Cisco RV345P

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
welcome to crosstalk solutions my name is Chris and today we're gonna be checking out the Cisco RV 345 P small and medium business router firewall that's right Cisco okay so hey guys mostly know me as a ubiquity channel however Cisco the Big Daddy of networking and firewalls reached out to me and they wanted me to check out this product and of course the first thing I asked them you know knowing Cisco from way back when I mean I haven't personally administered Cisco stuff for at least 15 years so I'm not too familiar with what they've been up to in the meantime but the first thing I asked them was what about the licensing right what kind of licensing do you guys have on this product because if it's some sort of you know Cisco SmartNet or whatever they call it you know the annual license fees that end up costing more than the device itself I'm not interested in talking about it so with this product the RV 345 p and apparently a lot of their small business products they've now gotten away from that Enterprise licensing model this device has no licensing fees it has a limited lifetime warranty it has lifetime software updates and it includes one year of free tech support so this let's go ahead and get this thing on box it's been sitting in my office for like three months probably and the price on this router so this is called the RV 345 P dual when p OE VPN router okay so it's marketed as a VPN router and it does have power over ethernet so here's the device itself pretty compact form factor let's put that aside for now see what else is in the box here oh this is heavy oh my god look at the size of this power brick now wonder they've got it so small and light yeah this is super small and light because you've got a humongous power brick in here look at that thing it does look like it comes with some rackmount ears so for those of you who want to rackmount this into a one use standard rack mount or a 19-inch rack and then of course it has a power cable it has some rubber feet if you don't want to mount it into a rack as well as the screws and then this is Oh an Ethernet cable alright so on amazon the cisco RV 345 p is $471 and 21 cents now i'm gonna mention two apparently and the cisco rep that contacted me about this told me there are knockoffs that can be that are on amazon right so if you buy a knockoff cisco RV 345 p i don't know if it's a knockoff and maybe it's like a reseller thing or something if it's like not an authorized reseller the warranty may not be valid unless you get it from an official cisco partner or something if you look at amazon and i have a link down below if you click on that link that is an affiliate link by the way if you click on that link you'll see that that is for the cisco systems seller right so you want to make sure that if you're buying one of these on amazon you want to get it from cisco and that way you know that the warranty is going to be legit Wow it's actually pretty nice-looking so here we have 16 ports now the first the first eight ports are p OE okay so that's 802 3 AF and 80 I believe so you've got 8 ports of p OE you've got eight gigabit ports of non p OE then you have to land ports so this is a dual LAN router it's specifically marketed as a dual win router then we have a USB port here and the USBs are for type a USB port that supports flash drives and 3G 4G LTE USB dongles so it looks like you can use the USB port for additional storage there's one on the front and there's one on the side here and it's just USB 2.0 but it looks like you can use that for like LTE failover maybe I'll see some more information about that when I dig to the interface on the back we have a power switch a toggle power search we have the power input and we have a console input that you would use your console cable for although look at this console cam the console of a cable that they give you is rj45 for the back of the Cisco and then 9 pin serial for the front I'm not really used to seeing that so much anymore I certainly don't have a 9 pin serial port on my computer and normally what we get these days with console cables are these ones which are USB 2 2 rj45 instead of serial 9 pin serial 2 rj45 so that's kind of an interesting choice and again I haven't been in the Cisco world in forever so I'm sure there's a lot of people in the comments they're gonna be like come on Chris 9 pin serial is standard when you're administering Cisco stuff ok that's great I just I'm not used to it so I haven't seen a 9 pin serial connection in quite some time alright so let me go get this thing plugged in and fired up and we're gonna take a look at the installation wizard and try to get this Cisco box set up appropriately what I've done here is I have plugged in a wham port from my internet connection and I have plugged my computer in to one of the LAN ports one of the non p OE LAN ports that's all I've done so far and we brought up the main page here which is 1 & a 2 192 168 1.1 so we're going to go ahead and login for the first time and proceed and here we go cisco router so the default username and password is all lowercase Cisco and Cisco so we're gonna type that in now ok Wow ok so let's see local user password complexity so this is going to I guess this is giving us our minimum password length and minimum number of character classes which I imagine our