RV320 vs 1921/1941

Similar Messages

• Question for VWIC3-1MFT-T1/E1 capabilities

  I am trying to receive some feedback before purchasing the hardware....
  I have a remote location connected to my data LAN via an Ethernet Private Line. On both ends I have  2911 routers with 15.2 OS version. I would like to install a voice card (VWIC3-1MFT-T1/E1) in both routers and connect also the voice switches (ALCATEL 4400) over the same WAN interface (Ethernet Private Line) as the data connection in order the give up the additional leased E1 that I have currently for the PABX PRI inter-node link between the same locations. Alcatel is using the ABC-F proprietary protocol over the PRI connection. The Alcatel board used is PRA-2.
  Is this going to work? Has anyone tried a similar configuration? Did you experienced any issues?
  Sam

  Hi George,
  Sadly not supported on any 2800 series
  The Cisco®  Third-generation 1-, 2-port and 4-port T1/E1 Multiflex Trunk Voice/WAN  Interface (MFT VWIC3s) support data and voice applications on the Cisco  1921, 1941 and 1941W (data only), and the Cisco 2901, 2911, 2921, 2951,  3925, 3945, 3925E and 3945E Integrated Services Routers.
  Table 1. Cisco MFT VWIC3 Platform Support and Minimum Cisco IOS Software Release Requirements
  VWIC3-1MFT-T1/E1
  VWIC3-2MFT-T1/E1
  VWIC3-1MFT-G703
  VWIC3-2MFT-G703
  VWIC3-4MFT-T1/E1
  Cisco 1900 Chassis EHWIC Slots
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  N/A*
  Cisco 2900 Chassis EHWIC Slots
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.1(3)T*
  Cisco 3900 Chassis EHWIC Slots
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.1(3)T
  * VWIC3-4MFT-T1/E1is supported on Cisco 2911, 2921, 2951 and Cisco 3900 Series routers
  http://www.cisco.com/en/US/prod/collateral/routers/ps5855/data_sheet_c36-609138.html
  Cheers!
  Rob
  "Why do the best things always disappear " 
  - The Band

• VWIC3-1MFT-T1/E1 for 2911 . base config

  Hi,
  I need the base configs for this VWIC3-1MFT-T1/E1 for 2911 please. ( Card type & card controller )
  Thanks.

  Hi George,
  Sadly not supported on any 2800 series
  The Cisco®  Third-generation 1-, 2-port and 4-port T1/E1 Multiflex Trunk Voice/WAN  Interface (MFT VWIC3s) support data and voice applications on the Cisco  1921, 1941 and 1941W (data only), and the Cisco 2901, 2911, 2921, 2951,  3925, 3945, 3925E and 3945E Integrated Services Routers.
  Table 1. Cisco MFT VWIC3 Platform Support and Minimum Cisco IOS Software Release Requirements
  VWIC3-1MFT-T1/E1
  VWIC3-2MFT-T1/E1
  VWIC3-1MFT-G703
  VWIC3-2MFT-G703
  VWIC3-4MFT-T1/E1
  Cisco 1900 Chassis EHWIC Slots
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  N/A*
  Cisco 2900 Chassis EHWIC Slots
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.1(3)T*
  Cisco 3900 Chassis EHWIC Slots
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.0(1)M3, 15.1(1)T1, 15.1(2)T
  15.1(3)T
  * VWIC3-4MFT-T1/E1is supported on Cisco 2911, 2921, 2951 and Cisco 3900 Series routers
  http://www.cisco.com/en/US/prod/collateral/routers/ps5855/data_sheet_c36-609138.html
  Cheers!
  Rob
  "Why do the best things always disappear " 
  - The Band

• Does 1900 series router supports voice functon?

                     I have seen that 1921 and 1941 can insert a vwic3 interface card,but i cannot see pvdm on 1921&1941,my question is that how 1921&1941 support voice function(e.g voice termination)?

