Upnp; Chapter 22 Upnp; Upnp And Nat-Pmp Overview; Upnp And Nat-Pmp Commands - ZyXEL Communications ZYWALL USG Series Reference Manual
Security firewalls
Hide thumbs
Also See for ZYWALL USG Series:
- Application notes (187 pages) ,
- Application note (184 pages) ,
- User manual (150 pages)
Table of Contents
Advertisement
22.1 UPnP and NAT-PMP Overview
The ZyWALL / USG supports both UPnP and NAT-PMP to permit networking devices to discover each
other and connect seamlessly.
Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for
simple peer-to-peer network connectivity between devices. A UPnP device can dynamically join a
network, obtain an IP address, convey its capabilities and learn about other devices on the network.
In turn, a device can leave a network smoothly and automatically when it is no longer in use. A
gateway that supports UPnP is called Internet Gateway Device (IGD). The standardized Device
Control Protocol (DCP) is defined by the UPnP Forum for IGDs to configure port mapping
automatically.
NAT Port Mapping Protocol (NAT-PMP), introduced by Apple and implemented in current Apple
products, is used as an alternative NAT traversal solution to the UPnP IGD protocol. NAT-PMP runs
over UDP port 5351. NAT-PMP is much simpler than UPnP IGD and mainly designed for small home
networks. It allows a client behind a NAT router to retrieve the router's public IP address and port
number and make them known to the peer device with which it wants to communicate. The client
can automatically configure the NAT router to create a port mapping to allow the peer to contact it.
22.2 UPnP and NAT-PMP Commands
The following table lists the
command to enter the configuration mode before you can use these commands.
Table 80 ip upnp Commands
COMMAND
ip upnp
[no] bypass-firewall
activate
link-sticking outgoing
interface
{interface_name | all}
[no] listen-interface
interface_name
ZyWALL / USG (ZLD) CLI Reference Guide
C
HAPTER
commands. You must use the
ip upnp
DESCRIPTION
Enters the config-upnp sub-command mode to configure the UPnP or
NAT-PMP settings.
Allows traffic from UPnP-enabled or NAT-PMP-enabled applications to
bypass the firewall.
The no command has the firewall block all UPnP or NAT-PMP application
packets (for example, MSN packets).
Specifies through which WAN interface(s) you want to send out traffic
from UPnP-enabled or NAT-PMP-enabled applications.
If the WAN interface you specified loses its connection, the ZyWALL / USG
attempts to use the other WAN interface. If the other WAN interface also
does not work, the ZyWALL / USG drops outgoing packets from UPnP-
enabled or NAT-PMP-enabled applications.
Enables UPnP and/or NAT-PMP on an internal interface.
The no command disables UPnP and/or NAT-PMP on the interface.
2 2
UPnP
configure terminal
153
Hide quick links:
Advertisement
Table of Contents
