[RVS 4000] Secure setup ACL

Similar Questions

• How about a readme for the new signing of RVS - 4000 IPS: 1.42 in firmware 1.3.2

  Hello

  How about a readme for the new Signature IPS 1.42 inside the new firmware to version 1.3.2 RVS-4000?

  Or am I just too fast and it comes out in a bit?

  Thank you

  Bruce

  Bruce,

  You are right.  He left this time by mistake.  We will solve it.  In the meantime, here's what it will be:

  RVS4000/WRVS4400N IPS Signature Release Note

  Version: 1.42 rules Total: 1097

  In this signature, we talked about the exploits/vulnerabilities and applications
  as below:

  Supported P2P application called BitTorrent up to version 5.0.8.
  Supported P2P application named uTorrent up to version 1.7.2.

  Version: 1.41 rules Total: 1098

  In this signature, we talked about the exploits/vulnerabilities and applications
  as below:

  -EXPLOIT the MS video control ActiveX Stack Buffer Overflow
  A buffer overflow vulnerability exists in Microsoft DirectShow.
  The defect is due to the way Microsoft Video ActiveX Control parses image files.
  An attacker can convince the user target to open a malicious web page to exploit
  This vulnerability.

  -EXPLOIT the Injection SQL Oracle database Workspace Manager
  Multiple SQL injection vulnerabilities exist in Oracle database server product.
  The vulnerabilities are due to inadequate sanitation of input parameters
  in the Oracle Workspace Manager component. A remote attacker with user valid
  credentials can exploit these vulnerabilities to inject and execute SQL code
  with lift is SYS or privilegesof WMSYS.

  Supported P2P application named uTorrent up to version 1.7.2.

  Content signature for 1.41
  ========================================================================
  Added new signature:
  1053635 video MS stack buffer overflow EXPLOIT control ActiveX-1
  1053636 video MS stack buffer overflow EXPLOIT control ActiveX-2
  1053632 EXPLOIT Oracle database Workspace Manager SQL Injection-1
  1053633 EXPLOIT Oracle database Workspace Manager-2 SQL Injection
  1053634 EXPLOIT Oracle database Workspace Manager SQL Injection-3

  Updated the signature:
  1051783 P2P Gnutella Connect
  1051212-P2P Gnutella Get file
  1051785 P2P Gnutella UDP PING 2
  1051997 P2P Gnutella Bearshare with UDP file transfer
  1052039 P2P Gnutella OK
  Get Foxy P2P file 1052637

  Signature removed:
  1050521 Worm.Klez.E1 - 1
  1050522 Worm.Klez.E1 - 2
  1050523 Worm.Klez.E1 - 3
  1050524 Worm.Klez.E2 - 1
  1050525 Worm.Klez.E2 - 2
  1050526 ¡v Worm.Klez.E2 3
  1050536 Worm.Blaster.B - 1
  1050537 Worm.Blaster.B - 2
  1050538 Worm.Blaster.B - 3
  1050539 Worm.Blaster.C - 1
  1050540 Worm.Blaster.C - 2
  1050541 Worm.Blaster.C - 3

  Number of rules in each category:
  ========================================================================
  Back/DDoS 51
  Buffer overflow: 241
  Access control: 92
  Scan: 41
  Trojan horse: 62
  Misc: 3
  P2P: 40
  Instant Messaging: 121
  VRU/worm: 410
  Web attacks: 37

  Version: 1.40 rules Total: 1091

  In this signature, we talked about the exploits/vulnerabilities and applications
  as below:

  1053406 FEAT MS IE HTML Embed Tag Stack Buffer Overflow (CVE-2008-4261)
  An error of border during the processing of a too long file name extension specified
  inside a "EMBED" tag can be exploited to cause a stack-based buffer overflow.

