MAC Address Filtering Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 7
Configuring System Time Configuring TR-069 Configuring TR-069 Settings Configuring Logic ID Authentication Configuring SNMP Configuring Remote Management Configuring Remote Access Protocols and Ports Configuring Trusted Remote Hosts Appendix A: Where to Go From Here Cisco RV315W Broadband Wireless VPN Router Administration Guide...
RV315W provides routing, switching, security, wireless, 3G, Virtual Private Network (VPN), quality of service (QoS), and flow-control capabilities for small businesses. Before you use the RV315W, become familiar with the lights on the front panel and the ports on the rear panel. Front Panel The lights are located on the front panel of the RV315W.
Page 9
• Solid green when the RV315W is powered on and is operating normally. • Off when the RV315W is powered off or the power has problems. • Solid green when the RV315W is connected to the Internet through your cable or DSL modem.
Page 10
• Flashes green when the RV315W is sending or receiving data over the 3G USB port. • Off when the RV315W does not connect to a 3G wireless network. WLAN • Solid green when the wireless module is enabled, but there is no traffic over the wireless network.
Flashes green when the RV315W is sending or receiving data over the VPN tunnels. • Flashes green once per two seconds when the RV315W is attempting to establish a VPN tunnel, or the attempt of establishing a new VPN tunnel fails.
The POWER port is where you connect the supplied power adapter (12 V/3 A). Power Switch Powers the unit on or off. Default Settings These are the default settings used when configuring your RV315W for the first time. Parameter Default Value Username...
• Mechanical Loading—Be sure that the RV315W is level and stable to avoid any hazardous conditions. Place the RV315W horizontally on a flat surface so that it sits on its four rubber feet. Wall-Mounting The RV315W can be wall-mounted. The wall-mounting hardware is user-supplied.
PC with an Ethernet cable or through a wireless connection to perform the initial configuration. Use the default wireless network name (SSID) and pre-shared key that are provided on the product label at the bottom of the RV315W to connect the PC to your wireless network for the first time.
Devices Supply Getting Started with the Configuration You can use web-based Configuration Utility of the RV315W to view the system information, configure the key parameters, upgrade system firmware, reboot the unit, or restore the unit to its factory default settings.
Connect a computer to an available LAN port on the back panel. After you power STEP 1 on the PC, your PC becomes a DHCP client of the RV315W and receives an IP address in the 192. 1 68. 1 .xxx range.
After you log in to web-based Configuration Utility for the first time, we recommend that you upgrade your firmware to the latest version before you do any other tasks. This feature requires that you have an active WAN connection to access the NOTE Internet. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 18
PC. Click Upgrade. STEP 4 After the new firmware image is validated, the new image is written to flash. The RV315W will be automatically rebooted with the new firmware. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
To back up your configuration: Click System Management > Configuration Management. The Configuration STEP 1 Management page opens. To back up the settings currently used on your RV315W, click Backup STEP 2 Configuration. Select where to locate the configuration file, and then click OK.
Internet Service Provider (ISP). Depending on the requirements of your ISP, choose the Internet connection type and configure the corresponding fields. The RV315W supports four types of network addressing modes: DHCP, Static IP, PPPoE, and L2TP.
Page 21
The following table provides the configuration instruction for each Internet connection type. Confirm that you have proper network information from your ISP or a peer router to configure the RV315W to access the Internet. Internet Configuration...
Page 22
Internet service. If you choose this option, enter the interval to automatically reestablish the WAN connection after the connection is down. The default value is 30 seconds. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 23
• VLAN ID: Enter the tag of the VLAN ID. • 802.1p Priority: Enter the value of the 802. 1 p priority. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Subnet Mask: Enter the subnet mask of the default LAN. • DHCP Service: Check Enable to allow the RV315W to act as a DHCP server and assign IP addresses to all devices that are connected to the LAN. Any new DHCP client joining the LAN is assigned an IP address of the DHCP pool.
Using the Setup Wizard Configuring Wireless Connection Configuring Wireless Connection From the Wireless Configuration page you can configure the wireless network of the RV315W and the security settings for the selected SSID. Enter the following information: STEP 9 • Current SSID: Select a SSID as the default wireless access point of the RV315W.