uppercase lowercase numerical and special characters so basically we're saying you got to have at least eight characters and they have to be some mix of uppercase lowercase numerical or special characters but only three out of four of those and the new password must be different from the current one okay so I like that the the first thing you login and see is a focus on security and it's you to change the password immediately so let's go ahead and change the password so we're gonna put in the old password of Cisco and then we're gonna generate a new password with LastPass because that usually gives a nice strong password oh wow so I did 12 characters and a mix of uppercase lowercase numerical and special characters generated out of LastPass and it's giving me yellow on the strength meter select let me crank that up we're gonna go higher than that okay there we go now I have all greens that was 24 characters and then lowercase uppercase numerical and special characters and it gave me the green on the password strength meter all right let's go ahead and save that okay and it's gonna have us log back in okay initial setup wizard pops up automatically this setup wizard helps you install your cisco router now for anyone watching this I want to be clear that I am NOT a Cisco expert okay this is the first Cisco router I've touched in probably 15 years okay so I am going through this setup wizard along with you for the first time so don't look at this video as hey these are the best practice setup ideas for a Cisco router because that's not what this is this is me showing you the interface just as I'm seeing it for the first time in a long time okay so with that caveat this setup wizard helps you install your cisco router before you begin make sure the router is connected to an Internet gateway device okay good enough next check connection on when one network connection has been detected great next configure your router set connection type so I'm gonna set this to a static IP address which I'm gonna do mostly off camera here so you guys can't see my way an IP address static IP address and next and now it wants me to populate my static IP address information okay now we're saying our time zone let's put me to UTC - 8:00 Pacific time and yes let's enable enable ntp that would be great next each device on your network has its own as a MAC address in most cases you should choose default address if your ISP requires you to connect using a specific MAC address you may change it here okay my ISP does not require that so we're just gonna use the default and say next please review the following settings ensure the data is correct looks good we're gonna say next enable security set router password the administrative router password protects Bharata from unauthorized access for security reasons you should change the router password for its default setting all right so we already did that so we're gonna say keep current password and we're gonna say submit congratulations your router has been set up successfully okay I've had a few days to play around with this cisco our v3 45p now and everything's been really really solid I I'm gonna do a little tour through the interface this is by no means meant to be a comprehensive review that would take me like three hours right to show you absolutely everything so I did run into one quirk while setting this up you know I had done that really strong password during the initial setup wizard well the next day I logged into the cisco again and for some reason it made me change my password again and I don't know why like I couldn't get past it I logged in with the strong password that I had set and it's like nope you got to change your password so I went through that and it actually hasn't happened again since so I don't know why it makes you change your password in the initial setup wizard and then it made me do it again the next day I might have done something wrong I don't know but that's the only sort of quirky thing that I've run into so far with this device here we have the getting started page and you can see that I've made some changes because we have the blinking you know three and a half inch floppy disk icon in the upper right hand corner which by the way how long are we still gonna use three and a three and a half inch floppy drives as a Save icon very soon people are not gonna have any idea what that is so like all Cisco gear when you make changes those changes are applied immediately meaning that you're running configuration is going to reflect those changes but if you reboot if you have not saved your running configuration to your saved configuration you're gonna lose those changes upon reboot so it basically allows you to try things out and then of course revert those changes if you don't want them so you can see here that this bugs me to save the running configuration if I click on that icon it's gonna bring me over here and we can say save configuration from running config to the startup config or a backup config we can download it or whatever or you can just disable the Save icon blinking so we're just gonna apply these changes I don't even know what changes I made but we're gonna apply them anyways and now let's take a look through the interface so if we click on status and statistics this is gonna give you a general overview of what's happening in the firewall so your ports your port speed