The ideal network involves your Internet Service Provider (ISP) connecting onsite to a stand-alone modem that connects to a router, preferably a router recommended to you from Nextiva. If you have more devices on your network than ports on your router, you can connect a switch to your router to expand the number of ports.
NOTE: This article references upgrading from RV02-Hardware-Version-3 to RV02-Hardware-Version-4 (v4.2.3.08) available HERE. This firmware version disables SIP ALG and has a bandwidth management system for networks without the recommended bandwidth. It is always recommended that an experienced Network Administrator update the firmware, and make configuration changes.
There are four main areas that you should be concerned with regarding your network. They are:
Firmware: Must be the latest version available from Cisco for your model.
SIP ALG: Nextiva uses port 5062 to bypass SIP ALG, however, having this disabled is always recommended, which the latest firmware does. SIP ALG inspects and modifies SIP traffic in unexpected ways causing one-way audio, deregistrations, random error messages when dialing, and calls going to voicemail for no reason.
DNS Server Configuration: If the DNS server being used is not up to date and consistent, devices (Poly phones in particular) can become deregistered. Nextiva always recommends using the Google DNS servers of 8.8.8.8 and 8.8.4.4.
Firewall Access Rules: The simplest way to ensure that traffic is not being blocked is to allow all traffic to and from 208.73.144.0/21 and 208.89.108.0/22. This range covers the IP addresses from 208.73.144.0 – 208.73.151.255, and 208.89.108.0 – 208.89.111.255.
NOTE: During the router configuration process below, the network will be unavailable. Depending on the changes being made, as well as any technical difficulties that occur due to the change, this can take from 2 – 20 minutes. Please ensure the configuration changes are made by an experienced IT Professional and during off-hours.
Click the Links Below to Jump to the Corresponding Section:
To Verify/Update Firmware:
NOTE: Nextiva is not able to assist with flashing the latest firmware to a router, as we cannot be held liable if the upgrade fails. It is always recommended that an experienced Network Administrator update the firmware, and make configuration changes. Nextiva recommends backing up your router before upgrading the firmware and configuring the below changes in off-hours.
- Log in to the router by navigating to the Default Gateway IP address and entering the admin credentials.
- Select System Summary > System Information > PID VID and verify that the firmware displays as version RV0XX V04 (v4.2.3.08). Complete the next steps to upgrade firmware. If you already have v4.2.3.08, skip to the next section.
- Download the Small Business Router Firmware for the latest version available from Cisco of your model. It is a best practice to download the file to your Desktop so it can be found easily in the next steps.
- After the download completes, return to the Router Configuration Utility page, and select System Management > Firmware Upgrade.
- Click the Choose File button and locate the previously downloaded firmware file on your Desktop.
- Click the Upgrade button, then click OK in the confirmation window. The firmware upgrade process begins and can take a few minutes to complete.
- After the reboot is complete, you will be logged out of the router and will need to log back in to continue the configuration steps below.
To Configure Firewall Access Rules:
- Log in to the router by navigating to the Default Gateway IP address and entering the admin credentials.
- Select Firewall > General and verify the following required information. Leave all other unspecified settings unchanged:
- Firewall: Enabled
- SPI (Stateful Packet Inspection): Enabled
- DoS (Denial of Service): Enabled
- Block WAN Request: Enabled
- Click Save to apply changes.
- Select Firewall > Access Rules > Add and fill out the following required information for Rule 1:
- Action: Allow
- Service: Ping (ICMP/255~255)
- Log: Not Log
- Source Interface: ANY
- Source IP: 208.73.144.0/21
- Destination IP: ANY
- Scheduling:
- Time: Always
- Effective on: Everyday
- Click Save, then click OK on the confirmation window to enter the following three rules, repeating the previous steps:
Rule 2:
- Action: Allow
- Service: Ping (ICMP/255~255)
- Log: Not Log
- Source Interface: ANY
- Source IP: 208.89.108.0/22
- Destination IP: ANY
- Scheduling:
- Time: Always
- Effective on: Everyday
Rule 3:
- Action: Allow
- Service: All Traffic [TCP&UDP/1~65535]
- Log: Not Log
- Source Interface: ANY
- Source IP: 208.73.144.0/21
- Destination IP: ANY
- Scheduling:
- Time: Always
- Effective on: Everyday
Rule 4:
- Action: Allow
- Service: All Traffic [TCP&UDP/1~65535]
- Log: Not Log
- Source Interface: ANY
- Source IP: 208.89.108.0/22
- Destination IP: ANY
- Scheduling:
- Time: Always
- Effective on: Everyday
- On the Firewall > Access Rules page, ensure that all of the firewall access rules just created have a higher priority than any other access rule that would affect them.
To Configure DHCP DNS Server (Primarily for Poly devices):
- Log in to the router by navigating to the Default Gateway IP address and entering the admin credentials.
- Select DHCP > DHCP Setup and scroll down to DNS and enter the required information below:
- DNS Server: Use DNS as Below
- Static DNS 1: 8.8.8.8
- Static DNS 2: 8.8.4.4
- Click Save to apply changes. After the network reboot is complete, you will be logged out of the router and will need to log back in to continue the configuration steps below. When the network comes back online, reboot all phones and computers connected to the router.