  1053421 USE MS IE XML Handling Remote Code Execution (CVE-2008-4844)
  The vulnerability is due to a use-after-free error when composed
  HTML elements are related to the same data source. This can be exploited to
  dereference of a pointer released by a specially designed HTML document memory

  Version 1.38

  In this signature, we addressed the following exploits/vulnerabilities and
  applications:

  1. support for P2P, BitTorrent and eMule applications.

  Version 1.33

  In this signature, we addressed the following exploits/vulnerabilities and
  applications:

  1. support application IM named AIM (http://dashboard.aim.com/aim) until
  version 6.5.

  2. support application IM called MSN (http://get.live.com/messenger) until
  version 8.1.

  3 PcShare is a Trojan tool that can remotely administer an attacked computer.

  4-CVE-2007-3039: the vulnerability is due to an error of limit in the
  Microsoft Message Queuing (MSMQ) service during the treatment of MSMQ messages.
  This can be exploited to cause a buffer overflow by sending specially
  packages designed for the MSMQ service.

  Version 1.32

  In this signature, we addressed the following peer-to-peer applications:

  1. named IM application PURPOSE up to version 6.5 support.
  2. press the request of IM named MSN until version 8.1.

  Version 1.31

  In this signature, we addressed the following peer-to-peer applications:

  1 P2P application called BitTorrent up to version 5.0.8 support.

  2. support the P2P application named uTorrent up to version 1.7.2.

  Version 1.30

  In this version, we have addressed the following vulnerabilities in Microsoft
  applications:

  1 SUBMISSION-24462: dereference of a pointer Null vulnerability exists in some versions
  Microsoft Office.  Remote attackers can trick users into visiting a
  specially designed web page.  The symptom includes a denial of
  condition of service for the process in question.

  2 Microsoft Security Bulletin MS07-027: Microsoft Windows support
  Services NMSA Session Description object ActiveX control does not reach
  restrict access to dangerous methods. This vulnerability could allow
  a remote attacker to execute arbitrary code on an affected system.

  Version 1.29

  In this version, we have addressed the following exploits/vulnerabilities and
  peer-to-peer applications:

  1 Microsoft Security Advisory (935423): there is one based on the stack
  in Microsoft Windows buffer overflow. The vulnerability is due
  for insufficient format validation when handling incorrect ANI
  file cursor or icon. A remote attacker can exploit this
  vulnerability of prompting grace target user to visit a malicious
  Web site by using Internet Explorer. A successful operation would be
  allow the execution of arbitrary code with the privileges of the
  currently logged in.

  2. support a named QQ instant messaging application blocking until the
  2007 Beta1 and Beta2 version.

  Version 1.28

  In this signature, we address the following exploits/vulnerabilities:

  Microsoft Security Bulletin MS07-014: there is a buffer overflow
  vulnerability in Microsoft Word. The vulnerability is created due to
  a flaw in the Table entry of the Section within the structure of Table data flow.
  An attacker could exploit this vulnerability by tricking a user to open
  a designed Word file. Exploitation of the vulnerability may result
  injection and execution of arbitrary code in the security context
  the user target.

  Microsoft Security Bulletin MS07-016: there is an alteration of the memory
  vulnerability in Microsoft Internet Explorer. The flaw is due to a bad
  posting lines of response in the responses from the FTP server. By persuading a user
  to visit a malicious website, an attacker could run arbitrary on code
  the target system with the privileges of the currently logged in user.

  Version 1.26

  In this signature, we addressed the following exploits/vulnerabilities:

  CVE-2006-5559: there is a memory corruption vulnerability in
  the ADODB. Connection ActiveX control in Microsoft Internet Explorer.
  The flaw is due to improper validation of the data provided to the
  Execute method. By persuading target the user to visit a malicious
  Web site, an attacker can cause the application process
  to terminate or possibly divert its flow of execution to arbitrary
  code.

