How to restrict some eth ports of Zyxel GS2210-24 Switch to access limited Multicat IPs & UDP ports?

FAGHM
FAGHM Posts: 6
Friend Collector First Comment
edited August 2022 in Switch
Hi,
I have a personal network on which I have different network applications are running on different multicast IPs and UDP ports. I want to give an ONE WAY access to my Friend to some particular Multicast IPs and UDP ports.
But to secure my network and limit him not to access anything else on my network than allowed Multicast and UDP ports kindly how can a configure Zyxel GS2210-24 Switch ? 
My Network is: 192.168.30.XXX /24
Multicast IP to allow: 225.24.190.25 & 225.25.180.26
UDP ports to allow: 5015,5016,4011,4012  
ETH port : Any

I will be really grateful if someone could help me in simplified way. 

All Replies

  • Zyxel小編 Lucious
    Zyxel小編 Lucious Posts: 278  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    edited September 2020
    @FAGHM

    Welcome to Zyxel community.

    You can use ACL (Classifier + Policy Rule) to regulate ingress traffic of particular (source / destination) IP address, or even by L4 socket number in order to achieve the goal.

    Please find attached user guide page 171~184 for detail guide.
    Let us know if any question.

    Zyxel_Lucious

  • Thank you so much for your prompt response.

    I will be really grateful to you if you could simplify me this as per my given information. 

    For example which info goes to where ? 





  • Zyxel小編 Lucious
    Zyxel小編 Lucious Posts: 278  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    @FAGHM

    The concept should be to deny all incoming traffic except the specific ones you'd like to allow.
    I take UDP 5015&5016 port as example:

    Classifier:



    The "Deny all" classifier must be weight less than others.

    Policy Rule:




    Zyxel_Lucious
  • FAGHM
    FAGHM Posts: 6
    Friend Collector First Comment
    edited September 2020
    Thanks Zyxel_Lucious again for your prompt response, But I've different/less options available as compare to pictures you've shared in your last post. Kindly tell am I be able to configure it with these options? 
    Even I can't make deny all rule with these options :(

    One more important thing you forgot to answer. Kindly tell how to Restrict this Access Control to a Specific ETH port of the Switch ?




  • Zyxel_Derrick
    Zyxel_Derrick Posts: 126  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Hi @FAGHM

    Based on your screenshot of webGUI, I think you are using old firmware version.
    Please upgrade to the latest version than you can see the same webGUI.
    You can download the latest firmware in the link below:
    https://www.zyxel.com/support/DownloadLandingSR.shtml?c=gb&l=en&kbid=M-01748&md=GS2210-24
    For the specific ETH port, you can configure source port.
    Thanks

    Best regards,
    Zyxel_Derrick