  Hi.
  Based on these docs, it does not support voice
  http://www.cisco.com/en/US/products/ps10538/prod_series_comparison.html
  http://www.cisco.com/en/US/prod/collateral/voicesw/ps6789/ps7290/ps10589/data_sheet_c78-598389.html
  VWIC3 cards are not only for voice, that's why you can add them to a 1900 series router.
  http://www.cisco.com/en/US/prod/collateral/routers/ps5855/data_sheet_c36-609138.html
  HTH
  Regards
  Carlo
  Sent from Cisco Technical Support iPhone App

• Logging persistent url not working on 1921

  Hi All
  I am unable to configure logging persistence on a 1921.  Is this due to the internal arrangement of flash memory and the fact it is present as usbflash0:/ and not flash:/?
  I understand logging buffered needs to be configured first and I have done that.  I am running 15.1(4)M6 and here is what happens when I try and configure this feature:
  On a 1921:
  Router(config)#logging persistent url ?
  % Unrecognized command
  Router(config)#logging persistent ?  
    batch      Set batch size for writing to persistent storage
    filesize   Set size of individual log files
    immediate  Write log entry to storage immediately (no buffering).
    notify     Notify when show logging [persistent] is activated.
    protected  Eliminates manipulation on logging-persistent files.
    size       Set disk space for writing log messages
    threshold  Set threshold for logging persistent
    url        URL to store logging messages
    <cr>
  On a 1941:
  Router(config)#logging persistent url ?
    flash0:  Filesystem name
    flash1:  Filesystem name
    flash:   Filesystem name
  Any ideas?

  Single Sign-on and single sign-off methods are much different in 10g family of OAS than from those in 9iAS.
  There are internal redirections involved in 10g family, and 10.1.4 has even a little more different method of login and logout than even 10.1.2.0.2.
  You will have to notify your logout page in WWSSO_LS_CONFIGURATION_INFO$ in the orasso schema.
  hi
  1. i cant find table WWSSO_LS_CONFIGURATION_INFO
  only WWSSO_LS_CONFIGURATION_INFO_T and
  WWSEC_ENABLE_CONFIG_INFO$
  was should i do ?
  You will have to notify your logout page in WWSSO_LS_CONFIGURATION_INFO$ in the orasso schema.
  2. do i have to create a customised logout page?
  Ria

• Regarding BTU / hr for 1921/K9 router

  Hi All ,
  Do we have any vlaue for BTU/hr for 1921/K9 router..
  I can find out BTU/Hr value for few routers and switches but not for 1921 router..
  Any link which shows the VTU/Hr value for 1921 router ..I tried to get it in Cisco website but i could not able to find it out...
  I need to know the BTU/ hr value for 1921 router which could be shared with power team as we are going to install 1921 router at one of the cusotmer site..
  For example for 3750-48P switches BTU/Hr value is 404 BTU/hour..Its related to maximum Thermal output (BTU/Hr) on the device..
  Any help would be appreciated..
  With rgds,
  M S K
  Thanks ,
  M S K       

  I require BTU/hr for 1921/K9 and 1941/K9 routers
  I can find this info for 1841/K9 router, 153 BTU/hr, but not for the 1900 series routers

• Cisco 1921 - Visio template needed

  Can anyone send me a template for a Cisco 1921 router?  (only the 1941 is on the Cisco download site).\
  Would prefer a 2-D version . . .
  You can email it direct to me [email protected]
  thks,    - Bill H

  Hello Bill,
  Please click here for Visio Stencils
  HTH
  Regards,
  Ashish Shirkar
  Technical Community Manager-NI

