|
|||||||||||||||||||||
Configuration
The menu structure of the RV220W and RV120W are nearly identical, with menu options listed along the left side of the GUI and some menus having multiple sub-options. There are several additional features in the RV220W, as well as some differences, which I've listed in Table 1.
| Main Menu | SubMenus | |
|---|---|---|
| RV220W | RV120W | |
| Status | Interface Statistics | X |
| Status | Active Users | X |
| Status | SSL VPN Connection Status | X |
| Networking | Jumbo Frames | X |
| Wireless | X | WPS |
| Cisco ProtectLink | New Feature | X |
| VPN | SSL VPN Server | X |
| VPN | SSL VPN Client | X |
| VPN | PPTP Server | X |
| Administration | CSV File Import | X |
Table 1: RV 120W and RV 220W menu structure comparison
To begin, there are three new sub-menus in the Status menu. The Interface Statistics sub-menu provides a packet count on the WAN and LAN, while the Active Users sub-menu shows all the logged in users, whether they are an admin user configuring the router or a remote SSL VPN user.
The SSL VPN Connection status sub-menu seems misplaced, however. It would make more sense to me if it were with the other SSL VPN menus. Nevertheless, it provides a useful display of active SSL VPN connections, as shown in Figure 3.
Figure 3: SSL Connection Status
Another menu that seems misplaced is the port forwarding configuration page for the RV220W. Initially, I thought port forwarding was omitted from the RV220W, because the port forwarding sub-menu on the RV120W is located in the Firewall menu. On the RV220W, the port forwarding sub-menu is located in the SSL VPN menu. The RV220W does allow port forwarding by application instead of specifying a port, possibly simplifying the configuration, if you look for it in the SSL VPN menu.
A carryover from the RV120W to the RV220W is the need to reboot the router to apply various configurations, such as enabling IPv6. Rebooting the RV220W is slow, it takes 150 seconds before you can log back in, and even more time for the router to re-establish its WAN connection and pass traffic.
Differences
There are two main differences between the RV220W and the RV120W for your internal network. One, the RV220W LAN has Gigabit Ethernet ports. And two, the RV220W WLAN has a dual band wireless radio. These two additions allow for higher data speeds between devices on the wired and wireless networks. Other than these two additions, wired and wireless LAN configuration options are virtually identical on the RV220W and RV120W.
I was pleased to see the RV220W had 10/100/1000 Ethernet ports plus jumbo frame capability supporting up to 9000 byte frames. This is lacking on the RV 120W, which has only 10/100 ports.
There is one more minor difference between the RV220W and the RV120W wireless options. WPS (WIFI Protected Setup) is not supported on the RV220W, even though the feature was available on the less expensive RV120W. But as Tim noted in his review, this is not surprising, given the business focus of the product.
Security
Firewall and security options on the RV220W and RV120W are also nearly identical and covered in the RV120W review. There is one big difference, though. As I noted in the menu differences above, the RV220W has a new subscription based security feature called Cisco ProtectLink.
Cisco ProtectLink is provided through a partnership with Trend Micro. Cisco has a couple of versions of this feature. The version of ProtectLink offered with the RV220W is the Gateway version. Features of ProtectLink Gateway include:
- Email spam blocker including virus and antiphishing protection
- Web/URL content filtering with more the 80 categories of website types
- Web threat protection for blocking malicious websites and monitoring accessed websites
Although ProtectLink works with the router, it is really a cloud-based service. When activated and properly configured, email and web traffic requests from clients behind the router are sent to email and web servers at Trend Micro. Replies to those requests are filtered or sent back to the clients, as depicted in Figure 4.
Figure 4: Cisco ProtectLink diagram
The advantage to this approach is the CPU intensive work of filtering traffic is performed by Trend Micro, not the router. An additional advantage is the database of spammers and web sites is maintained centrally instead of requiring the router to download regular updates.
ProtectLink email protection is targeted at networks with an internal email server that can reroute their email MX (mail exchange) record to Trend Micro. Once your MX record is pointed at Trend Micro, all email sent and received from PCs behind the RV220W is filtered by the Trend Micro service.
Web filtering doesn't require any changes on your network, however. Web filtering is performed by Trend Micro, but you can enable and disable it, as well as define what is filtered on the RV220W. Web categories that can be filtered include Adult, Business, Computers/Bandwidth, Computers/Communication, General, and Social. Each of these categories has multiple different subcategories for a total of 80 filtering categories.
I enabled the entire Social category and tried to go to Facebook, and got the message shown in Figure 5.
Figure 5: Web filtering block message
I played around with different categories to see what would be blocked. For example, enabling the subcategory labeled Computers/Internet under the Business category blocked access to smallnetbuilder.com!
Different websites can be filtered based on different times of day based on time schedules created on the RV220W. You can define two schedules: one labeled Business hours, the other Leisure hours. The times you don't define as Business Hours will be considered Leisure hours. Thus, you can block Facebook from 8am-5pm M-F, but allow it outside those hours.
