Cisco Router DPC3925 User Manual
Have a look at the manual Cisco Router DPC3925 User Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
4021192 Rev B 61 Configure Security Section Field Description Status This field shows the connection status for the selected tunnel. The state is either Connected or Disconnected. Buttons Connect Click this button to establish a connection for the current VPN tunnel. If you have made any changes, click Save Settings to first apply your changes. Disconnect Click this button to break a connection for the current VPN tunnel. View Log Click this button to view the VPN log, which shows details of each established tunnel. Advanced Settings If the Key Exchange Method is Auto (IKE), this button provides access to additional settings relating to IKE. Click this button if the gateway is unable to establish a VPN tunnel to the remote gateway, and make sure the Advanced Settings match those on the remote gateway. Phase 1 - Operation Mode Select the method appropriate for the remote VPN endpoint. – Main: Main mode is slower but more secure – Aggressive: Aggressive mode is faster but less secure Local Identity Select the desired option to match the Remote Identity setting at the other end of this tunnel. – Local IP Address: Your WAN (Internet) IP address – Name: Your domain name Remote Identity Select the desired option to match the Local Identity setting at the other end of this tunnel. – Local IP Address: WAN (Internet) IP address of the remote VPN endpoint – Name: Domain name of the remote VPN endpoint. Encryption This is the Encryption algorithm used for the IKE SA. It must match the setting used at the other end of the tunnel.
62 4021192 Rev B Configure Security View Log The Security VPN View Log page shows events captured by the firewall. The log displays the following items: Description of the event Number of events that have occurred Last occurrence of an event Target and source addresses You can view the following logs from this page: Access log Firewall log VPN log Parental Control log Click Clear to clear the log data.
4021192 Rev B 63 Control Access to the Gateway Control Access to the Gateway Access Restrictions > IP Address Filtering Use the Access Restrictions IP Filtering page to configure IP address filters. These filters block a range of IP addresses from accessing the Internet. Note: If you are not familiar with the advanced settings detailed in this section, contact your service provider before you attempt to change any of the residential gateway default advanced IP filtering settings. Select the IP Address Filtering tab to open the Access Restrictions IP Address Filtering page. After you make your selections, click Save Settings to apply your changes or Cancel Changes to cancel. Access Restrictions > MAC Address Filtering Use the Access Restrictions MAC Address Filtering page to configure MAC address filters. These filters permit you to allow or block a range of MAC addresses from accessing the Internet based on MAC Address. Note: If you are not familiar with the advanced settings detailed in this section, contact your service provider before you attempt to change any of the residential gateway default advanced IP filtering settings.
64 4021192 Rev B Control Access to the Gateway Select the MAC Address Filtering tab to open the Access Restrictions MAC Address Filtering page. The Block/Pass drop down menu allows you to block or pass Internet access to the MAC addresses of the devices you list in the MAC Address Filters table. The following table describes the function of the Block/Pass drop down menu. After you make your selections, click Save Settings to apply your changes or Cancel Changes to cancel. Field Name Description MAC Filtering Block Listed (Default) Select Block Listed to deny Internet access to the MAC addresses of the devices you list in the table. All other MAC addresses will be allowed Internet access. Pass Listed Select Pass Listed to allow Internet access only to the MAC addresses of the devices you list in the table. Any MAC addresses not listed in the table will be denied Internet access. Function Keys The following function keys appear on the Advanced Settings - MAC Address Filtering page. Key Description Apply Saves the values you enter into the fields without closing the page Add MAC Address Saves the MAC Address entered in the associated text field Remove MAC Address Removes the selected MAC address Clear All Removes all defined MAC addresses
4021192 Rev B 65 Control Access to the Gateway Access Restrictions > Basic Rules Access restrictions allow you to block or allow specific kinds of Internet usage and traffic, such as Internet access, designated applications, websites, and inbound traffic during specific days and times. The Access Restrictions Basic Rules page allows you to configure parental controls on the residential gateway, and to monitor the individuals who are authorized to set parental controls. Select the Basic Rules tab to open the Access Restrictions Basic Rules page.
