How to restrict some eth ports of Zyxel GS2210-24 Switch to access limited Multicat IPs & UDP ports?
Freshman Member
Hi,
I have a personal network on which I have different network applications are running on different multicast IPs and UDP ports. I want to give an ONE WAY access to my Friend to some particular Multicast IPs and UDP ports.
But to secure my network and limit him not to access anything else on my network than allowed Multicast and UDP ports kindly how can a configure Zyxel GS2210-24 Switch ?
My Network is: 192.168.30.XXX /24
Multicast IP to allow: 225.24.190.25 & 225.25.180.26
UDP ports to allow: 5015,5016,4011,4012
ETH port : Any
I will be really grateful if someone could help me in simplified way.
I have a personal network on which I have different network applications are running on different multicast IPs and UDP ports. I want to give an ONE WAY access to my Friend to some particular Multicast IPs and UDP ports.
But to secure my network and limit him not to access anything else on my network than allowed Multicast and UDP ports kindly how can a configure Zyxel GS2210-24 Switch ?
My Network is: 192.168.30.XXX /24
Multicast IP to allow: 225.24.190.25 & 225.25.180.26
UDP ports to allow: 5015,5016,4011,4012
ETH port : Any
I will be really grateful if someone could help me in simplified way.
0
All Replies
-
@FAGHM
Welcome to Zyxel community.
You can use ACL (Classifier + Policy Rule) to regulate ingress traffic of particular (source / destination) IP address, or even by L4 socket number in order to achieve the goal.
Please find attached user guide page 171~184 for detail guide.
Let us know if any question.
Zyxel_Lucious
1 -
Thank you so much for your prompt response.
I will be really grateful to you if you could simplify me this as per my given information.
For example which info goes to where ?
0 -
@FAGHM
The concept should be to deny all incoming traffic except the specific ones you'd like to allow.
I take UDP 5015&5016 port as example:
Classifier:
The "Deny all" classifier must be weight less than others.
Policy Rule:
Zyxel_Lucious1 -
Thanks Zyxel_Lucious again for your prompt response, But I've different/less options available as compare to pictures you've shared in your last post. Kindly tell am I be able to configure it with these options?
Even I can't make deny all rule with these options
One more important thing you forgot to answer. Kindly tell how to Restrict this Access Control to a Specific ETH port of the Switch ?
0 -
Hi @FAGHM
Based on your screenshot of webGUI, I think you are using old firmware version.
Please upgrade to the latest version than you can see the same webGUI.
You can download the latest firmware in the link below:
https://www.zyxel.com/support/DownloadLandingSR.shtml?c=gb&l=en&kbid=M-01748&md=GS2210-24
For the specific ETH port, you can configure source port.
Thanks
Best regards,
Zyxel_Derrick
0
Zyxel Employee
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 142 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.6K Security
- 230 USG FLEX H Series
- 267 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 246 Service & License
- 385 News and Release
- 82 Security Advisories
- 28 Education Center
- 9 [Campaign] Zyxel Network Detective
- 3.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