Controls within the RV220W for ProtectLink include defining various clients by IP address to exclude from web filtering. A whitelist of URLs can be entered for websites that should not be filtered. Last, you can enable Web Reputation, a feature to protect against malicious websites.
There is a 30 day free trial of ProtectLink, activated through sending an email and receiving a code. A 1 or 3 year license can be purchased through various vendors on line. For 25 email users and a 1 year license, the cost is $277.98. For 25 email users and a 3 year license, the cost is $455.98. There are also 100 email user licenses for 1 year and 3 years at $525.98 and $839.98.
User reviews
View all user reviewsAverage user rating from: 9 user(s)
NOTE! Please post product reviews from actual experience only.
Questions, review comments and opinions about products not based on actual use will not be published.
VPN assymetric speed
Some days ago I got two RV220W devices to test VPN perfomance and got the strange results. I built site to site VPN , IPSec preshared key.
A) AES 256/SHA512/DH Group 1536 Incoming speed Mbit/s 17,07 Outgoing-34,14
B) AES 256/SHA1/DH Group 1024 Incoming speed Mbit/s 33,83 Outgoing 77,66
C) AES 128/SHA1/DH Group 1024 Incoming speed Mbit/s 34.69 Outgoing 78,00
I did not expect to see assymetric speed.
Suppose Cisco knows why? :)
I would not recommend this router
Usin the latest firmware atm (1.0.4.17) the router seems fairly stable to me..
However, I would really not recommend this router to anyone..
Looking at the firmware change log, the firmware still contains many bugs..
The VPN functionality is close to impossible setting up (I have not managed to do so for now)..
Cisco has not provided any VPN client for Mac OS X users, and the IPsec VPN is not compatible with iPhone/iPad (which was the main reason why i bought this router)..
If you do not need VPN functionality, you should definitely not buy this router..
If you really need VPN functionality that badly, you should definitely go for a more professional solution..
I chose this router because of the Cisco brand.. However, it looks like they have ditched their Small Business series..
Lacking in Development of good firmware
TBH this router could have been great except for allowing Team F1 to develop the firmware for this device.
Issues:
Frequent Random Reboots
DHCP Server slow at times.
WebGUI Very Laggy.
SSLVPN issues on RV220W
I have spent a lot of time trying to configure this device on my own and with CISCO tech support. My case was eventually escalated level 3 (i think).
Problem 1:
When accessing https://WAN_IP/portal/sslvpn portal, text fields were grayed out and login button was disabled.
Solution: We eventually figure out that URL is CASE SENSITIVE
You must use https://WAN_IP/portal/SSLVPN for it to work properly.
Problem 2:
I am using Windows 7 x64 OS and no matter what I tried I I continuously received the message "Error Virtual Passage Installation Failed!" I built numerous virtual machines and confirmed that Virtual Passage driver works on WIndows XP and WIndows 7 x86, but NOT on x64.
Here is a final response from CISCO tech:
--------------------------
This is a valid issue that has been root caused. The SSL VPN driver file (.sys file) has a self signed Cisco signature but it should have Microsoft signature to get around the below Windows error.
This will be fixed for the upcoming MR2 release. We are investigating whether a work around to the below installation issue is available with the current firmware.
--------------------------
(Firmware Version: 1.0.3.5).
Small Biz Owner Not Happy with Cisco RV220W
Bought this 6 months ago to add VPN capability to my small manufacturing business. Newtwork-wise I'm an above avg small biz owner, programming for 40 years, and can build basic networks and PCs from scratch.
Would not recommend this router. If I were doing it over would buy separate VPN firewall router and hook it up to wireless access points. Probably would not buy Cisco after this experience.
Cisco tech support eventually taught me how to configure the VPN for my business. It took about 12 phone calls and 6-8 hours on the phone. Half the people I talked to gave me bad advice, or didn't understand the problem. I do sales all day, of fairly technical things and know how to explain problems.
I have had the same experience express by others about the buggy firmware. Have tried 1.0.1.0 and 1.0.2.4 but my unit only runs on 1.0.0.26. The others are buggy and the menus are incomplete no matter which browser I use.
I find the menus not intuitive relative to other routers I've set up. The DCHP Client table doesn't give as much info as a linksys home router.
We are also still experiencing some problems getting Windows computers to share database files over mapped drives in Windows inside the firewall. We've tried mapping the drives with windows names and with static IP addresses. The system seems to clog up now and then, and rebooting solves the problem, but we can't always reboot the whole network while the business is running. I'm not an expert in this particular aspect of networking, and am not confident calling Cisco tech support, so I'll probably try a professional IT person.
Related Items:
New To The Charts: Cisco RV042 Dual WAN VPN RouterCisco Adds Small-Biz Switches, VPN Router, More
Cisco RV180 VPN Router Reviewed
NETGEAR FVS318N ProSafe Wireless-N 8-port Gigabit VPN Firewall Reviewe
Cisco RV042 v3 Dual WAN VPN Router Reviewed
