Cisco RV220W Wireless Network Security Firewall Reviewed

Discussion in 'Wireless Buying Advice' started by RamGuy, Mar 24, 2011.

  1. RamGuy

    RamGuy Regular Contributor

    Joined:
    Aug 6, 2008
    Messages:
    111
    Great review!

    I have ordered one myself but these wont show up in Norway for at least one month or so.. I'm really hoping this might be that one rock solid router that I can live with for a few years, after dropping the WNDR3700 because of it's firmware I was dwelling between the Linksys E4200 and the Cisco RV220W and landed on the later simply because I have more faith within Cisco than I have in Linksys when it comes to firmware's even though they are the same company.

    Looking at the WRT610v2 / E3000 Linksys have proven that they are not what they used to be in regards of firmware and stability so I'll put my money on Cisco this time around and finally my entire home network we'll be Cisco based with Cisco Small Business SLM2008 Smart Switch and Cisco Small Business SD2008T Dumb Switch.



    Looking at your review it seems like a blazing fast router, and with 128MB of RAM it should be capable of taking a hit without getting knocked out.

    Did you test the DMZ functionality? There has been so darn many consumer routers with sloppy DMZ that does not work as intended that I have given it up completely and hopefully Cisco knows the meaning of DMZ and implement it successfully!

    Also in regards of the Port Forwarding thing this struck me as a bit awkward as well but when I was looking at the Virtual Online GUI of the RV220W available from Cisco I notice that you have Port Forwarding under the IPv4 Firewall Rules option as well? This seems odd, why would Cisco have Port Forwarding rules locked in both places? And there is no way to actually get the Port Forwarding under the IPv4 Firewall Rules to get activated as it stays greyed out no matter what you do.
     

    Attached Files:

  2. Log in / Register to remove this ad

  3. Mortis

    Mortis New Around Here

    Joined:
    Jan 14, 2011
    Messages:
    5
    Thank You for this good rewview.

    (In table 4 you mixed up the cells concerning wireless bands.)
     
  4. thiggins

    thiggins Mr. Easy Staff Member

    Joined:
    May 18, 2008
    Messages:
    9,709
    Good catch. Fixed.
     
  5. jhouse55

    jhouse55 Guest

    Hello, were you using your 64bit Windows 7 with the Quick VPN software installed and were able to connect with VPN? I have 32bit Win 7 with Quick VPN and can connect with no issues but the minute I try with 64bit, I get an error all the time with it timing out after the "Negotiating Network".

    This is actually connecting to the RV120w, but didn't see that the QuickVPN software version 1.4.1.2 was any different for the RV220

    Thanks in advance,
    jhouse55
     
  6. dreid

    dreid Regular Contributor

    Joined:
    Sep 3, 2008
    Messages:
    68
    Port Forwarding

    RamGuy:

    I did a quick test with the DMZ on the 220W. It looks good. It's a two step process. I set up a PC on the LAN in the RV220W's DMZ, then set up a basic firewall rule to permit all traffic from the WAN to the DMZ. Once both were enabled, I sent an unsolicited traffic stream to the WAN interface of the RV220W. It worked, the stream went directly to the PC in the DMZ.

    I mentioned in my review that port forwarding configuration seemed inconsistent as there isn't a port forwarding menu option under the firewall menu in the RV220W as there was in the RV120W.

    I looked into the RV220W's port forwarding a bit more based on your question. You are correct, traditional port forwarding rules can be configured as a firewall rule. I tested and was able to successfully pass a traffic stream destined for the WAN port to an internal PC using a firewall rule.

    The port forwarding menu I mentioned under the SSL VPN section is used to manage access to LAN services over the SSL VPN tunnel. Policies can be created to restrict SSL VPN access to various parts of the LAN. The SSL VPN port forwarding menu is then used to control SSL VPN access to applications like email and mapped network drives.

    Thanks for reading the review.

    Doug
     
  7. dreid

    dreid Regular Contributor

    Joined:
    Sep 3, 2008
    Messages:
    68
    Quick VPN

    jhouse 55:

    I used 64bit Windows 7 with Quick VPN software 1.4.1.2. I used the same client I used with the RV120W, as the Quick VPN software was still on my PC from when I reviewed the RV120W in January.

    All I did to get it to work with the RV220W was change the user name, password, and server address to match the settings of the RV220W. I also used the Auto option for the "Port for QuickVPN."

    Thanks for reading the review.

