Need help: Access Rules Configuration on Cisco RV320 Router

[Recruit]

Guys,

Recently I bought a new Cisco RV320 router .
I managed to do the things which I looked for them from router's OS, but still I have 2 questions at which I have not found any reply.

 

1. I want to see the router's active connections : connections established between devices connected to router and the internet ( opened ports ) . I understood that it can be possible only accessing the router's console, and I don't know how to do that : the router has only ethernet and usb ports, there isn't any serial port.
2.  I also have into my network a storage device ( NAS ). I want this device not to send any data itself to internet . I added a rule in firewall, as you can see in the screenshots from below. With this rule I can open the device's administration website, I can use "ping" with the ip allocated it to device, but I cannot access the the files and folders stored on it . I tried also to add and a second rule in firewall which can allow the access from my pc to this device, I have prioritized this rule before the first rule created, about I said above.  But no luck, always I am getting an issue as you can see below. When I disabled / deleted the first rule ( from screenshot ) everything becomes fine.

 

I have contacted Cisco and they did not want to help me because the router was not purchased directly from them, it was bought from a local partner.

They asked me to contact the partner in order to get support, and I think it will take some time until I will have the replies.

 

 

 

 

 

 

Any reply would be appreciated !
Thanks in advance !

 

Best Regards,

 

[knowledge-Spammer]

use utube mayhelp 

sorry i cant help more

[LOQUILLO]

Action: Accept

[LeetPirate]

8 hours ago, Recruit said:

 

1. I want to see the router's active connections : connections established between devices connected to router and the internet ( opened ports ) . I understood that it can be possible only accessing the router's console, and I don't know how to do that : the router has only ethernet and usb ports, there isn't any serial port.
2.  I also have into my network a storage device ( NAS ). I want this device not to send any data itself to internet . I added a rule in firewall, as you can see in the screenshots from below. With this rule I can open the device's administration website, I can use "ping" with the ip allocated it to device, but I cannot access the the files and folders stored on it . I tried also to add and a second rule in firewall which can allow the access from my pc to this device, I have prioritized this rule before the first rule created, about I said above.  But no luck, always I am getting an issue as you can see below. When I disabled / deleted the first rule ( from screenshot ) everything becomes fine.

 

 

 

1. Don't need serial port, to access the console you have to enable SSH on the LAN side from the web interface then use an SSH client such as PuTTY. I don't recommend messing around in there unless you know what you're doing else you could do more harm than good.

 

2. You are on the right track but you need to create 2 rules. The one you have in the screen shot should be ok assuming the source IP you have set is the IP of your NAS device, just create another rule with higher priority and the same settings except change action to allow and for destination you have to put the IP range for your LAN. Note that some routers also have a default rule to allow everything to access the Internet and this rule cannot be deleted so if it exists then you will need to change its priority to something lower than your other 2 rules else it will allow everything to access the Internet.

 

3. You do not need to waste time blanking out private LAN IP addresses, they are not unique, almost every Cisco router on the planet comes with the same default private IP range which is only accessible from the LAN side.

[Recruit]

7 hours ago, LeetPirate said:

 

1. Don't need serial port, to access the console you have to enable SSH on the LAN side from the web interface then use an SSH client such as PuTTY. I don't recommend messing around in there unless you know what you're doing else you could do more harm than good.

 

2. You are on the right track but you need to create 2 rules. The one you have in the screen shot should be ok assuming the source IP you have set is the IP of your NAS device, just create another rule with higher priority and the same settings except change action to allow and for destination you have to put the IP range for your LAN. Note that some routers also have a default rule to allow everything to access the Internet and this rule cannot be deleted so if it exists then you will need to change its priority to something lower than your other 2 rules else it will allow everything to access the Internet.

 

3. You do not need to waste time blanking out private LAN IP addresses, they are not unique, almost every Cisco router on the planet comes with the same default private IP range which is only accessible from the LAN side.

 

Thanks for reply.

 

1. Tried PuTTY before to open this topic, but every command which I typed I got this :

 

I am interested only to see active connections between clients and the Internet through router.

 

2. I added that second rule with high priority than the first rule created ( screenshot ) with these settings :

 

Action : Allow
Source interface : LAN
Source IP : my notebook's ip first, just for test.
Destination ip : NAS's ip.

 

I made this also before to open this topic. And same issue, like in screenshot.

 

Indeed, there are rules created default by the router which allow access to the internet for each vlan, but you cannot delete / edit or modify priority of them

Regards,

 

EDIT:

 

Tried and in this way,but no luck.

 

Action : Allow
Source interface : LAN
Source IP : NAS's ip.
Destination ip : my notebook's ip first, just for test.

 

Also tried simultaneously with 2 and with 3 rules actively   : 1 deny / 1 allow and 1 deny / 2 allow

Is a big mystery for me how I can access the management website and using the ping for it, but the files and folders system it does not work.

 

[LOQUILLO]

Hi @Recruit, in Putty try DOS or Linux commands, if you wanna to know the folders into NAS then type: dir.

It will show the folders into NAS and for browser them then you will type: cd namefolder

Where namefolder is the name of any folder that was showed with dir command.

[Recruit]

1 hour ago, LOQUILLO said:

Hi @Recruit, in Putty try DOS or Linux commands, if you wanna to know the folders into NAS then type: dir.

It will show the folders into NAS and for browser them then you will type: cd namefolder

Where namefolder is the name of any folder that was showed with dir command.

 

Hi,

 

Thanks for reply.

I am afraid you have not understood what I want to do.

 

 

I have two issues :

 

1. I want to see active connections between devices connected to router and the Internet. This could be done with ssh, but I do not know how to do it.

 

2. I want to add a rule in firewall's router in order NAS not to send any data to the Internet itself. I do not need to use ssh with this device. I can add rules in firewall from router's os but I do not know which is the right way to do what I am interested.

 

 

Regards,

[LOQUILLO]

I could help you but need to read the manual of Cisco RV320 Router

It's very important to know if your NAS support SSH connections, to read the manual.