Page 26
Key boxes. The length of the key should be 5 ASCII characters (or 10 hex characters) for 64-bit encryption and 13 ASCII characters (or 26 hex characters) for 128-bit encryption. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 27
SSID. A value of zero (0) indicates that the key is not refreshed. The default value is 3600 seconds. • WPA Encryption: Choose TKIP, AES, or TKIP+AES as the encryption algorithm for data encryption. The default is TKIP. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 28
SSID. A value of zero (0) indicates that the key is not refreshed. The default value is 3600 seconds. • WPA Encryption: Choose TKIP, AES, or TKIP+AES as the encryption algorithm for data encryption. The default is AES. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 29
RADIUS Server Port: Enter the port number of the primary RADIUS server. The default value is 1812. • RADIUS Server Key: Enter the key for authentication used by the RADIUS server and the RV315W. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
RADIUS server. The default value is 1812. • RADIUS Server Key: Enter the key for authentication used by the RADIUS server and the RV315W. If you want to continue, click Next to proceed to the Complete Setup Wizard page. STEP 10 If you want to return to the previous page, click Back.
Viewing System Status This chapter describes how to view real-time statistics and other information about the RV315W. It includes the following sections: • Device Information • WAN Connection • 3G Wireless Connection • LAN Interfaces • Application Information • Refresh Rate Click System Summary.
3G Wireless Connection The 3G Wireless Connection area displays the following information: • 3G Wireless Network: Displays whether the RV315W is connected to a 3G wireless network or not. • 3G Modem Status: Displays whether a 3G USB dongle is detected or not.
• 3G Network Information: Service Operator: Name of the 3G network service provider. Operating Status: Displays whether the RV315W is connected to a 3G wireless network or not. Flow Rate: Current flow rate of the 3G wireless network. Transfer Rate: Current transfer rate of the 3G wireless network.
The wireless module of the RV315W is enabled by default. The RV315W provides four virtual wireless networks, or four SSIDs (Service Set Identifiers). To see complete details for all wireless clients that are connected to the RV315W: Click View Connected Devices. The following information is displayed: STEP 1 •...
Configuring 3G Wireless Connection Configuring WAN Connections By default, the RV315W is configured to receive a public IP address from your ISP automatically through DHCP. Depending on the requirements of your ISP, you may need to modify the WAN settings to ensure the Internet connectivity.
Configuring WAN Connections By default, the WAN1/LAN0 port on the back panel of the RV315W is set to a secondary WAN interface so that the RV315W can support a second Internet connection to ensure continuous connectivity or to increase available bandwidth and balance traffic.
Page 37
Configuring WAN Connections The following table provides the configuration instruction for each Internet connection type. Confirm that you have proper network information from your ISP or a peer router to configure the RV315W to access the Internet. Internet Configuration Connection...
Page 38
This option is recommended if you pay a flat fee for your Internet service. You can specify the interval to automatically reestablish the WAN connection after the connection is down. The default value is 30 seconds. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 39
IP addresses. Enter the IP address of the primary DNS server. You can get the DNS server addresses from your ISP. • Secondary DNS Server: Enter the IP address of the secondary DNS server. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 40
In the MTU field, choose Auto to use the default MTU size, or choose Manual if STEP 7 you want to specify another size. If you choose Manual, enter the custom MTU size in bytes. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
STEP 1 Settings page opens. In the Configure WAN Interface's Default Route area, select the default route STEP 2 interface for each physical WAN interface. Click OK to save your settings. STEP 3 Cisco RV315W Broadband Wireless VPN Router Administration Guide...
The default value is 60 seconds. • Ping Timeout: If the connection to the ISP is down, the RV315W tries to connect to the ISP after a specified timeout. Enter the timeout, in seconds, to reconnect to the ISP. The default value is 5 seconds.
STEP 8 Configuring WAN1/LAN0 Interface The WAN1/LAN0 port on the back panel of the RV315W can be configured to a secondary WAN port (WAN1) or an additional LAN port (LAN0). Click Port Settings > WAN > WAN1/LAN0 Interface Settings. The WAN1/LAN0 STEP 1 Interface Settings page opens.
Netmask: Enter the subnet mask for the VLAN. • DHCP Server: Check Enable to allow the RV315W to act as a DHCP server and assign IP addresses to all devices that are connected to the LAN. Any new DHCP client joining the LAN is assigned an IP address of the DHCP pool.