• SSL VPN on Cisco 1941 with Firewall woes

  Hi Folks,
  Been trying to setup SSL VPN on a 1941 with limited sucess.
  I can get the VPN configured and working but as soon as enable the firewall it blocks the VPN
  The VPN connects and I can ping the internal gateway address from a remote client  but I can't
  connect to any of the internal Lan address.
  Been round and round in circles, any help appreciated.
  Cheers
  Building configuration...
  Current configuration : 9532 bytes
  ! Last configuration change at 13:08:29 UTC Sun Feb 23 2014 by admin
  version 15.2
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname router
  boot-start-marker
  boot-end-marker
  no logging buffered
  enable secret 4 xxxxx
  aaa new-model
  aaa authentication login default local
  aaa authorization exec default local
  aaa session-id common
  ip cef
  ip name-server 8.8.8.8
  ip name-server 4.4.4.4
  no ipv6 cef
  multilink bundle-name authenticated
  crypto pki trustpoint my-gw-ca
  enrollment selfsigned
  subject-name Cn=gw
  revocation-check crl
  rsakeypair gw-rsa
  crypto pki trustpoint test_trustpoint_config_created_for_sdm
  subject-name [email protected]
  revocation-check crl
  crypto pki certificate chain my-gw-ca
  certificate self-signed 01
    30820320 30820208 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
    DAC0F948 A5B56EDD CD6DABBD 47463AB2 7E3F0DC3 DF4ECCE6 EAC5E916 B83DA4D0 C3119E9B
              quit
  crypto pki certificate chain test_trustpoint_config_created_for_sdm
  license udi pid CISCO1941/K9 sn
  username aaa privilege 15 secret 4
  username bbb privilege 0 secret 4
  username ccc privilege 15 view root secret 4
  redundancy
  class-map type inspect match-all CCP_SSLVPN
  match access-group name CCP_IP
  class-map type inspect match-any ccp-skinny-inspect
  match protocol skinny
  class-map type inspect match-any SDM_WEBVPN
  match access-group name SDM_WEBVPN
  class-map type inspect match-any ccp-h323nxg-inspect
  match protocol h323-nxg
  class-map type inspect match-any ccp-cls-icmp-access
  match protocol icmp
  match protocol tcp
  match protocol udp
  class-map type inspect match-any ccp-h225ras-inspect
  match protocol h225ras
  class-map type inspect match-any ccp-h323annexe-inspect
  match protocol h323-annexe
  class-map type inspect match-any ccp-cls-insp-traffic
  match protocol dns
  match protocol ftp
  match protocol https
  match protocol icmp
  match protocol imap
  match protocol pop3
  match protocol netshow
  match protocol shell
  match protocol realmedia
  match protocol rtsp
  match protocol smtp
  match protocol sql-net
  match protocol streamworks
  match protocol tftp
  match protocol vdolive
  match protocol tcp
  match protocol udp
  class-map type inspect match-any ccp-h323-inspect
  match protocol h323
  class-map type inspect match-all ccp-invalid-src
  match access-group 100
  class-map type inspect match-any ccp-sip-inspect
  match protocol sip
  class-map type inspect match-all ccp-protocol-http
  match protocol http
  class-map type inspect match-all SDM_WEBVPN_TRAFFIC
  match class-map SDM_WEBVPN
  match access-group 102
  class-map type inspect match-all ccp-insp-traffic
  match class-map ccp-cls-insp-traffic
  class-map type inspect match-all ccp-icmp-access
  match class-map ccp-cls-icmp-access
  policy-map type inspect ccp-inspect
  class type inspect ccp-invalid-src
    pass
  class type inspect ccp-protocol-http
    inspect
  class type inspect ccp-insp-traffic
    inspect
  class type inspect ccp-sip-inspect
    inspect
  class type inspect ccp-h323-inspect
    inspect
  class type inspect ccp-h323annexe-inspect
    inspect
  class type inspect ccp-h225ras-inspect
    inspect
  class type inspect ccp-h323nxg-inspect
    inspect
  class type inspect ccp-skinny-inspect
    inspect
