1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

RVL200 v1.1.0 Beta Firmware Released

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by Toxic, Dec 29, 2006.

Thread Status:
Not open for further replies.
  1. Toxic

    Toxic Administrator Staff Member

    *** Please Note this is Beta firmware ***

    RVL200 Firmware v1.1.0 Release Note

    11/29/2006
    New Features:

    1. Virtual Passage supports Mac OS 10.4 and Windows Mozilla (Firefox) 2.0.
    2. Virtual Passage supports Windows Workgroups (NetBIOS).
    3. Virtual Passage client can now run on Windows 2003 Server.
    4. RADIUS client now supports CHAP, MSCHAP, MSCHAPV2 in addition to PAP for user authentication.
    5. DHCP Server supports multiple subnets that correspond to multiple VLANs. Inter-VLAN routing is supported for the VLANs that are on different subnets.
    6. DHCP Server supports static IP and MAC address binding.
    7. Help page updated to show how to use the MAC Address Filtering feature
    8. Support One-to-One NAT.
    9. Port Mirroring. Admin can specify one of the LAN ports as the target port, and select one or more ports to be mirrored. This feature can be configured on the System Management->Port Mirroring page.
    10. Compliant with the UPnP IGD Certification.
    11. Support more configurable options for logging in the Log->System Log page.
    12. Tagged events with severity level. Logged events can be viewed/filtered according to the selected severity level.
    13. Added Outgoing Log Table and Incoming Log Table into the System Log page.
    14. Support SNMPv3
    15. Support SNMP Traps for LAN port Link-up and Link-down detection.
    16. IPSec: NetBIOS Broadcast
    17. IPSec: Remote Security Group Type supports IP Range
    18. IPSec: Keying Mode supports Manual Mode
    19. IPSec: Gateway-to-gateway tunnel supports IP payload compression.
    20. IPSec: Phase2 Encryption & Authentication supports Null
    21. IPSec Passthrough supports multiple sessions
    22. PPTP Passthrouh supports multiple sessions
    23. The SSH Sentinel VPN Client can establish an IPSec tunnel with RVL200 with the NAT Traversal enabled.
    24. Access Rules and Content Filters support 24-hour format for scheduling.
    25. Support Manual Daylight Saving, where the start and end dates can be manually specified.


    Issues Fixed:

    1. Fixed the PPPoE issue where connection will fail to establish when the PPPoE username contains a # sign.
    2. Fixed the issue where the firewall status (SPI/DoS/BlockWANRequest/RemoteManagement) is not shown correctly in the System Summary page when the firewall is disabled.
    3. The IP Range of Virtual Passage was changed to 6, instead of 10.
    4. Removed the reference to Priority in the Help page of Port Management->Port Setup, since the setting is supposed to be configured on the Qos page.
    5. Fixed the issue where the packet will appear coming from the router's LAN IP, when a packet is forwarded to the DMZ Host in the LAN of RVL200.
    6. Fixed an issue with PPTP Passthrough.
    7. Renamed "IGMP Proxy" as "Multicast Passthrough" on the Firewall->General page.
    8. Added Policy Name to the Access Rule configuration page.
    9. Time Zone description and index were modified.

    **In case users failed to upgrade the firmware via Web UI and the DIAG LED is blinking, users can use a TFTP utility (RVL200_1.0.13.exe available on linksys.com) to recover the device and then use the Web UI to upgrade the firmware to the latest version.

    Download from here: RVL200 v1.1.0 Beta Firmware
     
  2. Toxic

    Toxic Administrator Staff Member

    If you do find any bugs relating to this firmware please give indepth findings. This will help Linksys fix any issues from this new beta firmware.
     
  3. llevet

    llevet LI Guru Member

    Great !

    Thank's a lot Toxic for posting beta firmware ! :halo:
    I try this immediately. :biggrin:

    Ludo.
     
  4. llevet

    llevet LI Guru Member

    Run since 2 days without major pb.

    Counter pb on Port information :
    all statistics Port Information are false. Informations given change all the times on refresh (lower... highter ... lower ... values).


    Ludo.
     
  5. umpire777

    umpire777 Guest

    DNS servers not getting sent to DHCP clients

    Server has a dynamic IP, so the DNS servers are negotiated.
    New clients are getting 192.168.1.1 as their DNS server on the first try. If you repair the connection (XP wireless term), it will return the real DNS servers, but not everytime (it's taken 2 or 3 repairs to work in some cases, 1 time in others).

    What's the best way to open a ticket with Linksys?
    john
     
  6. DanneB

    DanneB LI Guru Member

    It won't let web traffic on port 80 through to the correct server, I just get to the web interface of the router. Tried with keeping the current working settings from FW 1.0.16, used factory defaults and then updated FW to this one and manually opening the port and forwarding it, but I just get to the routers interface.

    Of course didn't I keep a copy of the 1.0.16 firmware when I downloaded it the last time and now I can't find it, seems like the post has been removed.
    Is there someone that might have it left?
    Thanks
     
  7. ERYK

    ERYK LI Guru Member

    I've tried this one but forwarding seems not to be working fine.
    The source addres of the packets is fine (before it was routers LAN interface address) but the router isn't hosting my web site from inside on the port 80, all i see after typig my www name is my routers interface. :(
    The same with port 25 for my mail serwer.