To edit the settings of the VLAN, select the VLAN from the drop-down menu, and STEP 5 then change the physical ports that are mapped to the VLAN. To delete a VLAN, Cisco RV315W Broadband Wireless VPN Router Administration Guide...
VLAN1 and VLAN2 cannot be deleted. Configuring Wireless Settings The wireless module of the RV315W is enabled by default. To connect to the default wireless network of the RV315W for the first time, use the default wireless network name (SSID) and pre-shared key that are provided on the product label at the bottom of the RV315W.
To edit the settings of a SSID, check the corresponding SSID and click Edit. STEP 4 Enter the following information: STEP 5 • SSID Name: Enter the name of the wireless network. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 48
SSID. • Allow Remote Management: Check to allow you to remotely access the RV315W through the wireless network and configure the settings of the RV315W. • User Limit: Specify the maximum number of users that can simultaneously connect to this SSID.
Page 49
Key boxes. The length of the key should be 5 ASCII characters (or 10 hex characters) for 64-bit encryption and 13 ASCII characters (or 26 hex characters) for 128-bit encryption. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 50
SSID. A value of zero (0) indicates that the key is not refreshed. The default value is 3600 seconds. • Encryption: Choose TKIP, AES, or TKIP+AES as the encryption algorithm for data encryption. The default is TKIP. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 51
SSID. A value of zero (0) indicates that the key is not refreshed. The default value is 3600 seconds. • Encryption: Choose TKIP, AES, or TKIP+AES as the encryption algorithm for data encryption. The default is AES. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 52
RADIUS Server Port: Enter the port number of the primary RADIUS server. The default value is 1812. • RADIUS Server Key: Enter the key for authentication used by the RADIUS server and the RV315W. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 53
RADIUS server. The default value is 1812. • RADIUS Server Key: Enter the key for authentication used by the RADIUS server and the RV315W. Click OK to apply your settings. STEP 6 Cisco RV315W Broadband Wireless VPN Router Administration Guide...
The RV315W supports the 3G wireless connection capability. To connect to a 3G wireless network, insert an applicable 3G USB dongle into the 3G interface on the back panel of the RV315W, and then configure the settings of the 3G wireless network through web-based Configuration Utility. See the latest datasheet to get the list of 3G USB dongle models supported by the RV315W.
Page 55
Manual Dial: If you select Manual, click Connect to manually dial in the 3G wireless network. To manually disconnect the 3G wireless connection, click Disconnect. • Status: Shows whether the RV315W is connected to a 3G wireless network or not. Click OK to apply your settings. STEP 3...
Networking This chapter describes how to configure other network settings of the RV315W. It includes the following sections: • Configuring DDNS • Configuring ALG • Configuring Port Forwarding • Configuring Port Triggering • Configuring DMZ • Configuring UPnP • Configuring Port Mirroring •...
To configure ALG: Click Networking > ALG. The ALG page opens. STEP 1 Check the box of a protocol to enable the ALG support. The RV315W supports STEP 2 ALG for GRE, SIP, H.323, IPSEC, L2TP, RTSP and NAT Passthrough.
Click Add to add this single port forwarding rule in the list. STEP 3 To edit a single port forwarding rule, select the corresponding rule and click the STEP 4 Edit icon. To delete a single port forwarding rule, select the corresponding rule Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Edit icon. To delete a port range forwarding rule, select the corresponding rule and click the Delete icon. To delete multiple port range forwarding rules at a time, select the corresponding rules and click the Delete button. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
STEP 3 To edit a port triggering rule, select the corresponding rule and click the Edit icon. STEP 4 To delete a port triggering rule, select the corresponding rule and click the Delete Cisco RV315W Broadband Wireless VPN Router Administration Guide...
To edit a software DMZ rule, select the corresponding rule and click the Edit icon. STEP 4 To delete a software DMZ rule, select the corresponding rule and click the Delete icon. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Click Networking > UPnP. The UPnP page opens. STEP 1 Click Enable to enable UPnP, or click Disable to disable UPnP. If UPnP is disabled, STEP 2 the RV315W will not allow for automatic device configuration. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
STEP 4 Configuring Routing This section provides information on configuring the routing mode between WAN and LAN, viewing the routing table, and configuring the static routing, dynamic routing, and policy-based routing settings. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Networking Configuring Routing Configuring Basic Routing Settings Depending on the requirements of your ISP, you can configure the RV315W to operate in NAT mode or Routing mode. By default, NAT mode is enabled. Configuring Routing Mode To configure the routing mode: Click Networking >...