  class class-default
    pass
  policy-map type inspect ccp-sslvpn-pol
  class type inspect CCP_SSLVPN
    pass
  class class-default
    drop
  policy-map type inspect ccp-permit
  class type inspect SDM_WEBVPN_TRAFFIC
    inspect
  class class-default
    pass
  policy-map type inspect ccp-permit-icmpreply
  class type inspect ccp-icmp-access
    inspect
  class class-default
    pass
  zone security out-zone
  zone security in-zone
  zone security sslvpn-zone
  zone-pair security ccp-zp-self-out source self destination out-zone
  service-policy type inspect ccp-permit-icmpreply
  zone-pair security ccp-zp-in-out source in-zone destination out-zone
  service-policy type inspect ccp-inspect
  zone-pair security ccp-zp-out-self source out-zone destination self
  service-policy type inspect ccp-permit
  zone-pair security zp-out-zone-sslvpn-zone source out-zone destination sslvpn-zone
  service-policy type inspect ccp-sslvpn-pol
  zone-pair security zp-sslvpn-zone-out-zone source sslvpn-zone destination out-zone
  service-policy type inspect ccp-sslvpn-pol
  zone-pair security zp-in-zone-sslvpn-zone source in-zone destination sslvpn-zone
  service-policy type inspect ccp-sslvpn-pol
  zone-pair security zp-sslvpn-zone-in-zone source sslvpn-zone destination in-zone
  service-policy type inspect ccp-sslvpn-pol
  crypto vpn anyconnect flash0:/webvpn/anyconnect-win-3.1.05152-k9.pkg sequence 1
  interface Embedded-Service-Engine0/0
  no ip address
  shutdown
  interface GigabitEthernet0/0
  description $ETH-LAN$$FW_INSIDE$
  ip address 192.168.192.1 255.255.255.0
  ip nat inside
  ip virtual-reassembly in
  zone-member security in-zone
  duplex auto
  speed auto
  interface GigabitEthernet0/1
  description $ETH-WAN$$FW_OUTSIDE$
  ip address 194.74.99.99 255.255.255.224
  ip nat outside
  ip virtual-reassembly in
  zone-member security out-zone
  duplex auto
  speed auto
  interface Virtual-Template1
  description $FW_INSIDE$
  ip unnumbered GigabitEthernet0/1
  zone-member security in-zone
  interface Virtual-Template2
  description $FW_INSIDE$
  ip unnumbered GigabitEthernet0/1
  zone-member security in-zone
  interface Virtual-Template3
  ip unnumbered GigabitEthernet0/1
  zone-member security sslvpn-zone
  ip local pool vpn-ssl-pool 192.168.192.200 192.168.192.210
  ip forward-protocol nd
  ip http server
  ip http authentication local
  no ip http secure-server
  ip http timeout-policy idle 60 life 86400 requests 10000
  ip dns server
  ip nat inside source list 1 interface GigabitEthernet0/1 overload
  ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1
  ip access-list extended CCP_IP
  remark CCP_ACL Category=128
  permit ip any any
  ip access-list extended SDM_WEBVPN
  remark CCP_ACL Category=1
  permit tcp any any eq 4444
  access-list 1 remark CCP_ACL Category=2
  access-list 1 permit 192.168.192.0 0.0.0.255
  access-list 100 remark CCP_ACL Category=128
  access-list 100 permit ip host 255.255.255.255 any
  access-list 100 permit ip 127.0.0.0 0.255.255.255 any
  access-list 101 remark CCP_ACL Category=0
  access-list 101 permit ip any host 192.168.192.2
  access-list 102 remark CCP_ACL Category=128
  access-list 102 permit ip any host 194.74.2.81
  control-plane
  webvpn gateway ssl_gw
  ip address 194.74.99.99 port 4444 
  ssl trustpoint my-gw-ca
  inservice
  webvpn context ssl-ctx
  acl "ssl-acl"
     permit ip 192.168.192.0 255.255.255.0 192.168.192.0 255.255.255.0
  gateway ssl_gw
  max-users 10
  ssl authenticate verify all
  inservice
  policy group ssl_policy
     functions svc-enabled
     filter tunnel ssl-acl
     svc address-pool "vpn-ssl-pool" netmask 255.255.255.0
     svc keep-client-installed
     svc split include 192.168.192.0 255.255.255.0
     svc dns-server primary 192.168.192.2
  default-group-policy ssl_policy
  end