    Any idea when this beta will become official release?
    Is there a chance to download 1.0.16 from somewhere? I've heard that SNATing problem is fixed in that one without spoiling the forwarding issue.
    Thanks for any help.
     
  8. Paul_B

    Paul_B LI Guru Member

    I can also confirm port forwarding doesn't seem to work.

    For example port 80 forwarded on gateway router (172.16.0.x address) to WAN interface of RVL200 which is then supposed to forward to a internal server on (192.168.10.x address). This doesn't work and presents just the RVL200 login page (this shouldn't happen either as Remote Management is disabled)

    Using other ports, for example 6000, also does not forward and just times out.

    Routing doesn't seem to work after a reboot. Initially the WAN IP address is 0.0.0.0, on the summary page. Changing to the Setup page the static IP address is still visible, re-saving settings gets the Summary page to update with the information. However, routing table does not get updated. I have now chosen to use RIP instead of leaving this off.
     
  9. ERYK

    ERYK LI Guru Member

    Toxic, would it be possible to ask when a new official release firmware with those bugs fixed will be available for downloading?
    Could you check for us what is the status of the project and when we possibly could get it?
    Many thanks...
     
  10. DanneB

    DanneB LI Guru Member

  11. ERYK

    ERYK LI Guru Member

    OK, thank you very much for this link. I couldn't find it.
     
  12. Paul_B

    Paul_B LI Guru Member

    Thanks DanneB,

    I have downgraded from beta 1.1.0 to 1.0.16. After resetting all my amendments to the default config everything is now working as expected
     
  13. raistlin1981

    raistlin1981 LI Guru Member

    I don't know if there is a power save mode on this router but after installing this 1.1.0 beta my router hangs. Functionality seems to work fine but I have to reboot every day (sometimes twice) to keep an active internet connection. For trouble shooting purposes, I have a D-Link(don't remember model number, but it's about 4 months old) cable modem with Comcast cable.
     
  14. moshi16

    moshi16 LI Guru Member

    i initially encountered this problem with 1.1.0 but the problem went away when I loaded 1.0.16. Next, I reloaded 1.1.0 and voila the problem's gone! I tried FTP, Web Server access and PPTP connection and all worked.
     
  15. wxs123

    wxs123 LI Guru Member

    SSL/Remote VPN administration

    A couple of conerns/enhancements I think about current management:

    1. SSL VPN enabled should be a different option from enabling remote administration. (I want to enable SSL VPN but I never every want remote administration of my router for example)

    2. I should be able to disable any account (including admin account), from SSL VPN. (I use a weak password internally on my LAN for admin access (our network is secure so that doesn't worry me), but if I enabled SSL VPN it exposes the admin user to hacking on the internet so I would always require a super strong password).

    3.I should be able to configure allowable source IP ranges or disallow as I desire. (I might for example want to make sure I can connect to my vpn from my work site but never allow access to even see the signon screen from a different ip range)

    4. I should be able to assign users a virtual network range of IP's they can get access to. There might be things I want to limit on my network.

    5. I should be able to include a required mac address (or set of mac addresses for each user to access the SSL VPN), This way I could authorize only certain machines to access the vpn ensuring no one else by default would even know I had a SSL VPN unless they knew to spoof the write mac address.

    6. There should be a set number of password retries to configure before the users access to ssl vpn is disabled.


    As it stands now the ssl vpn is so open to hacking and visibility that I am afraid to turn it on and use it without some of this functionality. I'm considering returning the router given the potential security concerns, is there something that can be done now to lock things down a bit more?
     
  16. Toxic

    Toxic Administrator Staff Member

    first rule of security. use an Alpha-numerical long password. this should be used for any remote access scenarios to any IT system especially including the admin account. failure to use this a a rule will open up a can of worms to your network and you would only have yourself to blame, knowing Hackers are out there to cause maximum damage to any network.
     
  17. wxs123

    wxs123 LI Guru Member

    No argument there, but unless using active directory or ldap I don't think the router itself has any enforcement options on users, and if an attacker is allowed unlimited retries with no account disabling a scripted attack is possible.

    Many of the other items mentioned would help limit attacker scope.
    Is there no way to limit source ip's for who can get to the ssl vpn interface?

    Is there no way to not enable remote administration of the router at the same time as ssl vpn?

    I really wanted to try the ssl vpn but without some limits it is nearly wide open.

    If there was at least the option to have some accounts be LAN only and others be ssl vpn I could use a standard reasonable password on the LAN and configure ssl vpn users with superlong passwords (What is the max by the way?).

    Without that though it makes using the router much more painful.

    Another question I have is will this work with Vista, I called sales before I purchased they said it would, but now I think I saw notes that said it will not?


     
  18. wxs123

    wxs123 LI Guru Member

    Issue with ssl vpn

    I got up the courage to try a quick test and when I try to connect I get a virtual passage setup Error: The modem (or other connecting device) has reported an error. With just a close button on the dialog.
     
  19. wxs123

    wxs123 LI Guru Member

    No logging with the beta version of firmware? I don't see any logs.
     
Thread Status:
Not open for further replies.

Share This Page