Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

VMG1312-B10A: CLI: Difference between revisions

clean up
(Created page with "=CLI Tips= ? Show the list of commands Category:ZyXEL_VMG1312")
 
(clean up)
 
(13 intermediate revisions by 2 users not shown)
=CLI Tips=
 
The ZyXEL VMG1312 has a web interface and a Command Line Interface (CLI). The CLI can be reached by telnet or ssh. Usually the CLI is not needed to be used as most of the config changes can be done from the Web interface. However, here are some useful commands for the CLI.
 
== Show the list of commands ==
?
Show the list of commands
 
There are extra commands that are not shown in that list, e.g. ifconfig, top, and ps.
 
The firewall can be examined/controlled using the unlisted 'iptables' command (known to Linux users):
 
> iptables -nvL
Chain INPUT (policy ACCEPT 74 packets, 16446 bytes)
pkts bytes target prot opt in out source destination
10946 1726K LAN_ONLY_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
10946 1726K DOS_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
10946 1726K ACL_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
10946 1726K FW_GENERAL_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
4836 524K SERVICE_CONTROL all -- * * 0.0.0.0/0 0.0.0.0/0
289 75333 OTHER_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
215 58887 DROP all -- !br+ * 0.0.0.0/0 0.0.0.0/0
...
 
But frustratingly the 'ip6tables' command is not available for examining/controlling the IPv6 firewall.
The 'ip6tables' command is available from the shell prompt, but AAISP's config means getting a shell prompt is a little complicated.
 
== Show running processes and CPU/memory information ==
top
or
ps
 
 
== Change LAN address to be 192.168.100.1 ==
lan config --ipaddr primary 192.168.100.1 255.255.255.0
Note: Check your DHCP settings when changing the LAN address, the DHCP range may well change itself when you change the LAN address this way anyway.
 
=SSH access=
The ssh daemon on the ZyXEL is provided by 'dropbear', and (at least on AAISP's standard firmware) is an antique version dating from July 2005 and which only offers one key-exchange algorithm (diffie-hellman-group1-sha1), an algorithm which is no longer considered secure and might not be used automatically by clients.
 
The workaround is to manually specify their only available algorithm. E.g. for an openssh client:
ssh -o KexAlgorithms=diffie-hellman-group1-sha1 admin@192.168.1.1
 
[[Category:ZyXEL_VMG1312ZyXEL VMG1312-B10A]]
editor
698

edits