  Hello Fahad,
  Please see my inline responses.
  1)I have some questions, does this 5500 Series of ASA firewall also have IDS(Intrusion Detection System)?
  You can have an IPS module if your ASA model supports it.
  2) My other question is that the configuration and troubleshooting of SSL VPN technique is  same on all ASA models?
  Yes, pretty much the same
  Regards,
  Jazib

• Time-out problems with RV320 (after upgrade from RV042)

  config:
  dual wan
  WAN1: 4G router (DHCP) - approx 25Mbit/ 8Mbit
  WAN2: PPOE (DSL) - 1 Mbit/ 0.2 Mbit
  worked with a RV042 before and upgraded to a RV320 now.
  all other things are unchanged.
  3 problems - 2 solved/ not critical - one still open:
  a) not critical:  DHCP Status does not include all devices (changing view - but all-time problem)
  I would suspect a software bug.... DHCP itself works perfectly/ IPs are assigned (just not shown in status)
  b) solved (at least for now):  internet connection featured time-outs; after many tries, disabling the SPI in the firewall helped
  btw: this only happend for the WAN1 - WAN2 worked  (or is that slow that the additonal wait time did not matter ;-)
  c) very annoying: exchange connection (from Outlook client to external exchange) still has time-outs (mostly the whole mail client hangs/ ends to be restarted).
  As soon as I disable WAN1, it works!  But it´s not the LTE WAN itself - switching back to the RV042 does not show the same symptom.
  I tried: include IP into local DNS (in general I work with google DNS servers - but changing that does not help either), opening all traffic for teh realevant IPs and disabling the firewall completely.  no positive results....
  thanks for any hints....

  I agree with you on a, probably a bug of some sort.
  b is an issue I've seen before, and even on similar bandwidth (25/5) on my rv016.  What was able to figure out is that the carrier (ISP) is sending about 4k/sec of ICMP packets to the router, which in turn makes the router think it's under attack so it drops the connection.  As you can tell, disabling the SPI helps.  For me, putting another router in front of my rv016 (on 2 of 3 wans) was my only 'permanent' solution.
  c sounds like there's a protocol binding/static route in the rv042 that you need to add to the rv320.  I'd check that first.
  Huntsville's Premiere Car and Bike e-magazine: www.huntsvillecarscene.com

• Static NAT entry disappears when using NVI on Cisco 1921 (Multiple versions)

  We have a Cisco 1921 as an IPSec tunnel endpoint where we assign static NAT entries. It is a static one-to-one NAT putting each remote endpoint as a local /24 subnet. We are using NVI and we see some of these static entries disappear when packets are unable to reach the destination. 
  The production router is running 15.0(1r)M16 but we were able to reproduce this same behavior on 15.4(1)T2.
  To reproduce, we add the static NVI entry:
  ip nat source static X.X.X.X 172.30.250.11
  And things look good for a bit:
  ROUTER# sh ip nat nvi trans | i 172.30.250.11
  gre 172.30.250.11:0 X.X.X>X:0 Y.Y.Y.Y:0 Y.Y.Y.Y:0
  --- 172.30.250.11 138.54.32.9 --- ---
  tcp Y.Y.Y.Y:60360 Z.Z.Z.Z:60360 172.30.250.11:22 X.X.X.X:22
  There is a known issue with GRE traffic being dropped at this particular endpoint, so after generating GRE traffic, the entry completely disappears:
  ROUTER# sh run | i 172.30.250.11
  ROUTER#
  ROUTER# sh ip nat nvi trans | i 172.30.250.11
  gre 172.30.250.11:0 X.X.X>X:0 Y.Y.Y.Y:0 Y.Y.Y.Y:0
  icmp Y.Y.Y.Y:59916 Z.Z.Z.Z:59916 172.30.250.11:59916 172.30.250.11:59916
  tcp Y.Y.Y.Y:60360 Z.Z.Z.Z:60360 172.30.250.11:22 X.X.X.X:22
  I can reproduce this by severing the tunnel to any other remote site, and after generating GRE traffic to the downed endpoint, the corresponding static NAT entry will disappear.
  Debugging has not shown anything, and I have found some mentions of similar behavior on older versions. Has anyone seen this? We don't have support access to test all versions, so if it is known to be resolved in a particular one, we would love to know to work towards loading that version.
  Thanks

  Hi Ryan,
  Asa cannot ahve 2 default routes, it can only have one. ASA also doesnt support PBR, so the setup that you are trying to configure would not work on the ASA. Router is the correct option for it.
  Hope that helps.
  Thanks,
  Varun Rao
  Security Team,
  Cisco TAC

