ZyNOS FAQ
ZyNOS is ZyXEL's proprietary Network Operating System. It is the platform on all Prestige routers that delivers network services and applications. It is designed in a modular fashion so it is easy for developers to add new features. New ZyNOS software upgrades can be easily downloaded from our FTP sites as they become available.
2. How do I access the Prestige SMT menu?
The SMT interface is a menu driven interface, which can be accessed via a RS232 console or a Telnet connection. To access the Prestige via SMT console port, a computer equipped with communication software such as HyperTerminal must be configured to the following parameters.
The default console port baud rate is 9600bps. You can change it to 115200bps in Menu 24.2.2 to speed up access of the SMT.
3. What data compression protocol does the
Prestige support?
The Prestige supports STAC compression. Please note that STAC is not enabled in the
Prestige by default. You can enable it in Remote Node setup (SMT menu 11.2, Edit PPP
Option).
4. What is the default console port baud rate? Moreover, how do I change it?
The default console port baud rate is 9600bps. When configuring the SMT, please make sure that terminal baud rate is also 9600bps. You can change the console baud rate from 9600bps to 57600 to speed up SMT access, by using SMT menu 24.2.2.
5. How do I upload the ZyNOS firmware code via console?
The procedure for uploading via console is as follows.
6. How do I upgrade/backup the ZyNOS firmware by using TFTP client program via LAN?
The Prestige allows you to transfer the firmware from/to Prestige by using TFTP program via LAN. The procedure for uploading via TFTP is as follows.
7. How do I upload ROMFILE via console port?
In some situations, such as losing the system password or the need of resetting SMT to factory default you may need to upload the ROMFILE.
The procedure for uploading via the console port is as follows.
8. How do I backup/restore SMT configurations by using TFTP client program via LAN?
9. What should I do if I forget the system password?
In case you forget the system password, you can upload ROMFILE to reset the SMT to factory default. After uploading ROMFILE, the default system password is '1234'.
10. What is SUA? When should I use SUA?
SUA (Single User Account) is a unique feature supported by Prestige router which allows multiple people to access Internet concurrently for the cost of a single user account.
When Prestige acting as SUA receives a packet from a local client destined for the outside Internet, it replaces the source address in the IP packet header with its own address and the source port in the TCP or UDP header with another value chosen out of a local pool. It then recomputes the appropriate header checksums and forwards the packet to the Internet as if it is originated from Prestige using the IP address assigned by ISP. When reply packets from the external Internet are received by Prestige, the original IP source address and TCP/UDP source port numbers are written into the destination fields of the packet (since it is now moving in the opposite direction), the checksums are recomputed, and the packet is delivered to its true destination. This is because SUA keeps a table of the IP addresses and port numbers of the local systems currently using it.
11. What is the difference between NAT and SUA?
NAT is a generic name defined in RFC 1631 'The IP Network Address Translator (NAT)'.
SUA (Internet Single User Account) is ZyXEL's implementation and trade name for
functioning PAT (Port Address Translation) which is a specific type of NAT. SUA( or PAT
for NAT) translates address into port mapping.
The primary motivation for RFC 1631 is that there is not enough IP address to go around. In addition, great many corporations simply did not bother to obtain legal (globally unique) IP addresses for their networks and now finding themselves unable to connect to the Internet.
Basically, NAT is a process of translating one address to another. A NAT implementation can be as simple as substituting an IP address with another. This allows a network to rectify the illegal address problem mentioned above without going through each and every host.
The aim of ZyXEL's SUA is to minimize the Internet access cost in a small office environment by using a single IP address to represent the multiple hosts inside. It does more than IP address translation, it also enables hosts on the LAN can access the Internet at the same time.
12. How many network users can the SUA support?
The fixed-size translation table limits the number of simultaneous. A reasonable number will be less than 20 users. Beyond that, the limited modem bandwidth would probably become the bottleneck and any increase in the translation table size will not help.
13. How do I capture the PPP log in my Prestige?
The procedure to capture the PPP log in Prestige is as following.
To enable the capture of PPP log before a connection is established:
To display the PPP log after a connection is disconnected:
14. Why do we need the input filter in menu 3.1 and call filter in menu 11.1?
Two factory default filter sets have been optimized for Internet connection. They are configured in menu 21 and applied to menu 3.1 and menu 11.5 to prevent NETBIOS triggering the call. You can remove it if you do not need it.
15. How can I protect against IP spoofing attacks?
The Prestige's filter sets provide a means to protect against IP spoofing attacks. The basic scheme is as follows:
For the incoming data filter:
Filter rule setup:
Where a.b.c.d is an IP address on your local network and w.x.y.z is your netmask:
For the outgoing data filters:
Filter rule setup:
Where a.b.c.d is an IP address on your local network and w.x.y.z is your netmask.
If enabled, DNS Proxy allows the Prestige to act as the DNS server for the local network. The Prestige gets the IP address of the actual DNS server from the remote site via IPCP negotiation. Note this feature only works if the remote site supports RFC 1877.
16.a. How do I turn on DNS Proxy?
DNS Proxy is enabled only if the selection of the DHCP field under DHCP Setup in Menu 3.2 is Server and the Primary DNS Server is set to 0.0.0.0. (this is the factory default). If the DNS Proxy is enabled, the Prestige will assign its IP address as the Primary DNS in the responses to DHCP requests on the local network.
16.b. How do I set DNS other than Prestige IP address?
The Prestige assigns the values entered in Primary DNS server and Secondary DNS server fields in Menu 3.2 to the responses to the DHCP requests on the local network if the DHCP Server function is enabled.
17. What is a Nailed-up Connection and when do I need to use it?
A Nailed-up Connection, when enabled, emulates a leased line connection even though the physical line is a dial-up connection. The Prestige dials and holds up a connection, without any traffic requesting it.
When you want the link to be always up, you need to use it.
18. What are Device filters and Protocol filters?
In ZyNOS, the filters have been separated into two groups. One group is called 'device filter group', and the other is called 'protocol filter group'. Generic filters belong to the 'device filter group', TCP/IP and IPX filters belong to the 'protocol filter group'.
19. Why can't I configure device filters or protocol filters?
In ZyNOS, you can not mix different filter groups in the same filter set.
20. The Prestige supports to upload the firmware and configuration files using FTP, but how do I prevent the outside user from 'FTP' my Prestige?
The Prestige supports to upload the firmware and configuration files using FTP connections via LAN and WAN. So, this becomes unsecure that anyone can make a FTP connection over the Internet to your Prestige. To prevent from outside users connecting to your Prestige via FTP, you can configure a filter to block the FTP connection from WAN. Click here for the details about how to configure this filter set.
All contents copyright © 1999 ZyXEL Communications Corporation.