Administration Guide
Page 4
Contents Configuring the LAN 43 About the Default LAN Settings 43 Configuring the LAN 44 Viewing the LAN Status 46 VLAN Configuration 46 DHCP Reserved IPs 52 DHCP Leased Clients 53 Configuring an IGMP Proxy 53 Configuring the Optional Port as a LAN Port 53 Configuring the ... 72 Traffic Selectors 73 LAN QoS 74 Enabling LAN QoS 74 Port CoS Mapping 75 Port DSCP Mapping 75 DSCP Remarking 75 Dynamic DNS 76 Cisco SA500 Series Security Appliances Administration Guide 4
Contents Configuring the LAN 43 About the Default LAN Settings 43 Configuring the LAN 44 Viewing the LAN Status 46 VLAN Configuration 46 DHCP Reserved IPs 52 DHCP Leased Clients 53 Configuring an IGMP Proxy 53 Configuring the Optional Port as a LAN Port 53 Configuring the ... 72 Traffic Selectors 73 LAN QoS 74 Enabling LAN QoS 74 Port CoS Mapping 75 Port DSCP Mapping 75 DSCP Remarking 75 Dynamic DNS 76 Cisco SA500 Series Security Appliances Administration Guide 4
Administration Guide
Page 8
...License Management Chapter 9: Network Management RMON (Remote Management) CDP SNMP Configuring SNMP Configuring SNMP System Info UPnP Bonjour Configuring Bonjour Associating VLANs Chapter 10: Status Device Status Device Status Resource Utilization Interface Statistics Port Statistics Wireless Statistics for the SA520W VPN Status IPsec VPN... Status SSL VPN Status Quick VPN Status Active Users View Logs Cisco SA500 Series Security Appliances Administration Guide Contents 185 187 188 189 190 193 194 197 197 199 199 200 200 201 ...
...License Management Chapter 9: Network Management RMON (Remote Management) CDP SNMP Configuring SNMP Configuring SNMP System Info UPnP Bonjour Configuring Bonjour Associating VLANs Chapter 10: Status Device Status Device Status Resource Utilization Interface Statistics Port Statistics Wireless Statistics for the SA520W VPN Status IPsec VPN... Status SSL VPN Status Quick VPN Status Active Users View Logs Cisco SA500 Series Security Appliances Administration Guide Contents 185 187 188 189 190 193 194 197 197 199 199 200 200 201 ...
Administration Guide
Page 28
...functions on the Getting Started (Basic) page. Configure a static IP route from the WAN port of the UC500 to the UC 500 data VLANs (192.168.10.x). For instructions, refer to protect your security appliance, as a DCHP server that assigns IP addresses in the address range ... a cable from the security appliance to an available LAN port of 192.168.75.x. Configure the WAN and LAN settings for your Cisco Smart Business Communications System network. 235235 Outside Network Private Network Laptop computer Internet Internet Access Device SA 500 UC500 Printer Personal computer IP ...
...functions on the Getting Started (Basic) page. Configure a static IP route from the WAN port of the UC500 to the UC 500 data VLANs (192.168.10.x). For instructions, refer to protect your security appliance, as a DCHP server that assigns IP addresses in the address range ... a cable from the security appliance to an available LAN port of 192.168.75.x. Configure the WAN and LAN settings for your Cisco Smart Business Communications System network. 235235 Outside Network Private Network Laptop computer Internet Internet Access Device SA 500 UC500 Printer Personal computer IP ...
Administration Guide
Page 36
Cisco SA500 Series Security Appliances Administration Guide 36 2 Networking This chapter describes how to configure the Networking features for your router. It includes the following sections: • Configuring the WAN Connection • Configuring the LAN • Configuring the Optional WAN • Configuring a DMZ • VLAN Configuration • Routing • Port Management • QoS Bandwidth Profiles • Dynamic DNS • Configuring IPv6 Addressing To access the Networking pages click Networking from the Configuration Utility menu bar.