  Version 1.25

  In this signature, we addressed the following exploits/vulnerabilities:

  Microsoft MS06-070 security bulletin: MS Windows 2000 Workstation
  Service (WKSSVC. (DLL) has a remote code execution vulnerability. One
  unauthenticated attacker could exploit this vulnerability to run
  arbitrary code with the privileges of the level system on Windows 2000 and
  Windows XP computers.

  Version 1.24

  In this signature, we addressed the following exploits/vulnerabilities:

  1 Microsoft Data Access Components (MDAC) has a remote code execution
  vulnerability in the RDS object. DataSpace ActiveX control.  A remote attacker
  could create a specially designed and host the malicious file on a
  Web site or send it to the victim through e-mail.  When the file is opened,
  the attacker can run arbitrary code on the victim's system.

  2. control WMI Object Broker ActiveX (WmiScriptUtils.dll) in Microsoft
  Visual Studio 2005 has a vulnerability that could allow a remote
  attacker to execute arbitrary code.

  3 Microsoft Internet Explorer has a type of heap buffer overflow vulnerability.
  A remote attacker could create a malicious web page containing COM objects
  Daxctle.OCX HTML when instantiated as an ActiveX control and the thing the
  victim to open the web page. By this attack, the attacker to execute
  arbitrary code on the victim's browser.

  Version 1.23

  In this version, we have addressed the following exploits/vulnerabilities:

  The vulnerability lies in some of the engines in Microsoft XML core
  Windows. It is the result of the failure of the engine to properly manage the
  bad arguments passed to one of the methods associated with the XML
  purpose of the request.

  Version 1.22

  In this version, we discussed the exploits/vulnerabilities as follows:

  Vagaa is a P2P that supports the network BitTorrent and eDonkey software.
  It can be downloaded from the two network. The software is mainly used in people's Republic of CHINA.
  There are some problems with this software because it didn't follow the official eMule Protocol.
  The question can be referenced on the wiki (http://en.wikipedia.org/wiki/Vagaa).
  Classify us Vagaa as eDonkey2000 program and allow admin users to disable in the user Web interface.

  Version: 1.21

  In this version, we have addressed vulnerabilities exploits as below:

  Microsoft Internet Explorer WebViewFolderIcon has a buffer overflow
  Vulnerability. A remote attacker could create a malicious Web page and
  trick the victim to open. By this attack, the attacker could cause buffer
  Overflow and crash the browser of the victim.

  Version: 1.20

  In this version, we discussed the exploits/vulnerabilities and applications
  as below:

  1 foxy is a P2P application that can search and download music and movies.
  Foxy follows most public Gnutella P2P protocol but still has its own
  signature under certain conditions. After the inclusion of the file Get Foxy P2P
  rule, we can perfectly detect and block the Foxy and it will be detected as Gnutella.
  Foxy can be blocked by deactivating Gnutella.

  2 Microsoft Internet Explorer 6.0 and 6.0SP1 have impaired memory
  vulnerability in the ActiveX component.  A remote attacker can create a
  malicious Web page and trick the victim to open the web page. By this attack.
  the attacker could cause the crash of the browser of the victim or to execute arbitrary code.

  3 Microsoft Internet Explorer has heap buffer overflow vulnerabilities
  Vector Markup Language (VML).  A remote attacker can create a malicious Web site
  page and the thing the victim to open the web page. By this attack, the attacker
  could cause the buffer overflow and execute arbitrary code on the victim's browser.

  Version: 1.19

  In this version, we have added a rule to meet cross-domain redirect
  Microsoft Internet Explorer vulnerability (MS06-042). The vulnerability
  is caused by the inappropriate use of URL redirection by the object.documentElement.outer
  HTML property. A remote attacker could create a malicious web page and
  trick the victim to open the web page. With this attack, the attacker could
  run arbitrary code on the victim's browser and get sensitive information.

  Version: 1.18

  In this version, we have added the 6 rules to facilitate the blocking of QQ, the most
  popular instant Messenger in China. There are several versions of QQ on the
  official download site. Currently, we can detect and block QQ until the
  Version 2006 Sp3 beta 2.