66 4021192 Rev B Control Access to the Gateway Use the descriptions and instructions in the following table to configure the access restrictions basic rules for your residential gateway. After you make your selections, click Save Settings to apply your changes or Cancel Changes to cancel. Section Field Description Parental Control Basic Setup Parental Control Activation Allows you to enable or disable parental controls. To enable parental controls, select the Enable Parental Control check box and click Apply. To disable parental controls, clear the Enable Parental Control check box and click Apply. Add Rule Adds and saves a new Rule to the list of content rules Remove Rule Removes the selected rule from the content rule list Keyword List Keyword List Allows you to create a list of keywords. Any attempt to access a URL that contains any of the keywords in this list will be blocked by the gateway Add/Remove Keyword Allows you to add new keywords to the list or to delete selected keywords from the list Blocked Domain List Blocked Domain List Allows you to create a list of domains that the gateway should block access to. Any attempt to access any of the Domains in this list will be blocked by the gateway Add/Remove Domain Allows you to add new domains to the list or to delete selected domains from the list Allowed Domain List Allowed Domain List Allows you to create a list of domains to which the gateway allows access Add/Remove Allowed Domain Allows you to add new domains to the list or to delete selected domains from the list
4021192 Rev B 67 Control Access to the Gateway Section Field Description Override the Password Password Allows you to create a password to temporarily override user access restrictions to a blocked Internet site Re-Enter Password Re-enter the same password for confirmation of the override password in the previous field Access Duration Allows you to designate an amount of time in minutes that the Override password will allow temporary access to a restricted Internet site Apply Saves all additions, edits, and changes To use keyword and domain blocking Keyword and Domain blocking allows you to restrict access to Internet sites by blocking access to those sites based on a word or a text string contained in the URLs used to access those Internet sites. Domain blocking allows you to restrict access to Websites based on the sites Domain Name. The Domain Name is the portion of the URL that precedes the familiar .COM, .ORG, or .GOV extension. Keyword blocking allows you to block access to Internet sites based on a Keyword or text string being present anywhere in the URL, not just in the Domain Name. Note: The Domain blocking feature blocks access to any Domain in the Domain List. It will also block Domains, any portion of which contains an exact match to entries in the list. For example, if you enter example.com as a Domain, any site that contains ―example.com‖ will be blocked. Generally, you do not want to include ―www.‖ in a Domain Name since doing so limits the blocking to only the site that matches that Domain Name exactly. For instance, if you enter www.example.com into the list, only the one site that matches that name exactly will be blocked. Consequently, if you do not include the ―www.,‖ then all sites within and associated with ―example.com‖ will be blocked. Block Access to Websites If you wish to block access to websites, use the Blocked Domain List or the Keyword List To use the Blocked Domain List, enter the URLs or domain names of the websites you wish to block.
68 4021192 Rev B Control Access to the Gateway Use the Keyword List to enter the keywords you wish to block. If any of these keywords appears in the URL of a website, access to the site will be blocked. Note that only the URL is check, not the content of each webpage. Access Restrictions > Time of Day Rules Use the Access Restrictions Time of Day Rules page to configure web access filters to block all Internet traffic to and from specific network devices based on day of week and time of day settings that you select. Select the Time of Day Rules tab to open the Access Restrictions Time of Day Rules Page. The following illustration is an example of the Access Restrictions Time of Day Rules page. Note: The residential gateway uses the network time of day clock that is managed by your data service provider. The time of day clock must be accurate and represent the time of day in your time zone for this feature to operate properly. Verify that the Status and Set Time pages reflect the correct time of day. If they do not reflect the correct time of day, contact your data service provider. You can also adjust your settings to account for the difference. Access Restrictions Time of Day Rules Page Description Use the descriptions and instructions in the following table to configure the time of day rules for your residential gateway. After you make your selections, click Save Settings to apply your changes or Cancel Changes to cancel.
4021192 Rev B 69 Control Access to the Gateway Section Field Description Tod Filter Add Allows you to add a new Time of Day access filter or rule. Enter the name of the filter and click the Add key to add the filter to the list. Time of Day rules are used to restrict Internet access based on the day and time. Remove Removes the selected filter from the Time of Day filter list Schedule Days to Block Allows you to control access based on days of the week Time to Block Allows you to control access based on time of day Access Restrictions > User Setup Use the Access Restrictions User Setup page to set up additional accounts and user profiles for household members. Each profile can be assigned customized levels of Internet access as defined by the access rules assigned to that users profile. Important: These additional accounts do not grant administrative access to the gateway. Note: Once you define and enable user profiles, each user must sign-on each time they wish to access the Internet. The user can sign-on when the pop-up sign-on screen appears in their Web browser. The user must enter their correct user name and password in order to gain Internet access. Select the User Setup tab to open the Access Restrictions User Setup page.
70 4021192 Rev B Control Access to the Gateway Access Restrictions User Setup Page Description Use the descriptions and instructions in the following table to configure the user setup for your residential gateway. After you make your selections, click Save Settings to apply your changes or Cancel Changes to cancel. Section Field Description User Configure Add User Allows you to add a new user profile. Enter the name of the user and click the Add User button to add the user to the list. User Settings Allows you to edit a user profile by using the drop-down menu to edit a user profile. The drop-down menu allows you to recall the profile to be edited. User names and passwords are case-sensitive. Make sure to check the Enable box to activate the user profile. If a profile is not active, that user will not have any access to the Internet. To remove a user profile, use the drop-down menu to select the user to be removed and click the Remove User button. Password Enter the selected users password in this field. Each user must enter their User Name and Password each time they use the Internet. User names and passwords are case-sensitive. Note: The residential gateway will allow each user access to the Internet, subject to the rules selected on this page for that user. Re-Enter Password Re-enter the same password for confirmation of the password in the previous field. Trusted User Check this box if the currently selected user is to be designated a trusted user. Trusted users are not subject to Internet access rules. Content Rule Select the Content Rule for the current user profile. Content Rules must first be defined by going to the Rules Configuration page. You can access the Rule Configuration page by clicking on the ―Basic Rules‖ tab on this page. Time Access Rule Select the Time Access Rule for the current user profile. Time Access Rules must first be defined by going to the Time of Day Rules page. You can access the Time of Day Rules page by clicking on the ―Time of Day Rules‖ tab on this page. Session Duration 1440 minutes [Factory default when a user is created. Otherwise, it is 0 (zero)]. Enter the amount of time in minutes that the user will be granted Internet access beginning at the time they sign on using their User Name and Password. Note: Set the Session Duration to 0 (zero) to prevent session timeout.