Destination IP: Enter the destination IP address for outbound traffic. • Port Number: Select the port number that the policy-based routing sends out the packages. Select Any to automatically select a routing port. Select Single to manually set the port number. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Dynamic routing enables the RV315W to automatically adjust to physical changes in the network's layout and exchange routing tables with the other routers. The RV315W determines the network packets’ route based on the fewest number of hops between the source and the destination.
• RIP: Displays whether RIP is enabled or disabled on this interface. • Port Passive: Determines how the RV315W receives RIP packets. Check Enable to enable this feature on the port. • Authentication: Specify the authentication method for the port.
IGMP Version: Choose either IGMP v1 or IGMP v2. • IGMP Proxy: Click Enable to enable IGMP Proxy so that the RV315W can act as a proxy for all IGMP requests and communicate with the IGMP servers of the ISP, or click Disable to disable it.
PC that installs third-party VPN client software. For example, you can configure the RV315W at a branch site to connect to the VPN router at the corporate site so that the branch site can securely access the corporate network.
Setting Up a Site-to-Site VPN A site-to-site VPN policy is used to create a new tunnel between two VPN devices, such as a Cisco RV315W router at your office and a Cisco RV315W router at a remote office. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 71
Pre-shared Key field. The pre- shared key must be entered exactly the same here and on the remote peer. • Filter Method: Select one of the following options: Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 72
Authentication Algorithm: Specify the authentication algorithm for the VPN header. There are two hash algorithms supported by the RV315W: SHA1 and MD5. The default is SHA1. Encryption Algorithm: Choose the algorithm used to negotiate the security association.
IPsec Connection Name: Enter a unique name for the IPsec VPN policy. • Interface: Select a WAN interface that traffic passes through over the IPsec VPN tunnel. • Connection Type: Select pc-to-site as the type of the VPN connection. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 74
Authentication Algorithm: Specify the authentication algorithm for the VPN header. There are two hash algorithms supported by the RV315W: SHA1 and MD5. The default is SHA1. Encryption Algorithm: Choose the algorithm used to negotiate the security association.
Edit icon. See Setting Up a Site-to-Site VPN Setting up a PC to Site for more information. To delete an IPsec VPN policy, select the corresponding policy and click the STEP 3 Delete icon. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
• Queue Name: Name of the queue. • Guaranteed Rate: Enter the amount of minimum bandwidth in Kbps for upstream traffic allowed on the interface queue. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Configuring Flow Control Policies Use the Flow Control Policies page to configure the flow control policies. Up to 25 flow control policies can be configured on the RV315W. To create a flow control policy: Click QoS > Flow Control Policies. The Flow Control Policies page opens.
Use the Session Limits page to configure the maximum number of connection sessions for the complete system, for a range of IP addresses, or for each physical port. When the connection table is full, the new sessions that access the RV315W are dropped.
Page 79
Quality of Service (QoS) Configuring Session Limits Click OK to save your settings. STEP 4 Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Click Security > Firewall. The Firewall page opens. STEP 1 Check Enable to enable the firewall feature (recommended), or check Disable to STEP 2 disable this feature. Enter the following information: STEP 3 Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 81
Enter the port number that is used for filtering HTTP traffic. The firewall only monitors and controls the website visits through this HTTP port. Click OK to save your settings. STEP 4 Cisco RV315W Broadband Wireless VPN Router Administration Guide...
To configure DoS prevention: Click Security > DDoS. The DDoS page opens. STEP 1 The RV315W supports three types of DoS preventions: SYN Flood, UDP Flood, STEP 2 and ICMP Flood. Check Enable to enable DoS Prevention, or check Disable to disable this feature.
STEP 2 Settings page opens. Enter the following information: STEP 3 • Time Range: Enter the starting time and ending time. • Interface Name: Select the interface used by the access control object. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Source IP Address: Enter the source IP address to which the access control policy applies. • Destination Port: Enter the destination port to which the access control policy applies. • Action: Select Enable to enable this policy. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
In the MAC Addresses List area, specify the list of MAC addresses. To add a MAC STEP 3 address, click Create. The MAC Address Filtering Policy page opens. Up to 20 MAC addresses can be configured on the RV315W. Enter the following information: STEP 4 •...