    Doug
     
  8. mwills

    mwills New Around Here

    Joined:
    Mar 28, 2011
    Messages:
    1
    Cisco RV220W overkill?

    so, i found a Cisco RV220W for $180 and am wondering it this is 1) overkill and 2) will not suit my needs for some reason that I'm completely missing. Currently I use a Linksys 160n w/ DD-WRT an it is just not enough - mostly due to the lack of range but other stability issues remain.

    let me explain my needs:
    • residential use
    • dense urban area with many networks
    • townhouse layout, router will be on 2nd level, *hopefully* serving wireless to 1st and 3rd floors (including back deck)
    • streaming audio through various airport express units
    • streaming video (720p) occasionally other laptops or desktops
    • file server and HTPC will be wired at the router
    • other clients: two or three Airport Express, two iPhones, two laptops, iPad
    • Need multiple networks: N-only, and mixed
    • Need the ability to 'wirelessly extend' the network if coverage is not sufficient on the back deck
    • future-proof for main needs over the next two years
    • this is dual-band, but not 'simultaneous'?

    i've read all the reviews and here were the units i was considering:
    • Asus RT-N56U - not thrilled about the case, firmware support, longevity.
    • Linksys E4200: there always seems to be a 'problem' with these consumer units but on paper it foots the bill.
    • Cisco RV220W: in general, I pefer to use 'overbuilt' items. I don't mind paying extra for better suport, more stability, etc.
    • Two Linksys E3000: w/ DD-WRT to make up for the lack of range from the above units. Currently these can be had for $72. I currently have a 160n w/ DD-WRT so I'm familiar with the config and time that might be necessary to get stability.
    • Cheaper options - all overkill?

    So, my question is, given my requirements and the fact the I'm pretty tired 'massaging' my home network, what would you recommend.
     
    Last edited: Mar 28, 2011
  9. thiggins

    thiggins Mr. Easy Staff Member

    Joined:
    May 18, 2008
    Messages:
    9,709
    The RV 220W won't address your desires. Its primary advantage is in its VPN abilities. As the review noted, its wireless performance isn't that great.

    There is no product that is going to give you trouble-free HD streaming over multiple floors, especially in a dense urban area with many networks.

    For trouble-free HD streaming try HomePlug AV powerline or MoCA. These can also be used to link multiple access points more reliably than with wireless repeating.
     
  10. jacko

    jacko New Around Here

    Joined:
    Mar 28, 2011
    Messages:
    3
    few questions

    1st of all, many thanks for the review, it's very useful.

    may i ask few questions?

    - the review mentioned its VLAN feature is similar to 120W, so it supports VLAN ID 1-4096?
    - does the WAN port trunk the VLAN ID tag when traffics flowing through (in/outbound)? in other way of asking, will the WAN port remove the VLAN ID when traffics flowing through it?
    - does rv220W allow telnet for router configuration like other Cisco high end routers?
    - any thoughts on RV routers vs. SRP series routers?
    - will SNB review Cisco SRP 500 Series routers? http://www.cisco.com/cisco/web/solutions/small_business/products/routers_switches/SRP_500_series/index.html

    thanks in advance for any guidance here. appreciate that!
     
  11. dreid

    dreid Regular Contributor

    Joined:
    Sep 3, 2008
    Messages:
    68
    Thanks for your questions.

    The RV220W supports up to 16 active VLANs using IDs from 1-4096.

    The VLAN tag is dropped when traffic is routed from the LAN to the WAN, so yes, the VLAN ID is removed when traffic flows from the LAN to WAN.

    The RV220W doesn't support telnet access and isn't an IOS based router.

    I haven't had a chance to review an SRP series router, but based on Cisco's specs, the SRP and RV series have different targets. The RV series is primarily a gateway router with VPN support, whereas the SRP series is a gatway router as well as a VoIP device with an FXO port, 2-4 FXS ports, and 1-2 USB ports for 3G USB modems.
     
  12. jacko

    jacko New Around Here

    Joined:
    Mar 28, 2011
    Messages:
    3
    thanks dreid! that helps! this device is really looking good but guess i need to give a pass 'cos my FTTH provider implements PPPoE over vlan.

    re: SRP series, i was looking at SRP541W model which has dual WAN ports, perhaps a good model for comparison with models equipped with dual WAN ports from other brand i.e. netgear.
     
  13. RRLedford

    RRLedford New Around Here

    Joined:
    Mar 29, 2011
    Messages:
    1
    Inbound printing from the web on RV220W

    I need to replace a SonicWall device that is wireless G only with a newer N generation wireless router for a small home office LAN. The home LAN router does handle a lot of remote computing duty back to to real office sites via RDP-terminal services at those sites. On occasion, big print jobs need to be sent from remote offices to print on home office (IP connected) printer. With the SonicWall device, this could be handled by port forwarding, but it only worked when PING (ICMP) was enabled. I tried a Linksys E2000, but could not enable PING, and could not get incoming printing from the Web to print on the home LAN. The E3000 also seems to lack the option of PING enable.