Cisco SA500 Series Security Appliances Administration Guide 36 2 Networking This chapter describes how to configure the Networking features for your router. It includes the following sections: • Configuring the WAN Connection • Configuring the LAN • Configuring the Optional WAN • Configuring a DMZ • VLAN Configuration • Routing • Port Management • QoS Bandwidth Profiles • Dynamic DNS • Configuring IPv6 Addressing To access the Networking pages click Networking from the Configuration Utility menu bar.
Administration Guide
Page 38
... you have not been assigned a static DNS IP address. - You can be passed on a VLAN tagged WAN interlace. • VLAN ID: Specify the VLAN ID. Also enter the addresses for the Primary DNS Server and the Secondary DNS Server. Cisco SA500 Series Security Appliances Administration Guide 38 Get Dynamically from ISP: Choose this option...
... you have not been assigned a static DNS IP address. - You can be passed on a VLAN tagged WAN interlace. • VLAN ID: Specify the VLAN ID. Also enter the addresses for the Primary DNS Server and the Secondary DNS Server. Cisco SA500 Series Security Appliances Administration Guide 38 Get Dynamically from ISP: Choose this option...
Administration Guide
Page 43
...addresses to the PCs and other settings. • About the Default LAN Settings • Configuring the LAN • Viewing the LAN Status • VLAN Configuration • DHCP Reserved IPs • DHCP Leased Clients • Configuring an IGMP Proxy • Configuring the Optional Port as a LAN Port ...client. • By default, your LAN is the gateway address to be the DHCP server or if you want another PC on the LAN. Cisco SA500 Series Security Appliances Administration Guide 43 With DHCP enabled, the IP address of using a DNS server, you can use a Windows Internet Naming ...
...addresses to the PCs and other settings. • About the Default LAN Settings • Configuring the LAN • Viewing the LAN Status • VLAN Configuration • DHCP Reserved IPs • DHCP Leased Clients • Configuring an IGMP Proxy • Configuring the Optional Port as a LAN Port ...client. • By default, your LAN is the gateway address to be the DHCP server or if you want another PC on the LAN. Cisco SA500 Series Security Appliances Administration Guide 43 With DHCP enabled, the IP address of using a DNS server, you can use a Windows Internet Naming ...
Administration Guide
Page 46
..., see Configuring the Optional Port as a LAN Port, page 53. • If you are not planning to a total of 16 VLANs. The LAN Status window opens. Cisco SA500 Series Security Appliances Administration Guide 46 Viewing the LAN Status STEP 1 Click Networking > LAN > LAN Status.... VLAN Configuration The security appliance supports Virtual LANs (VLANs), which can be treated like two separate networks. Any PC that are isolated from one ...
..., see Configuring the Optional Port as a LAN Port, page 53. • If you are not planning to a total of 16 VLANs. The LAN Status window opens. Cisco SA500 Series Security Appliances Administration Guide 46 Viewing the LAN Status STEP 1 Click Networking > LAN > LAN Status.... VLAN Configuration The security appliance supports Virtual LANs (VLANs), which can be treated like two separate networks. Any PC that are isolated from one ...
Administration Guide
Page 47
... Remote Access: disable - Data, IP Address: See Product Tab - Data, IP Address Distribution: DHCP Server - VLAN - Lease Time in Minutes: 1440 (24hours) - Subnet Mask: 255.255.255.0 Cisco SA500 Series Security Appliances Administration Guide 47 IP Address: 10.1.1.1 - Start IP Address: 10.1.1.50 - Data, Start IP Address: 192.168.75.50 (assuming...
... Remote Access: disable - Data, IP Address: See Product Tab - Data, IP Address Distribution: DHCP Server - VLAN - Lease Time in Minutes: 1440 (24hours) - Subnet Mask: 255.255.255.0 Cisco SA500 Series Security Appliances Administration Guide 47 IP Address: 10.1.1.1 - Start IP Address: 10.1.1.50 - Data, Start IP Address: 192.168.75.50 (assuming...