  Version: 1.17

  In this version, we discussed the exploits/vulnerabilities below:

  1. the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, server
  2003 and SP1 have a buffer overflow vulnerability. A remote attacker
  could exploit a server response designed to cause the buffer overflow and run
  arbitrary code on the victim's system.

  2 hyperlink Object Library in Microsoft Windows 2000 SP4, XP SP1 and SP2,
  Server 2003 and SP1 have a code execution vulnerability. A remote control
  attacker could send a malicious Office document containing a
  specially designed hyperlink to a victim in an email or host the file on
  a web site. When the operator successfully this vulnerability, a remote control
  attacker to execute arbitrary code with the privileges of the victim.

  3 Microsoft Word XP and Word 2003 have a remote code execution vulnerability.
  A remote attacker could host a DOC file on a Web site. If successfully
  exploiting this vulnerability, remote attacker could execute arbitrary code
  with the privilege of the victim.

  Version: 1.16

  In this version, we discussed the exploits/vulnerabilities below:

  1 Microsoft Excel 2000, XP and 2003 Excel have a remote code execution
  vulnerability, due to an error in Excel when incorrect URL handling
  channels. A remote attacker could send a malicious .xls file of a victim
  in an email or host the file on a web site. When the operator successfully this
  vulnerability, a remote attacker to execute arbitrary code with the victim
  privileges.

  2 hyperlink Object Library in Microsoft Windows 2000 SP4, XP SP1 and SP2,
  Server 2003 and SP1 have a code execution vulnerability. A remote control
  attacker could send a malicious Office document containing a
  specially designed hyperlink to a victim in an email or host the file on
  a web site. When the operator successfully this vulnerability, a remote control
  attacker to execute arbitrary code with the privileges of the victim.

  3 Microsoft Windows XP/NT/2000/2003 have a denial of service vulnerability.
  A remote attacker can send a malicious SMB packet causes the victim computers
  Crash.

• Mgmt of RVS 4000 HTTP interface blocks Port 80 @ & DHCP stops working

  It's the RVS 4000

  Firmaware version 1.3.3.5

  STARS Chipset 9202

  64 MB DRAM

  8MB Flash

  BACK, Block WAN Rq, mgmt remote all OFF

  IPSec Tunnel that none used

  Internet connection is DHCP

  LAN is set to DHCP with multiple defined static devices

  DMZ is dsabled

  Functionining as a gateway

  Time is defined via NTP & NRC

  IPv4 only

  Everything is pretty much dedault with the exception of the QoS

  Trust mode is the Port, the value 4, 4, 4, 1

  (Port 4 has a Linksys ATA connected to VOIP services)

  SIP Port redirection is enabled for 5060

  **********************************************

  ¸*********************************************

  Every day or so the router becomes immune to the mgmt HTTP interface, as well as offers are no longer the DHCP services.

  When this happens the only cure is to reboot the power.

  Everthing comes back on line very well, but NEWSPAPERS are initilaized so not given to understand what is happening.

  My next step is setuo a syslog server and have copied newspapers.

  Anyone see this kind of behavior before?

  Any ideas?

  Thank you

  dalexop wrote:

  It's the RVS 4000

  Firmaware version 1.3.3.5

  STARS Chipset 9202

  64 MB DRAM

  8MB Flash

  BACK, Block WAN Rq, mgmt remote all OFF

  IPSec Tunnel that none used

  Internet connection is DHCP

  LAN is set to DHCP with multiple defined static devices

  DMZ is dsabled

  Functionining as a gateway

  Time is defined via NTP & NRC

  IPv4 only

  Everything is pretty much dedault with the exception of the QoS

  Trust mode is the Port, the value 4, 4, 4, 1

  (Port 4 has a Linksys ATA connected to VOIP services)

  SIP Port redirection is enabled for 5060

  **********************************************

  ¸*********************************************

  Every day or so the router becomes immune to the mgmt HTTP interface, as well as offers are no longer the DHCP services.