• RV320 SSL VPN ActiveX and Virtual Passage driver on Windows 7 64-bit

  Hi,
  My company has just purchased a new RV320 router and only afterwards found out from the release notes that there are issues with the SSL VPN in this unit and other small business routers. Is there any news on when these issues will be fixed?
  1) ActiveX controls have expired certificate dated 24/9/14 - this prevents them from running unless without changing IE security settings to prompt or allow unsigned controls, which is a big security risk.
  2) ActiveX controls do not work on Windows 64-bit. Release notes state Windows 7 IE10 and Windows 8.1 IE11, however they also fail on Windows 7 IE11. Even adding router to Trusted Sites to force 32-bit mode results in error message stating that IE is required for the controls.
  3) Virtual Passage driver will not install - crashes IE10/IE11 with a BEX violation.  From a dig around the web it appears that the Netgear SRX5308 uses the same Cavium chipset and a Virtual Passage driver that works with Windows 7 64-bit, and installs fine using IE10/11 (and if you install the Netgear driver it works with the Cisco RV routers too, proving that the driver is fully compatible...) - if Netgear can get this working, why can't Cisco?
  I've only just started setting us this router and show stopper issues like this might end up with an RMA being requested as it appears to be unsuitable for purpose, already run into other issues with I've posted about. :(
  EDIT: Got (2) sort of working on IE11 - seems that the Cisco interface is specifically looking for old style IE user agent strings, so using developer tools to set the user agent to IE9, and changing security settings in Trusted Sites to prompt for unsigned controls (due to issue (1)), allows the controls to install and load. These issues are pretty simple to fix, requiring just a string check change and updated signed controls. Fingers crossed these are fixed in the new firmware due soon, awaiting response from Cisco support to my open ticket.
  Looks like (3) is prevented from working by (1), and also because the certificate has expired it is treated as software without a valid publisher which cannot be installed in Windows 7 without fiddling in the registry. Releasing an updated version with a certificate that isn't expired should solve that issue too.
  These are ridiculously simple fixes to push out, I can't believe a major hardware vendor like Cisco hasn't already solved these issues.

  I've had a reply from Cisco support regarding this issue, and it's a bleak outlook. This is a copy from the email I received:
  "Engineering has no plans to support SSL VPN on RV32x due to chipset limitations. Pretty much, it will work for old XP and Win7 32-bits."
  So Cisco are falsely advertising that the RV320 has SSL VPN capabilities when there are no plans to update it so that it works with 64-bit Windows (which is now the major install base for Windows as most new systems are 64-bit based), and as the certificates have expired in the SSL VPN components they are not even useable on 32-bit systems without overriding a number of security settings.
  Dan

• RV320 SSL VPN web service unable to connect port 56000 56001...