Administration Guide
Page 48
... > VLAN > VLAN Configuration. The VLAN Configuration window opens. NOTE Next steps: Create VLAN IDs. STEP 1 Click Networking > VLAN > Available VLANs. Cisco SA500 Series Security Appliances Administration Guide 48 Creating VLAN IDs Before you can configure a new VLAN, you can be any other VLANs appear in the table, check the box at the left side of available VLANs table. The Available VLANs window...
... > VLAN > VLAN Configuration. The VLAN Configuration window opens. NOTE Next steps: Create VLAN IDs. STEP 1 Click Networking > VLAN > Available VLANs. Cisco SA500 Series Security Appliances Administration Guide 48 Creating VLAN IDs Before you can configure a new VLAN, you can be any other VLANs appear in the table, check the box at the left side of available VLANs table. The Available VLANs window...
Administration Guide
Page 49
... same PVID is a member of VLANs. Networking Configuring the LAN 2 NOTE VLAN ID 1 is reserved for the default VLAN, which is untagged. Access: The access port is untagged. Untagged data coming into and out of the following options: - Cisco SA500 Series Security Appliances Administration Guide ...49 STEP 2 To update the settings for a port, click the Edit button. The Port VLANs window opens. The port sends and receives both tagged and untagged data...
... same PVID is a member of VLANs. Networking Configuring the LAN 2 NOTE VLAN ID 1 is reserved for the default VLAN, which is untagged. Access: The access port is untagged. Untagged data coming into and out of the following options: - Cisco SA500 Series Security Appliances Administration Guide ...49 STEP 2 To update the settings for a port, click the Edit button. The Port VLANs window opens. The port sends and receives both tagged and untagged data...
Administration Guide
Page 50
...VLAN subnets, the security appliance routes traffic between VLANs. Trunk: The port is connected to a VLAN-aware switch or router. Trunk mode is recommended if the port is a member of a specified set of VLANs. STEP 4 In the VLAN Membership Configuration area, check the box for each VLAN. The Multiple VLAN... such that you want to associate with this VLAN. STEP 1 Click Networking > VLAN > Multiple VLAN Subnets. The Multiple VLAN Subnets window opens. STEP 3 In the DHCP section of the page, choose the DHCP mode: Cisco SA500 Series Security Appliances Administration Guide 50 All ...
...VLAN subnets, the security appliance routes traffic between VLANs. Trunk: The port is connected to a VLAN-aware switch or router. Trunk mode is recommended if the port is a member of a specified set of VLANs. STEP 4 In the VLAN Membership Configuration area, check the box for each VLAN. The Multiple VLAN... such that you want to associate with this VLAN. STEP 1 Click Networking > VLAN > Multiple VLAN Subnets. The Multiple VLAN Subnets window opens. STEP 3 In the DHCP section of the page, choose the DHCP mode: Cisco SA500 Series Security Appliances Administration Guide 50 All ...
Administration Guide
Page 51
...same IP address range as the LAN TCP/IP address (as configured on the VLAN receive the DNS IP addresses of the Relay Gateway. The default is automatically assigned a new dynamic IP address. Cisco SA500 Series Security Appliances Administration Guide 51 STEP 4 If you chose DHCP Server... for the DHCP Mode, enter the following information: • Domain Name: (optional) Enter a domain name for the VLAN. Any new DHCP client joining the VLAN is "leased" to a network...
...same IP address range as the LAN TCP/IP address (as configured on the VLAN receive the DNS IP addresses of the Relay Gateway. The default is automatically assigned a new dynamic IP address. Cisco SA500 Series Security Appliances Administration Guide 51 STEP 4 If you chose DHCP Server... for the DHCP Mode, enter the following information: • Domain Name: (optional) Enter a domain name for the VLAN. Any new DHCP client joining the VLAN is "leased" to a network...