  When this happens the only cure is to reboot the power.

  Everthing comes back on line very well, but NEWSPAPERS are initilaized so not given to understand what is happening.

  My next step is setuo a syslog server and have copied newspapers.

  Anyone see this kind of behavior before?

  Any ideas?

  Thank you

  Hi dalexop,

  All new discussions of small business (which includes the model of your router) migrated to the Cisco Small Business Support Community. All small businesses existing discussions have been archived here for reference.  We made these changes to better serve all customers of Cisco now and in the future.

  Visit the Cisco Small Business Support Community Home Page created specifically for Linksys and Linksys by Cisco community members.

  Thank you!

• Slow download speed of RVS 4000

  I use a Cisco RVS 4000 to test a new internet connection of 10 M / 10 M.  I'm having a little problem, the test of speed of PSI (speedtest.cavtel.net).  Download test always gives me 10Mbit/s, maximum for the connection speed, but the download speed is usually about 5.5 Mbps. My ISP has been on site and checked the lines and tested directly, and we determined that if connected directly we can test to complete download speeds, but when the RVS is connected, we can get full speed.

  We tried different cables, reset to factory settings, update firmware, change the port settings and toggling the majority of the other setting on the router. Some settings have a minor effect on the speed of download, but nothing that gets me back up to 10 Mbps.

  I noticed that there seems to be no way to set parameters of speed and trading on the WAN port. Perhaps miss me him, because this seems like a possible culprit.

  Otherwise, the only one I can think of is a guarantee of return to determine if the device is defective.

  Any ideas would be appreciated.

  Hello.

  These products are processed by the Cisco Small Business Support Community.

  * If my post answered your question, please mark it as "acceptable Solution".

  * Do not forget to give a 'congratulations '. Thank you!

• 3 RVS 4000 with VPN connection

  Hello

  I want to connect in a triangle 3 RVS 4000 router with VPN

  I configured 3 routers, which can connect to the Internet. Each of them are configured as the gateway.

  I created 2 tunnels on each router. But the vpn connection cannot be established.

  Here is the configuration of ROUTER1 another are configured in the same way, only the remote group configuration is different

  What I also open some ports for VPN, if yes which and were

  Thanks fpr your help and your response

  HP. Meyer

  Hi hanspetermeyer,

  Thank you for posting. You don't need to open all the ports for VPN. I noticed that your screenshot shows two routers have a common LAN subnet of 192.168.100.x. You will need a different local subnet for each router:

  1. 1 router: 192.168.1.1
  2. Router 2: 192.168.2.1
  3. Router 3: 192.168.3.1

  I think that you will find the tunnels only connect once you change the LAN IP of the routers so that they are on different subnets. Please let us know if it works.

• Titanium Security Setup

  I just bought my laptop and try to install titanium internet security for windows, but it does not allow me to enter all numbers and letters of serial number to continue the installation.  Help

  Hello

  Question is not clear
  Serial box/product key box are grayed out or cause your keyboard problem?

  Please send your request again clearly or to learn more to support the visit

  http://eSupport.trendmicro.com/en-us/default.aspx

• Problem of RVS 4000 RDP

  Hi all

  I have a problem trying to DRP from home to work. IM able to connect to my private network virtual (work), but when I try to DRP for my computer, it is not able to connect. How do I configure my router so it will allow me to connect to my computer using RDP. I don't have this issue when I conect my cable modem directly to my laptop. So I guess that the router must be set up any help would be great

  Thank you

  If you have a VPN, you should be able to make RDP or remote desktop. Are put in place as a gateway to gateway VPN, VPN fast or another Client VPN software? Try to do Port Forwarding and open the service port of the pointing to the IP of the PC address RDP session. I suggest to set a static IP address, so that it will not change. Others, I suggest you contact the Cisco technology support greater focus on your concerns. In my view, that this unit is part of serial company Cisco devices now supports. Try going to this link for other devices of the series business and the site where you can get your hands on Cisco for support:

  http://forums.linksysbycisco.com/Linksys/board/message?board.ID=switches&message.ID=4273&query.id=27...

