ZyNOS is ZyXEL's proprietary Network Operating System. It is the platform on all
Prestige routers that delivers network services and applications. It is designed in a
modular fashion so it is easy for developers to add new features. New ZyNOS software
upgrades can be easily downloaded from our FTP sites as they become available.
2. How do I access the Prestige SMT menu?
The SMT interface is a menu driven interface, which can be accessed via a RS232 console or a Telnet connection. To access the Prestige via SMT console port, a computer equipped with communication software such as HyperTerminal must be configured with the following parameters.
The default console port baud rate is 9600bps, you can change it to 38400bps in Menu
24.2.2 to speed up the SMT access.
3. What is the default console port baud rate?
Moreover, how do I change it?
The default console port baud rate is 9600bps. When configuring the SMT, please make sure the terminal baud rate is also 9600bps. You can change the console baud rate from 9600bps to 38400bps in SMT menu 24.2.2.
4. How do I update the firmware and configuration file?
You can upload the firmware and configuration file to Prestige using console port, FTP or TFTP client software. You CAN NOT upload the firmware and configuration file via Telnet because the Telnet connection will be dropped during uploading the firmware. Please do not power off the router right after the FTP or TFTP uploading is finished, the router will upload the firmware to its flash at this moment.
5. How do I upload the ZyNOS firmware code via console?
The procedure for uploading ZyNOS via console is as follows.
6. How do I upgrade/backup the ZyNOS firmware by using TFTP client program via LAN?
The Prestige allows you to transfer the firmware from/to Prestige by using TFTP program via LAN. The procedure for uploading ZyNOS via TFTP is as follows.
7. How do I upload ROMFILE via console port?
In some situations, you may need to upload the ROMFILE, such as losing the system password, or the need of resetting SMT to factory default.
The procedure for uploading ROMFILE via the console port is as follows.
8. How do I backup/restore SMT configurations by using TFTP client program via LAN?
9. What should I do if I forget the system password?
In case you forget the system password, you can erase the current configuration and restore factory defaults in three way.
10. How to use the Reset button?
11.What is SUA? When should I use SUA?
SUA (Single User Account) is a unique feature supported by Prestige router which allows multiple people to access Internet concurrently for the cost of a single user account.
When Prestige acting as SUA receives a packet from a local client destined for the outside Internet, it replaces the source address in the IP packet header with its own address and the source port in the TCP or UDP header with another value chosen out of a local pool. It then recomputes the appropriate header checksums and forwards the packet to the Internet as if it is originated from Prestige using the IP address assigned by ISP. When reply packets from the external Internet are received by Prestige, the original IP source address and TCP/UDP source port numbers are written into the destination fields of the packet (since it is now moving in the opposite direction), the checksums are recomputed, and the packet is delivered to its true destination. This is because SUA keeps a table of the IP addresses and port numbers of the local systems currently using it.
12. What is the difference between SUA and Multi-NAT?
SUA (Single User Account) in previous ZyNOS versions is a NAT set
with 2 rules, Many-to-One and Server. The Prestige 662HW now has Full Feature NAT
support to map global IP addresses to local IP addresses of clients or servers. With
multiple global IP addresses, multiple severs of the same type (e.g., FTP servers) are
allowed on the LAN for outside access. In previous ZyNOS versions that supported SUA
'visible' servers had to be of different types. The Prestige 662HW supports NAT sets on a
remote node basis. They are reusable, but only one set is allowed for each remote node.
The Prestige662HW supports 8 sets since there are 8 remote node. The default SUA (Read Only)
Set in menu 15.1.255 is a convenient, pre-configured, read only, Many-to-One mapping set,
sufficient for most purposes and helpful to people already familiar with SUA in previous
ZyNOS versions.
13. Is it possible
to access a server running behind SUA from the outside Internet? If possible, how?
Yes, it is possible because Prestige 662HW delivers the packet to the local server by looking up to a SUA server table. Therefore, to make a local server accessible to the outside users, the port number and the inside IP address of the server must be configured in Menu 15.2.1 - NAT Server Setup.
14. When do I need Multi-NAT?
When NAT is enabled the local computers are not accessible from outside. You can use
Multi-NAT to make an internal server accessible from outside.
Some servers providing Internet applications such as some mIRC servers do not allow
users to login using the same IP address. Thus, users on the same network can not login to
the same server simultaneously. In this case it is better to use Many-to-Many No Overload
or One-to-One NAT mapping types, thus each user login to the server using a unique global
IP address.
NAT supports five types of IP/port mapping. They are: One to One, Many to One, Many to Many Overload, Many to Many No Overload and Server. The details of the mapping between ILA and IGA are described as below. Here we define the local IP addresses as the Internal Local Addresses (ILA) and the global IP addresses as the Inside Global Address (IGA),
In One-to-One mode, the Prestige662 maps one ILA to one IGA.
In Many-to-One mode, the Prestige662 maps multiple ILA to one IGA. This is equivalent to SUA (i.e., PAT, port address translation), ZyXEL's Single User Account feature that previous ZyNOS routers supported (the SUA only option in today's routers).
In Many-to-Many Overload mode, the Prestige662 maps the multiple ILA to shared IGA.
In Many One-to-One mode, the Prestige662 maps each ILA to unique IGA.
In Server mode, the Prestige 662HW maps multiple inside servers to one global IP address. This allows us to specify multiple servers of different types behind the NAT for outside access. Note, if you want to map each server to one unique IGA please use the One-to-One mode.
The following table summarizes these types.
NAT Type | IP Mapping |
One-to-One | ILA1<--->IGA1 |
Many-to-One (SUA/PAT) | ILA1<--->IGA1 ILA2<--->IGA1 ... |
Many-to-Many Overload | ILA1<--->IGA1 ILA2<--->IGA2 ILA3<--->IGA1 ILA4<--->IGA2 ... |
Many One-to-One |
ILA1<--->IGA1 ILA2<--->IGA2 ILA3<--->IGA3 ILA4<--->IGA4 ... |
Server | Server 1 IP<--->IGA1 Server 2 IP<--->IGA1 |
16. How many network users can the SUA/NAT support?
The Prestige does not limit the number of the users but the number of the sessions. The
Prestige 662HW supports 1024 sessions that you can use the 'ip nat iface wanif0 st'
command in menu 24.8 to view the current active sessions.
17. What are Device filters and Protocol filters?
In ZyNOS, the filters have been separated into two groups. One group is called
'device filter group', and the other is called 'protocol filter group'. Generic
filters belong to the 'device filter group', TCP/IP and IPX filters belong to the
'protocol filter group'.
18. Why can't I configure device filters
or protocol filters?
In ZyNOS, you can not mix different filter groups in the same filter set.
19. How can I protect against IP spoofing attacks?
The Prestige's filter sets provide a means to protect against IP spoofing attacks. The basic scheme is as follows:
For the input data filter:
Filter rule setup:
Where a.b.c.d is an IP address on your local network and w.x.y.z is your netmask:
For the output data filters:
Filter rule setup:
Where a.b.c.d is an IP address on your local network and w.x.y.z is your netmask.
All contents copyright © 2002 ZyXEL Communications Corporation.