Administration Guide
Page 74
...Configuration window opens. STEP 3 For each port, choose the type of value to use to higher-priority traffic, such as telephone calls. Cisco SA500 Series Security Appliances Administration Guide 74 Uncheck the box to which the traffic selector will applied to save your requirements. LAN QoS The ... Ethernet header field, depending on your settings. STEP 4 Click Apply to this feature. Then enter the IP Address, MAC Address, Port Name, or VLAN, based on the LAN ports, check the box at the Media Access Control level. STEP 2 To enable quality of service on the chosen match type...
...Configuration window opens. STEP 3 For each port, choose the type of value to use to higher-priority traffic, such as telephone calls. Cisco SA500 Series Security Appliances Administration Guide 74 Uncheck the box to which the traffic selector will applied to save your requirements. LAN QoS The ... Ethernet header field, depending on your settings. STEP 4 Click Apply to this feature. Then enter the IP Address, MAC Address, Port Name, or VLAN, based on the LAN ports, check the box at the Media Access Control level. STEP 2 To enable quality of service on the chosen match type...
Administration Guide
Page 143
... client security is required with IPsec clients such as needed for Remote Access with a VPN Client 7 - STEP 5 Repeat as Greenbow. QuickVPN is a propriety Cisco/Linksys client which the remote user will have access. XAUTH can check this box to allow the user to change password?: If you chose... Cisco QuickVPN for the Remote Peer Type, you can be part of the LAN or VLAN IP addresses. • Subnet Mask: Enter the subnet mask for IPsec VPN Remote Access. • Optionally, ...
... client security is required with IPsec clients such as needed for Remote Access with a VPN Client 7 - STEP 5 Repeat as Greenbow. QuickVPN is a propriety Cisco/Linksys client which the remote user will have access. XAUTH can check this box to allow the user to change password?: If you chose... Cisco QuickVPN for the Remote Peer Type, you can be part of the LAN or VLAN IP addresses. • Subnet Mask: Enter the subnet mask for IPsec VPN Remote Access. • Optionally, ...
Administration Guide
Page 202
... csco-sb, http, and https. The default services will only be visible to the hosts belonging to save your savings. The VLAN associated to enable the default services. Network Management Bonjour 9 Bonjour Bonjour is the broadcasting domain. Configuring Bonjour STEP 1 To enable ...window opens. STEP 2 Select the VLAN from the Available VLANs drop-down menu. Bonjour only advertises the default services configured on the menu bar, and then click Bonjour > Bonjour Configuration. STEP 4 Click Apply to add the VLAN. Cisco SA500 Series Security Appliances Administration Guide ...
... csco-sb, http, and https. The default services will only be visible to the hosts belonging to save your savings. The VLAN associated to enable the default services. Network Management Bonjour 9 Bonjour Bonjour is the broadcasting domain. Configuring Bonjour STEP 1 To enable ...window opens. STEP 2 Select the VLAN from the Available VLANs drop-down menu. Bonjour only advertises the default services configured on the menu bar, and then click Bonjour > Bonjour Configuration. STEP 4 Click Apply to add the VLAN. Cisco SA500 Series Security Appliances Administration Guide ...
Administration Guide
Page 203
Cisco SA500 Series Security Appliances Administration Guide 203 Network Management Bonjour 9 To dissociate the VLAN from the service, check the box next the appropriate VLAN and click Delete. .
Cisco SA500 Series Security Appliances Administration Guide 203 Network Management Bonjour 9 To dissociate the VLAN from the service, check the box next the appropriate VLAN and click Delete. .
Administration Guide
Page 231
....168.x.254 255.255.255.0 1440 enable Cisco SA500 Series Security Appliances Administration Guide D 231 Data, IP Address Distribution VLAN - Data, End IP Address VLAN - Voice, IP Address VLAN - Voice, VLAN Number (802.1q tagged packets) VLAN - Data, IP Address VLAN - Voice, End IP Address VLAN - Data, VLAN Number (untagged packets) VLAN - Voice, IP Address Distribution VLAN - Data, Start IP Address...