• Can not download the latest firmware for RVS 4000

  I tried to download the latest firmware for a few weeks.  Download simply told to leave, and then times out after a few minutes.  The download page shows that 1.2.10 version was published on 02/09/2008 and I can download the information/notes very well.

  Probble because it is on an FTP server and the RVS4000 cannot FTP at all.  Once I got to spend 1.2 FTP now works fine. I had to download it from my office, rather than at home.  I must say, now FTP works fine.  They did a really great job on this version of the firmware.

• RVS 4000

  I would like to block the IP numbers.

  When I tried with a festive router walked french right there!

  Does anyone have experience with this?

  Paddy

  Hi Patrick,

  The firewall should block inbound traffic by default, unless a port is opened to allow certain traffic. All outbound traffic is allowed by default. You have created a rule to block outbound traffic to a specific IP address. It almost looks like you have a program on the PC that is trying to access the specified site. (virus?) Because you have blocked access to this IP address, the 'programme' must be prevented from reaching the specified IP address. Personally, I like to run a firewall like Zone Alarm on my PC because it blocks the default outbound traffic and you can decide what traffic is allowed from this PC.

• HP Probook 450 G2: establishment of HP Client Security

  Hello

  I recently bought a new HP Probook 450 G2.  The updated provider upgraded the operating system to Windows PRO 8.1.

  I'm trying to implement the fingerprint reader, but I can't.  I read previous forums and have ensured that the following drivers are updated:

  • Protect the HP tool sp61498.exe (143 MB)
  • Driver sensor of fingerprint of validity (validity sensor V4.5.117.0 sp61821 Win7-8 23 MB).

  In the user's guide HP protect tool (http://h10032.www1.hp.com/ctg/Manual/c03704246.pdf) and the HP Client Security technical white paper (http://www.hp.com/united-states/campaigns/client-security/HPCS_whitepaper_Final_6_5.pdf) I read a while ago that HP Thin Client Security Setup Wizard.  Because the provider did the upgrade of Windows before you provide them with the laptop, I can only assume that they jump beyond this wizard.  I tried to find a way to get this system in place, but were unsuccessful.

  Could someone please provide some guidance.  Keep in mind, it's a whole new machine.

  Thank you!

  Hi @Bdp85

  Thank you for visiting the Forums HP's Support and welcome. Please contact our technical support at the 800-474-6836. If you do not live in the United States / Canada region, please click on the link for the number of support in your region. They will be happy to help you immediately.

  Thank you.

• ASA - same-security-traffic allowed inter VS permit/deny access-list interface

  Hi people,

  I wonder if I use the same-security-traffic permits inter-interface order to ASA and I have 2 separate interfaces with the same level of security and ACL with a few rules explicit allow , if not covered by these statements to allow traffic will be blocked by implicit deny at the end of the ACL or am I completely wrong in my thinking?

  That is right.

  But then if you have an interface with an ACL and another interface without an ACL and you want to pass traffic between the two interfaces, then the interface without an ACL will rely on the level of security while configured with the ACL interface will rely on configured ACL entries.

  --

  Please do not forget to select a correct answer and rate useful posts

• Bypass the router upstream company ACL with IPSEC VPN

  Hello

  My headquarters has a routing infrastructure company. I want to configure a Site VPN to IPSEC as a solution of webvpn AnyConnect for my users through the company. If the security guys to create an ACL on the router upstream from my Cisco ASA 5585 to allow IPSEC between 28 (the stretch between my external interface of ASA and the trunk of PO on the upstream router) then I can send ip a whole between my inside interface subnet and subnet within the interface on the ASA distant (still on the company's infrastructure holding constant and correct routing. In short, if a packet is encrypted in an IPSEC packet, IPSEC is not filtered, you can send any traffic, even if it is AS restrictive on a router upstream of the LCA, correct?