  I have recently installed a RV320 dual WAN small business router in order to use the SSL VPN functionality to allow secure access to our intranet pages which are hosted on a server inside our network. I have the latest firmware installed on the router.
  With the firewall feature of the RV320 disabled - After logging in to the router remotely via the HTTPS interface, I am able to use the web-based services such as SSH and NetworkPls. However, when using the HTTP and HTTPS services I receive a web browser unable to connect error on port 56000, 1, 2, 3 ... This is regardless of whether I enter a URL or IP address on the network behind the router or on the internet.
  Enabling the firewall feature of the RV320 gives a different result - when any IP or URL is entered into the box in the second image below, the router log-in page is loaded instead of the required site. I have pasted an extract from the log at the bottom of this post although it doesn't seem to contain any relevant information. As a separate issue, you will also notice that users connecting to the router brings up [HACK] SynFlooding Attack in error.
  Can anyone explain why this is happening? Alternatively, does anyone have a guide for setting up a IPSec VPN with this router? There seems to be very little literature available for this model.
  Thanks in advance for your help.
  Log extract
  2013-11-02, 11:36:19
  Connection Accepted
  IN=eth1 OUT=eth0 SRC=178.239.83.183 DST=192.168.10.100  DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=60 TOS=0x00 PREC=0x00  TTL=54 ID=57573 DF PROTO=TCP SPT=54925 DPT=993 WINDOW=5840 RES=0x00 SYN  URGP=0
  2013-11-02, 11:36:19
  [HACK] SynFlooding Attack
  IN=eth1 OUT=eth0 SRC=178.239.83.183 DST=192.168.10.100  DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=60 TOS=0x00 PREC=0x00  TTL=54 ID=57573 DF PROTO=TCP SPT=54925 DPT=993 WINDOW=5840 RES=0x00 SYN  URGP=0
  2013-11-02, 11:31:53
  Connection Accepted
  IN=eth1 OUT=eth0 SRC=178.239.83.156 DST=192.168.10.100  DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=60 TOS=0x00 PREC=0x00  TTL=53 ID=50721 DF PROTO=TCP SPT=55634 DPT=993 WINDOW=5840 RES=0x00 SYN  URGP=0
  2013-11-02, 11:31:53
  [HACK] SynFlooding Attack
  IN=eth1 OUT=eth0 SRC=178.239.83.156 DST=192.168.10.100  DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=60 TOS=0x00 PREC=0x00  TTL=53 ID=50721 DF PROTO=TCP SPT=55634 DPT=993 WINDOW=5840 RES=0x00 SYN  URGP=0
  2013-11-02, 11:31:38
  User Log
  User cisco login success from 221.142.25.181
  2013-11-02, 11:31:38
  User Log
  User cisco login success from 221.142.25.181
  2013-11-02, 11:29:49
  Kernel
  kernel: upnp idx=83, ip=192.168.10.220, eport=59725, iport=59725
  2013-11-02, 11:29:49
  Kernel
  kernel: wrong ip[0],not_list[0]
  2013-11-02, 11:29:43
  Connection Accepted
  IN=eth1 OUT=eth0 SRC=176.251.102.32 DST=192.168.10.100  DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=64 TOS=0x00 PREC=0x00  TTL=52 ID=44670 DF PROTO=TCP SPT=49423 DPT=143 WINDOW=65535 RES=0x00 SYN  URGP=0
  2013-11-02, 11:29:43
  [HACK] SynFlooding Attack
  IN=eth1 OUT=eth0 SRC=176.251.102.32 DST=192.168.10.100  DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=64 TOS=0x00 PREC=0x00  TTL=52 ID=44670 DF PROTO=TCP SPT=49423 DPT=143 WINDOW=65535 RES=0x00 SYN  URGP=0
  2013-11-02, 11:29:12
  Kernel
  kernel: upnp idx=83, ip=192.168.10.220, eport=59725, iport=59725
  2013-11-02, 11:29:12
  Kernel
  kernel: wrong ip[0],not_list[0]
  2013-11-02, 11:29:12
  SSL Log
  User ben login success from 221.142.25.181

  After lots of trial and error, I was able to eliminate this problem.  What I wound up doing is defining the XE service again in the listener.ora file:
  SID_LIST_LISTENER =
    (SID_LIST =
      (SID_DESC =
        (SID_NAME = XE)
        (ORACLE_HOME = C:\ProgramData\oraclexe\app\oracle\product\11.2.0\server)
  I know that typically you should not have to do this, especially since I already had defined DEFAULT_SERIVCE_LISTENER = (XE) at the bottom of the listener.ora file.  Explicitly defining the XE service in the listener.ora file allows the listener to find it while the system is running under the Cisco AnyConnect VPN.  The only hiccup I found by doing this is that the XE service is discovered twice by the listener when the system is NOT running under the Cisco AnyConnect VPN.  It still works OK.  The listener just seems to ignore the repeated definition of the XE service (see output below):
  C:\ProgramData\oraclexe\app\oracle\product\11.2.0\server\bin>lsnrctl service
  LSNRCTL for 32-bit Windows: Version 11.2.0.2.0 - Production on 13-JUN-2013 10:03:15
  .......(omitted output).......
  Service "XE" has 2 instance(s).
    Instance "XE", status UNKNOWN, has 1 handler(s) for this service...
      Handler(s):
        "DEDICATED" established:0 refused:0
           LOCAL SERVER
    Instance "xe", status READY, has 1 handler(s) for this service...
      Handler(s):
        "DEDICATED" established:0 refused:0 state:ready
           LOCAL SERVER
  Service "XEXDB" has 1 instance(s).
    Instance "xe", status READY, has 1 handler(s) for this service...
      Handler(s):
        "D000" established:0 refused:0 current:0 max:1022 state:ready
           DISPATCHER <machine: DEV-M-137GF, pid: 5544>
  (ADDRESS=(PROTOCOL=tcp)(HOST=DEV-M-137GF.paychex.com)(PORT=58257))
  The command completed successfully
  If anyone has a cleaner solution for this problem, please let me know.  Otherwise, I am moving forward with what I did.
  Thanks.....Paul