connectivity firmware version uptime CPU memory usage etc there's not really too much in here to talk about you can see that there's just a lot of Statistics that you can look at over here on the left hand side one thing I did like however though was view logs I really like the logging functionality and the ability to filter down to just the stuff that you want to see within the log files so for instance I set up a VPN connection between my computer which is in here I'll show you here you can see my computer is DHCP DIN to 192 168 202 to 7 which is the land network behind my edge router ok so I'm in my standard ed router land I have a VPN tunnel setup from the edge router to the Cisco firewall and so you can see even though I'm in the 200 land I am able to access the interface of the Cisco which is over here in the 201 192 168 201 LAN which by the way I changed the IP address it comes by default as one I to 168 1.1 I changed over to 180 168 201 dot one for the IP of the Cisco so as I was saying debugging VPN was very helpful to simply just uncheck everything and only check the VPN log files or anything that was related to VPN in the logs that worked out really really well it actually allowed me to find a problem getting the VPN working between these two firewalls if you click on administration this allows you to see you know your firmware version allows you to upgrade the device manually or from Cisco comm mine came with the latest firmware so I didn't have to worry about any of that it also allows you to do general Diagnostics work such as rebooting managing certificates etc we're not going to cover that too much let's go on to system config raishin system configuration is where you have a lot of the more general settings for the device so you can set up your schedules so for instance if you want to set up the content filtering the web filtering but you only want to set that up during business hours or something like that you can set schedules for all of that sort of stuff you can manage your users user accounts user groups administrators etc you can set up SNMP NTP the email address in SMTP settings for the server or for the firewall all of that is over here in system configuration so cool very cool that has all this functionality but I'm not going to cover too much of that if we click on when this shows us our win interfaces now we can see that I'm only currently using ran one but if I was using LAN 1 and when 2 as a multi win setup and also possibly using LTE backup I could come over here to multi win and this is really cool multi when allows me to load balanced miwam connections not just by percentage so like I could say 50% down when one and 50% down when to I could also do it weighted by bandwidth so I could I can load balance based on megabits per second so that's pretty cool - you know again I don't know where you would want to use one or the other but it is really really nice to see such easy multiband load balancing that allows you to load balance not only multiple LAN connections through Ethernet but also the two USB ports for LTE backup connectivity and then also in win you can set up your mobile network stuff you can set up dynamic DNS etc alright let's click on the land and there's a lot that you can do in the land I think this is where most people are going to be spending their time if they are configuring this Cisco firewall you can do your ports port statistics port settings POA settings link aggregation mirroring VLAN settings all of that is under the LAN category for p OE settings it's pretty standard so you have 8 ports of p OE in this device and you can not only though this is something I've actually never seen before you can not only edit your ports so here's LAN port one you can not only edit whether P OE is enabled or disk on the port you can also specify a maximum Milla watt of outage of power outage right so or what they call power power allocation so in other words you can say hey listen port one i only ever want a maximum of 10 watts out of this port so for instance an access point or a phone is gonna be somewhere between like 4 to 6 watts of output you can actually lock it down so that a single port can't use too much wattage which i think is pretty cool I've never seen that feature before here we can see for instance I have a u AP AC Pro that I set up so we're going to talk about the VLANs in just a second I have this set up just as a sort of test with a guest network and we can see that is plugged into port 9 it's powered by p OE my maximum power allocation is 30,000 milliwatts but this device itself is only pulling through 30 600 milliwatts or 3.6 watts so yeah that's pretty cool you can see all of that and you can even lock it down so I might want to come in here to land port 9 and lock it down so the maximum power allocation is only you know 5,000 watts or we'll say 6,000 watts which should be more than enough for just powering one access point all right if we click on our VLAN settings this is where I set up an extra VLAN so basically I just have unify my cloud-hosted unify I went into that cloud-hosted unify I added a new guest Wi-Fi network on VLAN 10 and then all of the guest settings like the client isolation the bandwidth allocation per guests and stuff all of that is going to be handled in unify and all I did here was set up VLAN 10 as one and 81-68 10.0 / 24 network with a DHCP server