    Without having to do a full VPN setup to the remote offices, does the RV220W have the setup options needed to route print jobs by simple port forwarding combined with PING enabling? Is there another easy (non-VPN) way to route print jobs from the web straight to a printer, without forcing a local home LAN PC to be the print server
     
    Last edited: Mar 29, 2011
  14. awardblvr

    awardblvr New Around Here

    Joined:
    Mar 31, 2011
    Messages:
    4
    Wow...

    OK Updating / replacing my former comments.

    Port forwarding / redirecting IS available.

    Go to Firewall/Access Control/Custom Services. Create a custom service for whatever your incoming port numbers need to be.
    Then go to Firewall/Access Control/IPv4 Firewall Rules and use the services you created (or a predefined one) to map to whatever internal IP address/port you like.

    Cumbersome, but works.

    Still haven't quite figured out how to do remote admin.

    Is someone going to port DD-WRT to this platform?

    Thanks
     
    Last edited: Apr 5, 2011
  15. LurkerLito

    LurkerLito New Around Here

    Joined:
    Apr 4, 2011
    Messages:
    1
    questions on RV220W

    I am considering this as a replacement for my DLink 4500 cause the 4500 has a serious issue of only allowing 24 MAC Address when using MAC Address Filtering and the MAC address filters are used also with wired devices :mad:. Overall the 4500 does all that I really need but I am now hitting the limits of the MAC address filter so I am looking for an upgrade. My main requirement are 10/100/1000 ports and Wireless b/g/n support. I'd like it to support IPv6 but it is not really necessary but I figure if I am buying now I should really get one that supports it.

    So the question is does the RV220W have a limit to the number of devices you can use if you have a MAC Address Filtering enabled? If so what is that limit? Does the MAC Address Filter also apply to the the Wired devices?

    I am open to suggestions also if you know of any other ones. I am just not really willing to look at netgear after the issues I had with one of it's older products, and now I am hesitant with DLink cause when I bought the 4500 even the manual never even mentioned that there was a 24 device limit when MAC Address filter was enabled and that included the wired ports.
     
  16. dreid

    dreid Regular Contributor

    Joined:
    Sep 3, 2008
    Messages:
    68
    Lurker-

    Most devices have a limit to the number of MAC addresses that can be entered. The RV220W's limit isn't listed in the manual or the spec sheet, nor is it indicated in the configuration menu.

    MAC filtering can be applied both to wireless devices, as well as to wired devices. Wireless MAC filtering is configured in the access point section, while wired MAC filtering is configured in the firewall section.

    Doug
     
  17. Mortis

    Mortis New Around Here

    Joined:
    Jan 14, 2011
    Messages:
    5
    Does the RV220W have a built in Radius Server? I am not sure wether the "Radius support" in the specs just means, that it can communicate with a Radiusserver within the Network or that the RV220W can actually function als a Radius Server for the whole network.

    The existance of a Radius Server would actually be the main reason for me to buy a RV220W, as I understand this to be the only serious solution to use VLANs for security reasons. Correct?

    In the current setup a "very Consumer-Class All-in-one-Router" from the Provider lacks the ability to even speak with a Radius Server and/or define VLANs to restrict Access for the WLAN Clients to certain parts of the Network. There also is a Switch(GS716Tv2) that supports VLANs and communicating with a Radius Server.

    I figured that buying another WLAN AP that only supports Radius and setting up freeradius on an existing QNAP NAS in the network would solve it, but from what I read about setting up freeradius I would be willing to spend some extra bucks for an easy to use built in Radius Server.
     
    Last edited: May 15, 2011
  18. thiggins

    thiggins Mr. Easy Staff Member

    Joined:
    May 18, 2008
    Messages:
    9,709
    No, it does not.
     
  19. Mortis

    Mortis New Around Here

    Joined:
    Jan 14, 2011
    Messages:
    5
    OT: Do you know of any router with implemented Radius Server?
     
  20. thiggins

    thiggins Mr. Easy Staff Member

    Joined:
    May 18, 2008
    Messages:
    9,709
    No. I've never run across any. Cisco's NSS3XX NASes have them, though.
     
  21. OP06D

    OP06D Occasional Visitor

    Joined:
    May 22, 2011
    Messages:
    12
    Just wondering, I don't need the wireless capabilities of this router. Is there a way to shut/turn off the wireless module? I want to totally turn off the wireless signal not just block wireless traffic. The WAN to LAN speed that this device provides is really what I'm interested in.
     

Share This Page