• Error 1921 when installing iTunes 8

  Just got my first iPod - the Nano. Trying to install iTunes 8 and I get this msg:
  error 1921 Service iPod service (Pod Service) could not be stopped. Verify that you have sufficient privileges to stop system privileges.
  ?????? HELP!!
  Also -- how do I tell if the USB port on the laptop is a highspeed??
  Thanks in advance for any help. Ramona

  Hi Ramona,
  Try b noir's suggestion in this thread: http://discussions.apple.com/thread.jspa?threadID=1574287
  If the issue persists, try the general tips in this article: http://support.apple.com/kb/HT1926
  -Jason

• Load Balancing on RV320

  Hi,
  My Cisco RV320 router are not working like I want ...
  I get two ISP in France, same tech. specs., sames bandwidth, but 2 differents way to connect.
  The first WAN is connected in PPPoE with a ADSL2+ Modem
  The second WAN is connected in Static IP with a modem/router
  I set the load balancing Auto. but it seem that the WAN2 is more used than the WAN1...
  For example, I upload a big documents, like a video on youtube, witch take a long time and need the max Bandwidth. While I'm going to download a file with an internal software, who use a different port by the way. The most of the time, it only use the WAN2 ... so my download is flanged ! It only donwload @~450KB/S when it can max @ ~1,8MO/S, and the WAN1 is not blinking ... And sometimes the balancing is good ... I can't understand the RV320 logic ? But Maybe is there a bug ? Maybe I get a bad configuration ?
  Have a clue ?
  Please help me !

  So, you can hear the phone ringing and answer it? which means that SIP pakets are coming through WAN to LAN and well redirected to the phone IP, but you cannot hear after that, which means that there could be a problem with the RTP packets. 
  If you have problem only with the incoming calls and not the outgoing, than try enable/disable SIP ALG (Firewall). If that doesn't fix the issue, try to allow (or even forward) from WAN to LAN RDP -  UDP ports 16384-32767 to the phone IP.
  Regards,
  Kremena

• PPTP Problems with RV320

  I just bought a new RV320 to replace my older RV082 in my local office network. I was able to get the RV320 set up and running, but had a problem with the PPTP settings. On the RV082 I have three gateway-to-gateway VPNs set up and when a user logs in using a PPTP VPN they are able to access resources on any of the gateway-togateway VPNs. I set up the RV320 the same way and had all of the gateway-to-gateway tunnels up and running and verified from my internal network that I can reach the servers on each tunnel. I set up a PPTP user and verified that I can reach the network from a remote computer, but when I try to reach a resource on one of the gateway-to-gateway tunnels it crashes the RV320 and I have to reconnect all of my gateway-to-gateway VPNs. I ensured that all of the pass throughs are enabled and haven't found any other settings that seem out of place. Can anyone think of anything else that I may need to set up to get this to work?
  I know a lot of people wouldn't use the PPTP with the other options available, but this is the best option to connect my Surface RT tablet to the network while I'm on the road since a client isn't availble for it.
  Thanks,
  Clinton  

  Clinton,
  just found your post and it sounds similar to an issue I am experiencing with a client.
  Two sites, RV320 with latest firmware in the main office and a satellite office with a Netgear unit.  Both connected via a gateway to gateway IPSec vpn.   The link is very stable.  The satellite office initiates the connection.  The main office RV320 also has a number of users setup for PPTP remote access to company resources such as rdp/rdc.
  Our issue is when I vpn in with pptp to the main office, the RV320, the moment I try to access the satellite office subnet it triggers the IPSec gateway to gateway vpn to crash.  I then have to remote into the satellite office and manual restart the link.... then all is fine again.  Now, if I am physically at the main office, and ping or access the satellite office subnet, all is fine.
  My thought has been that either I do not have the gateway to gateway vpn setup properly or there is some access rule I am missing.  I need to do some more research and experiment with the connection.  It very well could be my setup as this was the first time I have setup IPSec...  Just as a note, the RV320 itself never crashes ... it just shows the IPSec vpn is down ... I need to isolate the issue to either the Netgear or Cisco side...
  I will follow this thread and see if you find out anything. 
  cheers
  greg