ZyNOS is ZyXEL's proprietary Network Operating System. It is the platform on all
ZyXEL device that delivers network services and applications. It is designed in a
modular fashion so it is easy for developers to add new features. New ZyNOS software
upgrades can be easily downloaded from our FTP sites as they become available.
2. How do I access the ZyAIR G-2000P SMT menu?
The SMT interface is a menu driven interface, which can be accessed via Telnet connection. To access the ZyAIR G-2000P telnet, you will need a host equipped with telnet client and telnet into the device IP. If you are managing the device from LAN, the default LAN IP is 192.168.1.1. Type in the password when you are prompt to. The default password is 1234 if unchanged.
3. How do I upload the ZyNOS firmware code from Web GUI?
The procedure for uploading ZyNOS via Web GUI is as follow.
4. How do I upgrade/backup the ZyNOS firmware by using TFTP client program via LAN?
The ZyAIR G-2000P allows you to transfer the firmware from/to ZyAIR G-2000P by using TFTP program via LAN. The procedure for uploading ZyNOS via TFTP is as follows.
5. How do I upgrade/backup the ZyNOS firmware by using FTP client program via LAN?
The ZyAIR G-2000P allows you to transfer the firmware from/to ZyAIR G-2000P by using FTP program via LAN. The procedure for uploading ZyNOS via FTP is as follows.
6. How do I backup/restore SMT configurations by using TFTP client program via LAN?
7. How do I backup/restore configurations by using FTP client program via LAN?
8. Why can't I make Telnet to ZyAIR G-2000P from WAN?
For the ZyAIR G-2000P, because a default Telnet filter is configured in ZyAIR G-2000P to prevent outside users from access the ZyAIR G-2000P via Telnet. You can remove the filter set 3 in menu 11.5--Input Filter Sets field.
For the ZyAIR G-2000P, there are three reasons that Telnet from WAN is blocked.
Source IP= Telnet host
Destination IP= ZyAIR G-2000P's WAN IP
Service= TCP/23
Action=Forward
9. What should I do if I forget the system
password?
In case you forget the system password, you need to upload ROMFILE to reset the SMT to
factory default. After uploading ROMFILE, the default system password is '1234'
or press the reset button located by the power jack with a sharp pointed object
by holding down the reset button for 10 second.
10. What is SUA? When should I use SUA?
SUA (Single User Account) is a unique feature supported by ZyAIR G-2000P router which allows multiple people to access Internet concurrently for the cost of a single user account.
When ZyAIR G-2000P acting as SUA receives a packet from a local client destined for the outside Internet, it replaces the source address in the IP packet header with its own address and the source port in the TCP or UDP header with another value chosen out of a local pool. It then recomputes the appropriate header checksums and forwards the packet to the Internet as if it is originated from ZyAIR G-2000P using the IP address assigned by ISP. When reply packets from the external Internet are received by ZyAIR G-2000P, the original IP source address and TCP/UDP source port numbers are written into the destination fields of the packet (since it is now moving in the opposite direction), the checksums are recomputed, and the packet is delivered to its true destination. This is because SUA keeps a table of the IP addresses and port numbers of the local systems currently using it.
11. What is the difference between NAT and SUA?
NAT is a generic name defined in RFC 1631 'The IP Network Address Translator (NAT)'.
SUA (Internet Single User Account) is ZyXEL's implementation and trade name for
functioning PAT which is a specific type of NAT. SUA( or PAT for NAT) translates address
into port mapping.
The primary motivation for RFC 1631 is that there is not enough IP address to go around. In addition, many corporations simply did not bother to obtain legal (globally unique) IP addresses for their networks and now find themselves unable to connect to the Internet.
Basically, NAT is a process of translating one address to another. A NAT implementation can be as simple as substituting an IP address with another. This allows a network to rectify the illegal address problem mentioned above without going through each and every host.
The design goal of ZyXEL's SUA is to minimize the Internet access cost in a small
office environment by using a single IP address to represent the multiple hosts inside. It
does more than IP address translation, so that multiple hosts on the LAN can access the
Internet at the same time.
12. How many network users can the SUA support?
The ZyAIR G-2000P does not limit the number of the users but the number of the sessions. The
ZyAIR G-2000P supports 1024 sessions that you can use the 'ip nat iface enif0 st'
command in menu 24.8 to view the current active sessions.
13. What are Device filters and
Protocol filters?
In ZyNOS, the filters have been separated into two groups. One group is called
'device filter group', and the other is called 'protocol filter group'. Generic
filters belong to the 'device filter group', TCP/IP and IPX filters belong to the
'protocol filter group'.
14. Why can't I configure device
filters or protocol filters?
In ZyNOS, you can not mix different filter groups in the same filter set.
15. How can I protect against IP
spoofing attacks?
The ZyAIR G-2000P's filter sets provide a means to protect against IP spoofing attacks. The basic scheme is as follows:
For the input data filter:
Filter rule setup:
Where a.b.c.d is an IP address on your local network and w.x.y.z is your netmask:
For the output data filters:
Filter rule setup:
Where a.b.c.d is an IP address on your local network and w.x.y.z is your netmask.
All contents copyright © 2004 ZyXEL Communications Corporation.