....168.x.254 255.255.255.0 1440 enable Cisco SA500 Series Security Appliances Administration Guide D 231 Data, IP Address Distribution VLAN - Data, End IP Address VLAN - Voice, IP Address VLAN - Voice, VLAN Number (802.1q tagged packets) VLAN - Data, IP Address VLAN - Voice, End IP Address VLAN - Data, VLAN Number (untagged packets) VLAN - Voice, IP Address Distribution VLAN - Data, Start IP Address...
Administration Guide
Page 232
...(good for validating connectivity) HTTPS Remote Access WAN2 IP address assignment WAN2 - Signaling Authentication - Local Subnet (Data VLAN subnet mask) Setting enable DHCP client 1500 disable disable disable DHCP client 1500 disable disable disable disable enable / disable on DMS... VLAN disable IPv4 Only Automatic enable 192.168.10.0 255.255.255.0 Cisco SA500 Series Security Appliances Administration Guide 232 MTU WAN1- Signaling Authentication - Key Exchange Method IPSec ...
...(good for validating connectivity) HTTPS Remote Access WAN2 IP address assignment WAN2 - Signaling Authentication - Local Subnet (Data VLAN subnet mask) Setting enable DHCP client 1500 disable disable disable DHCP client 1500 disable disable disable disable enable / disable on DMS... VLAN disable IPv4 Only Automatic enable 192.168.10.0 255.255.255.0 Cisco SA500 Series Security Appliances Administration Guide 232 MTU WAN1- Signaling Authentication - Key Exchange Method IPSec ...
Administration Guide
Page 234
... when no DHCP Server Available) 255.255.255.0 VLAN - Data, Subnet Mask (Failover when no DHCP Server Available) VLAN - Data, Name (optional) Data VLAN Cisco SA500 Series Security Appliances Administration Guide D 234 Data, IP Address Assignment (Management) DHCP Client VLAN - Voice, Name (optional) Voice VLAN SSID Name cisco-voice SSID Broadcast disable Wireless Isolation (within SSID): disable...
... when no DHCP Server Available) 255.255.255.0 VLAN - Data, Subnet Mask (Failover when no DHCP Server Available) VLAN - Data, Name (optional) Data VLAN Cisco SA500 Series Security Appliances Administration Guide D 234 Data, IP Address Assignment (Management) DHCP Client VLAN - Voice, Name (optional) Voice VLAN SSID Name cisco-voice SSID Broadcast disable Wireless Isolation (within SSID): disable...
Administration Guide
Page 237
...(1-8 hours, 8 hours 1 day) Public access to share Read-only Idle Disconnect Timeout 5 minutes Banner Welcome to the Cisco Small Business FTP Server Allow Anonymous Access disable Allow Anonymous File Upload disable Allow Anonymous File Download enable Maximum Anonymous Transfer 0... (0 - Data, Subnet Mask (Failover when no DHCP Server Available) VLAN - Data, IP Address Assignment (Management) DHCP Client VLAN - unlimited) in KB/s Disconnect Idle Sessions 5 minutes Cisco SA500 Series Security Appliances Administration Guide 237 Factory Default Settings Storage Storage D...
...(1-8 hours, 8 hours 1 day) Public access to share Read-only Idle Disconnect Timeout 5 minutes Banner Welcome to the Cisco Small Business FTP Server Allow Anonymous Access disable Allow Anonymous File Upload disable Allow Anonymous File Download enable Maximum Anonymous Transfer 0... (0 - Data, Subnet Mask (Failover when no DHCP Server Available) VLAN - Data, IP Address Assignment (Management) DHCP Client VLAN - unlimited) in KB/s Disconnect Idle Sessions 5 minutes Cisco SA500 Series Security Appliances Administration Guide 237 Factory Default Settings Storage Storage D...