so let's go ahead and edit this and you can see all of the settings for VLAN 10 so here's my IP range DHCP is set to server we've got our start and stop ranges our dns settings that we're handing out and then you've got your DHCP options down below now it only has option 66 150 67 and 4 three as possible dhcp options i there's a ton more dhcp options than that but i wasn't able to find where you can set those up not saying that you can't set those up but in my sort of brief overview and my investigation into this interface i wasn't able to find where you can set up additional dhcp options or even you know a customize your own dhcp options if you wanted to you also have your ipv6 settings over here on the right with ipv6 dhcp as well if you need to set that up then we have our land slash DHCP settings so this is another place where you can configure your DHCP servers and this allows you to have a little bit of a DHCP wizard that you can walk through so for instance if I check VLAN 10 and I say edit you have a few steps that you can walk through so here we can say disabled server or past DHCP to a different DHCP server click Next we're going to keep it as the server and that here's all of our DHCP options that we saw on that last screen and then if we say Next then we can choose what to do for ipv6 as well in this case we're gonna leave it disabled click OK and now I've set up a new DHCP or modified the DHCP settings for VLAN 10 next we have routing this is for more advanced routing rip and IGMP static routing entries that you want to enter I'm not gonna cover too much of that because I'm not doing any fancy routing but of course this is Cisco so you're gonna be able to do all of that sort of good stuff same thing with firewall like I said I'm not gonna go into the firewall too much I didn't dig into it too much myself but I imagine that anything you'd ever want to do with the firewall you could do with this device so we've got access rules and network address translation static NAT settings port forwarding port triggering DMZ settings etc one thing that I do like though is that sip ALG and universal plug and play are both disabled by default which they should be alright let's click on VPN because this is marketed as a VPN firewall and boy howdy there is so much you can do with VPN just look at the settings down here on the left hand side VPN status IPSec profiles site-to-site VPN client design VPN teleworker VPN PPTP l2tp SSL VPN GRE VPN pastor right so there's a ton of settings related to VPNs and since it was since there were so many settings I decided that I wanted to attempt to set up VPN between this Cisco box and my edge router 4 which is my main firewall and I was able to do it it took me about 45 minutes to an hour of sort of troubleshooting and trying to figure out how to get the setup working and it was actually a little bit trickier in the edge router than it was in the Cisco and when I say trickier I just mean like I first just tried to set up VPN on both sides using the GUI of both the edge router in the Cisco but on the edge router side I actually had to delete everything that I did in the GUI and then flip over to the CLI to set up VPN via CLI on the edge router side but on the Cisco side I was able to set up all of the you know matching settings for the VPN right through the GUI so I have yet to have to log into the the CLI of this Cisco firewall everything I've been able to do I was able to do with the GUI so here we can see that I have one tunnel used out of 49 and 49 tunnels left available you have a total of 50 tunnels that you can use in this firewall and what I ended up doing and by the way let me know if you guys want to see a separate video on how I did the VPN tunnel between these two devices I'm happy to do a separate video on that if anyone's interested essentially though I went in here I set up a new ipsec profile specifically for the edge router and then I came over to site to site VPN settings and in here we can see the site-to-site VPN that I set up and you can edit it and then you have all of the various you know VPN settings that you would expect to have to set up in order to match two sides of a site-to-site IPSec VPN connection if we click on security this is where we get into some of the application control stuff where you can actually create you know filters for Facebook and tinder and whatever you might want to block out torrenting etc if you come down here to web filtering we can add a new web filter policy which you know basically has all of these things bill by default but you can add additional ones if we go to application control this allows you to add different policies where you can say okay let's edit our application list table so for instance if we wanted to go to social networking look at all these different social networks that you can block so if we wanted to block you know Twitter and we're gonna say block and log you can also permit in log which I would say you know if you're gonna be setting something like this up like we want to block Facebook well start off by doing permiten log right that way you can at least see which of your users are hammering on Facebook most often first before you actually block it and maybe put out some memos about hey you shouldn't be on Facebook type of stuff if we apply that we can see I've added to social network applications to the list and then