STEP 3 In the Manual IP&MAC Binding area, you can manually add the IP&MAC binding STEP 4 rule. To create a new IP&MAC binding rule, click Create. The IP&MAC Binding Rule page opens. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Page 87
To edit the settings of an IP&MAC binding rule, select the corresponding rule and STEP 7 click the Edit icon. To delete an IP&MAC binding rule, select the corresponding rule and click the Delete icon. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
• Configuring Remote Management Rebooting the RV315W To reboot the RV315W, you can press and release the RESET button on the back panel for less than 5 seconds, or perform the Reboot operation from web-based Configuration Utility. To reboot the RV315W through web-based Configuration Utility: Click System Management >...
Use the User Management page to manage the user accounts. Viewing User Information The RV315W predefines an administrative account (admin) and a normal user (cisco). The administrative account has full privilege to set the configuration and read the system status. The normal users can only read the system status after they login.
To create a normal user, you must log in to web-based Configuration Utility using the system administrator account. Up to 5 user accounts can be configured on the RV315W, including the default system administrator (admin) and normal user (cisco). To create a new user account: Click System Management >...
STEP 3 Restoring Factory Default Settings To restore the RV315W to the factory default settings, you can press and hold the RESET button on the back panel for more than 5 seconds, or perform the Reset to Factory Defaults operation from web-based Configuration Utility.
This operation reboots the unit and restores the RV315W to the factory default STEP 3 settings. The settings that you have previously made to the RV315W are lost. Click Managing System Configuration This section describes how to work with the configuration. You can perform the following tasks to maintain system configuration: •...
System Management Upgrading the Firmware The RV315W first sends a message to the upper-level NMS. The upper-level NMS automatically gets the configuration file of the RV315W after the NMS receives the requesting message. Upgrading the Firmware During a firmware upgrade, do NOT turn off the device, shut down the PC, remove CAUTION the cable, or interrupt the process in any way until the operation is complete.
Use the following diagnostic utilities to access configuration of the RV315W and to monitor the overall network health. Ping Use the Ping page to test the connectivity between the RV315W and a connected device on the network. Click System Management > Diagnostic Utilities > Ping. The Ping page opens.
The Current System Time field displays the current date and time. In the Set System Time area, select the Manually radio button to manually set the STEP 2 date and time. Enter the values in the Date and Time fields. Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Username: Enter the username to log in to the ACS remote management server. Password: Enter the password to log in to the ACS remote management server. • CPE: Specify the CPE settings for TR-069 remote management: Cisco RV315W Broadband Wireless VPN Router Administration Guide...
RV315W to the TR-069 server, or select Vendor Configuration to send a request to upload the configuration file with the factory default settings of the RV315W to the TR-069 server. Then click OK to send the corresponding upload request to the TR-069 server.
Configuring SNMP Simple Network Management Protocol (SNMP) is a network protocol used over User Datagram Protocol (UDP) that lets you monitor and manage the RV315W from a SNMP manager. SNMP provides a remote means to monitor and control the network devices, and to manage the configuration, statistics collection, performance, and security.
Page 99
Entering 0.0.0.0 in this field allows any host to access the SNMP entity. • Trap Receiver Host: Enter the IP address or domain name of the remote host that is used to receive the SNMP traps. Click OK to save your settings. STEP 3 Cisco RV315W Broadband Wireless VPN Router Administration Guide...
Configuring Remote Management You can access web-based Configuration Utility from the LAN side by using the RV315W’s LAN IP address and HTTP, or from the WAN side by using the RV315W’s WAN IP address and HTTPS (HTTP over SSL) or HTTP.
System Management Configuring Remote Management Configuring Trusted Remote Hosts Only the trusted hosts can be allowed to access the RV315W by using HTTPS or HTTP from the WAN side. To specify the trusted hosts: Click System Management > Remote Management > Trusted Remote Hosts.
Where to Go From Here Cisco provides a wide range of resources to help you and your customer obtain the full benefits of the Cisco RV315W Broadband Wireless VPN Router. Cisco Small Business Support www.cisco.com/go/smallbizsupport Community Cisco Small Business Support www.cisco.com/go/smallbizhelp...