Portforwarding on a zyxel device using the ZynOS cli

March 29, 2010

Due to a change of jobs, my xDSL connection was terminated today. Luckily I have other means of Inet access, but given that I run my own server I needed some portforwarding in order to be a happy camper.

Getting access to the router using telnet was easy.

telnet 10.0.0.1 23023

It was harder (hence this post) to figure out to do port forwarding. Basic stuff first. What version of ZynOS?

ras> sys version

 ZyNOS version: V3.40(AHX.4) | 05/02/2008
 romRasSize: 1407100
 system up time:Â Â  513:16:29 (b0380b6 ticks)
 bootbase version: V1.06 | 1/20/2006

Using help I figure out that I needed to go for the ip section

ras> help
Valid commands are:
sysÂ Â Â Â Â Â Â Â Â Â Â Â  exitÂ Â Â Â Â Â Â Â Â Â Â  etherÂ Â Â Â Â Â Â Â Â Â  wan
ipÂ Â Â Â Â Â Â Â Â Â Â Â Â  bridgeÂ Â Â Â Â Â Â Â Â  lan

But then I was lost

ras> ip
addressÂ Â Â Â Â Â Â Â  aliasÂ Â Â Â Â Â Â Â Â Â  aliasdisÂ Â Â Â Â Â Â  arp
dhcpÂ Â Â Â Â Â Â Â Â Â Â  dnsÂ Â Â Â Â Â Â Â Â Â Â Â  httpdÂ Â Â Â Â Â Â Â Â Â  icmp
ifconfigÂ Â Â Â Â Â Â  pingÂ Â Â Â Â Â Â Â Â Â Â  routeÂ Â Â Â Â Â Â Â Â Â  smtp
statusÂ Â Â Â Â Â Â Â Â  udpÂ Â Â Â Â Â Â Â Â Â Â Â  ripÂ Â Â Â Â Â Â Â Â Â Â Â  tcp
telnetÂ Â Â Â Â Â Â Â Â  tftpÂ Â Â Â Â Â Â Â Â Â Â  tracerouteÂ Â Â Â Â  xparent
tredirÂ Â Â Â Â Â Â Â Â  backupÂ Â Â Â Â Â Â Â Â  mcastChanÂ Â Â Â Â Â  igmp
policyrouting

Where was the portforward section?? I litteraly used an hour figuring out what to do. It turns out, that it is a leap of faith kind of thing:

ras> ip nat
hashTableÂ Â Â Â Â Â  serverÂ Â Â Â Â Â Â Â Â  serviceÂ Â Â Â Â Â Â Â  resetport
incikeportÂ Â Â Â Â  sessionÂ Â Â Â Â Â Â Â  addrmapÂ Â Â Â Â Â Â Â  AOL-version9

Lo and behold, it is all there The rules are ordered in sets, where you edit a given rule in a set. When you get hold of the syntax it is actually quite easy

ras> ip nat server disp
Server Set: 1

RuleÂ Â Â Â Â Â Â Â  nameÂ Â Â Â Â Â Â Â Â Â Â Â  Svr P RangeÂ Â Â  Server IPÂ Â Â Â Â Â  LeasedTime
 ActiveÂ  protocolÂ Â Â Â  Int Svr P RangeÂ Â Â  Remote Host IP Range
--------------------------------------------------
 1 DMZÂ Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â  defaultÂ Â Â Â Â Â Â Â Â Â Â Â  0.0.0.0Â Â  0
 NoÂ Â Â Â Â  ALLÂ Â Â Â Â Â Â Â Â Â Â Â Â Â  0 - 0Â Â Â Â Â Â Â Â Â Â Â Â Â  0.0.0.0 - 0.0.0.0
 2 WWWÂ Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â  80 - 80Â Â Â Â Â Â Â Â Â Â Â  10.0.0.5Â Â  0
 YESÂ Â Â Â Â  ALLÂ Â Â Â Â Â Â Â Â Â Â Â Â Â  0 - 0Â Â Â Â Â Â Â Â Â Â Â Â Â  0.0.0.0 - 0.0.0.0

Then you load a set, edit the rules and write the set. Eg

# Load set 1
ras> ip nat server load 1
#edit rule 2
ras> ip nat server edit 2 forwardip 10.0.0.5
# save set 1
ras> ip nat server save

All done.

admin on The old king is dead (NAD 3020i) ….August 5, 2014
Hi Rasmus Thanks a lot! The C356BEE is a huge upgrade over the 3020i. It has plenty og power and…
regj on The old king is dead (NAD 3020i) ….August 5, 2014
Had my eyes on the C356BEE as well. Bought a used Lyngdorf SDAI 2175 (now discontinued), which has a serial…
admin on End user review of Bluesound NodeAugust 4, 2014
Hi It does not support NFS shares using the webinterface. The Bluesound is not your average media player. It is…
Ahenry on End user review of Bluesound NodeAugust 1, 2014
Does the Bluesound support NFS shares? Did you determine which media player it was using?
Stelios Mavromichalis on Configuring and using the BMC on an IBM eServer 326.May 19, 2014
i just can’t thank you enough for this post. so i will just say: thank! you! best, /mstelios

Weblog – Thomas S. Iversen

Portforwarding on a zyxel device using the ZynOS cli

Leave a Reply Cancel reply