we can either block or permit and choose whether or not to log traffic that's going to those different social networks now the interesting thing though is there's not a lot in here right so like your for instance if we look on dating there's like 1 2 3 4 5 6 7 8 9 different dating applications that you can block via the application control firewall and I mean I don't I'm not on any dating apps okay but I know that there's a lot more than the ones that are listed here like I mean match.com right they're like one of the biggest ones out there as far as I know and I don't see match.com on here so how do you block that you probably want to do that with DNS filtering instead ok so there's much more powerful options for blocking this type of stuff for instance with Cisco umbrella so let's click on Cisco umbrella Cisco umbrella is basically like Open DNS for enterprise so cisco bought open DNS and that is sort of their small business and home user DNS filtering service then they have Cisco umbrella which Cisco umbrella is a more robust filtering service made for enterprise ok so I'm probably gonna do a separate video on Cisco umbrella because I do get a 14-day free trial and I would like to dig in and sort of see their implementation of DNS filtering but I'm sure it's a lot more comprehensive than what you actually get just in the interface of the Cisco right so if I were managing enterprise I probably wouldn't let the this device itself do any of the application filtering I would probably do that by virtue of you know something like Cisco umbrella or Open DNS and then just force users to use those specific DNS servers when they're surfing the web down here at the bottom we also have threat and IPS where we can see statistics for the built-in traffic antivirus and intrusion prevention okay so let's take a look at for instance IPS here we go and so if IPS is enabled so we'll turn this on and apply that we can see are we logging only are we blocking attacks and then what's the security level that we're using this is just its conductivity means least protection balanced is medium and then security is high protection and then you can see the attack signatures down below they got 58 pages of attack signatures that you can look through one thing that I don't know about is whether or not turning on IPS throttles down the total throughput of the firewall right so for instance in ubiquity world we all we all know that like you turn on IPS you don't get as much bandwidth or throughput as you do when IPS is disabled because you've got a lot of CPU power being used to sort of look at every packet that's coming in and out of the firewall to you know see what it can prevent or just make sure when you're looking for those attack signatures so I didn't find any statistics on whether the throughput of the device is diminished by virtue of enabling IPS however I did find that this device has 950 megabits per second of standard throughput like if you don't have anything crazy going on and 650 megabits per second of VPN throughput so just wanted to throw that out there I don't remember if I mentioned that earlier in the video or not all right then we've got quality of service I added a quality of service force if I was just playing around with it but you've got all of the standard quality of service stuff that you would expect out of a Cisco router and then some configuration wizards like the initial setup wizard application control wizard and VPN setup wizard which I did not use the VPN setup wizard when I set up the VPN I just did it manually if we click on license we can see that I don't currently have a license I'm in an evaluation mode for 88 days in fact let me do this let me go sign up for a license and I will paste it in here and see what it looks like after I have 16 ohm officially licensed this firewall I am now registered with this device there were a few hoops that I had to jump through since I didn't have a Cisco account I had to create an account then I had to create like a company account both had to be verified through email and all this sort of stuff and when all of that was said and done I get to this screen which says that I'm registered but I'm out of compliance and by out of compliance they're basically saying I have negative one license or insufficient licenses for the RV series security services license so again I was under the impression that this device does not have to be licensed and frankly I'm not about to go down the rabbit hole of Cisco licensing and try to figure this out so I'm just gonna send an email to my Cisco contact and ask about this and see you know maybe I did something wrong or maybe my account just you know maybe there was something in the box that I was supposed to add as a license or something I don't really even know all right I am here in downtown Portland I edited that video yesterday but then got some additional information about the licensing the Cisco licensing and essentially what it is is they sell on top of the price of the firewall they sell for a hundred and twenty $1.99 an annual license that gets you into all of the security features so anything that's under that security tab one of the last things that I showed in the interface that's going to be the content filtering the antivirus the intrusion prevention all of that stuff those are all licensed features of the firewall so you can actually have