  Thank you!

  Matt

  CCNP

  You are right, the router can not look in the VPN package. So anything that is transported inside the VPN, it bypasses security company-ACL.

  For VPN traffic to your ASA, you need the following protocols/ports:

  1. UDP/500, UDP4500, IP/50 for IPsec
  2. UDP/443 for AnyConnect with SSL/TLS, TCP/443

• 11 network ACL update

  Hello
  I'm upgrading from 10g to 11g. According to the documentation (B28300-03 Upgrade Guide), the following script must be run before upgrading:

  DECLARE
  acl_path VARCHAR2(4000);
  BEGIN
  SELECT acl INTO acl_path FROM dba_network_acls
  WHERE host = 'host_name' AND lower_port IS NULL AND upper_port IS NULL;
  IF DBMS_NETWORK_ACL_ADMIN.CHECK_PRIVILEGE(acl_path,
  'user_name','connect') IS NULL THEN DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE(acl_path,
  'user_name', TRUE, 'connect');
  END IF;
  EXCEPTION
  WHEN no_data_found THEN
  DBMS_NETWORK_ACL_ADMIN.CREATE_ACL('ACL_name.xml',
  'ACL description', 'user_name', TRUE, 'connect');
  DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL('ACL_name.xml','host_name');
  END;
  COMMIT;

  What should then be "user_name", "connect"?
  Thank you.

  Watch demonstrations of work at the Morgan Library to www.morganslibrary.org/library.html under DBMS_NETWORK_ACL_ADMIN.

• Router-on-a-stick with RVS4000

  Hi all

  I intend to reshape our network topology and the creation of at least three VLANs using a router-on-a-stick of the installation type. We have two switches Cisco Small Business sg200-50 and a small RVS 4000 router business. I haven't implemented the configurations of router-on-a-stick in IOS, but I was unable to figure out if it is possible to do with small business of operating systems on the router and switches, we have. Does anyone have an experience with this? It is even possible with the equipment of small businesses?

  Sorry if this question is already answered elsewhere on the forums; I searched around, but can't find anything.

  See you soon,.

  Curtis

  Hi Curtis,.

  Without having the RVS4000 in front of me, it looks like you can. I suppose that you have several VLANs on your SG200 and want to route between them as the SG200 is only a layer 2 switch. You can connect the RVS 4000 via trunk on the switch and the router port (its in L2 Switch-> vlan configuration of the port on the rvs4000) and add each vlan of the trunk (under L2 switch-> belonging to a vlan on the rvs). Please note that the RVS4000 is limited to 4 virtual local networks, including the vlan by default. I think that the router will automatically create the static routes appropriate when you create them VLAN (vlan create a L2 Switch->). The default value on the RVS4000 is for intervlan routing be enabled under Setup-> routing advanced but double check if you encounter any problems. Also, check the routing table and add static routes as needed.

  You can also switch a switch to a SG300, which is a layer 3 switch.

  Best,

  David

  Do not forget to note resonses useful and identify the right answers.

• Slow to connect wireless

  Valet works fine with cable but it takes 5 to 8 minutes for laptops to have a local and internet access. With old wrt54g, it was almost automatic. Tried several computers laptops and netbooks, and same thing. Is sitting there saying 'identification '. Uninstalled and reinstalled Valet nothing helped. Once connected, it works fine, but just too long to connect. I tried to turn off all firewalls and antivirus/security setup nothing helps. Any suggestions?

  Change the wireless channel on your router to 1 or 11, and also on your computer, go to the properties of your adapter and uncheck "TCP/IPv6" Protocol and click OK... Remove all the networks in the list and then try to connect to your wireless network.