the firewall the firewall the routing the VPN stuff everything else is included with no license required if you want the additional security stuff so the content filtering and all of that then you're gonna pay an annual license of one hundred and twenty $1.99 but they actually recommended if you aren't gonna use any of those extra security features you don't even need to license the device at all you don't have to go through what I did to get it license where it's showing that negative one license thing okay so hope that helps and back to the video so let's talk about overall and pray of this device overall this is a very solid firewall as I expected it to be I mean even when I received the box I was like yeah this is gonna be a good firewall its cisco cisco has been around forever they know what they're doing and networking i have not had this in production if you guys do have these in production let me know how they are down below I'd love to hear your feedback on these but I imagine that they're fine I mean I would have no qualms about buying one of these for a client and putting it into production I'm sure it would be just fine for any SMB client and one thing I will say about this device though is that they absolutely do not dumb it down at all for beginners okay so this is not a beginner's firewall if you're looking for a beginners firewall go get a Netgear nighthawk or something right and put that in your home you would not have this in your home this is a device unless you're looking to really like learn firewalls and networking that's when you would want to have this in your home but this is more for like small to medium businesses that have an internet connection that's you know sub gigabit as far as the pricing goes the pricing for this device is $471 and 21 cents they also have a non power over ethernet version that is three hundred and thirty-eight dollars and sixteen cents I'm fine with the price keep in mind that it comes with one year of free Cisco tech support so I can't tell you how many times people bought like a ubiquity firewall they run into trouble setting it up and then they have to hire us you know hourly to figure it out for them you end up spending more than the cost of the firewall in the setup and support to get it running so paying four hundred and seventy one dollars for this firewall with sixteen switch ports eight of which rpoe and you get a year of tech support from Cisco that's really not that bad a deep not bad a deal right it's not a bad deal because that tech support itself is gonna be worth something you wouldn't have to hire a third party to help you figure it out you can actually contact Cisco and say hey this isn't working or how do I do this or blah blah blah right and Cisco I haven't used their support but I'm sure it's fine and they will be able to help you get it dialed in I mean I like this device it's a Cisco I you know it's a great firewall I'm sure it's going be just fine an SMB and yeah again I don't think I'm personally gonna start selling these I want to figure out the licensing stuff if there's anything else that you guys would like to see with this firewall I'm interested in maybe doing a video on the VPN this IPSec site-to-site VPN between the cisco and my edge router I would also like to do a video on Cisco's umbrella DNS filtering service any other videos or questions that you have put them down in the comments below I'd be happy to take a look at those if you guys enjoyed this video make sure you give me a thumbs-up if you'd like to see more videos like this please click that subscribe button alright my name is Chris with crosstalk solutions and thank you so much for watching you
Info
Channel: Crosstalk Solutions
Views: 44,716
Rating: 4.9018407 out of 5
Keywords: cisco, cisco rv345, cisco rv345p, cisco rv345 configuration, cisco rv345p router, cisco rv345 review, cisco rv345p review, cisco rv345 router, cisco rv345 setup, cisco rv345p default password, crosstalk, crosstalk solutions, dual wan, load balancing, dual wan load balancing, dual wan router
Id: 8QnxyTFlSoA
Channel Id: undefined
Length: 31min 48sec (1908 seconds)
Published: Fri Feb 21 2020
Related Videos
IS CISCO BACK WITH A VENGEANCE? Cisco RV345P Intro.
Willie Howe
10K
Pockethernet
Crosstalk Solutions
102K
Ubiquiti Access Points Explained
Crosstalk Solutions
1.2M
Dual wan load balancing routers cisco rv325 vs tplink er-5120 vs ubiquiti erlite-3
Ben Kayfetz
72K
Comparison of Pepwave Routers Offered at TechnoRV
TechnoRV
17K
DNS Server Lockdown
Crosstalk Solutions
60K
What is a Patch Panel? Do You Need One?
Budget Nerd
1.4M
How does fiber internet work? 0ms ping!
Snazzy Labs
973K
Cisco Tech Talk: Router on a Stick & InterVLAN Routing on a RV340 Router & a CBS350 Switch
Cisco
1.8K
Qubes OS: How it works, and a demo of this VM-centric OS
DorianDotSlash
74K
Connect Cisco Router and Switch to ISP Home Router and Access Internet
Cisco Config
14K
CompTIA Network+ Certification Video Course
PowerCert Animated Videos
3.5M
Should You Buy A UniFi Dream Machine, USG, USG Pro, or Dream Machine Pro?
Lawrence Systems
26K
AmpliFi Alien
Crosstalk Solutions
88K
Checking Out some Cisco Routers
Nerd on the Street
19K
Configuring Cisco Umbrella Windows AD Connector Part 1
Network Wiizkiid
2.5K
Ubiquiti SunMAX SolarPoint
Crosstalk Solutions
56K
Cisco RV345 review
VDS Systems
15K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.