Port forwarding on Switch?

[AndrewPVI]

Hello, 

 

I need some assistance from some people with higher networking experience than I know. 

 

So I know from basic understanding a Router is used for routing requests and ports and a switch is just used for Vlan configuration, extension of the router, and directing Traffic packets. 

 

However, I have a recent project where we are doing multicast streaming using just a switch for a local hotel but the Multicast streamer uses the same Lan port for Web GUI management and for IPTV multicast streaming. Is it possible that there is a switch out there 24 or 50 ports that supports a routing table to block all request for port 86? 

 

So ports 1-49 cant access the login page, however port 50 on the switch(Management port) is the only one than can access port 86? Something like Port ACLs?

 

Is this possible or a form of this possible without using a router? 

 

Please let me know 

 

 

Thank you. 

 

Andrew 

 

 

[Radium_Angel]

41 minutes ago, AndrewPVI said:

Andrew 

I suspect expensive enough switches from Cisco would have that option in them, but the complexity and price will turn you off

[brwainer]

You say they use the same LAN port for both, but is it the same IP? Same VLAN? The device may support multiple virtual interfaces on the single physical port.

[AndrewPVI]

3 hours ago, Radium_Angel said:

I suspect expensive enough switches from Cisco would have that option in them, but the complexity and price will turn you off

I might have an option with Zyxel switch using Port ACL so I can specific Vlan 1 for all the IPTV traffic and no user can request to login to the unit on port 86 and then all request for port TCP 86 to go to Vlan 2. 

[AndrewPVI]

2 hours ago, brwainer said:

You say they use the same LAN port for both, but is it the same IP? Same VLAN? The device may support multiple virtual interfaces on the single physical port.

 

 

So the IP Streamer uses one Lan port for connecting to the Interface 192.168.1.13 which when you enter on the web browser prompts the user to log in. That same Lan port pushes out the Multicast traffic on the specific address and port assigned such as 224.2.2.2:1001. I wanted to use port ACL and set up two vlans. Vlan one allows all Multicast traffic to pass but denies any request to port 86. Zyxel said this is possible with Port ACL they offer. Then vlan 2 has full access to TCP port 86.

 

This is a strange application so I understand. Normally a router would provide this but being a single internal network with no router for internet for the Multicast decoding TVs at this hotel we had to come up with a different solution. 

 

Its the same concept as preventing any user from accessing the Switches configuration login in simple terms. 

 

According to this article from zyxel they send me it looks just like what I was needed...so we will see. 

 

https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=016012&lang=EN

 

 

[brwainer]

2 minutes ago, AndrewPVI said:

 

 

So the IP Streamer uses one Lan port for connecting to the Interface 192.168.1.13 which when you enter on the web browser prompts the user to log in. That same Lan port pushes out the Multicast traffic on the specific address and port assigned such as 224.2.2.2:1001. I wanted to use port ACL and set up two vlans. Vlan one allows all Multicast traffic to pass but denies any request to port 86. Zyxel said this is possible with Port ACL they offer. Then vlan 2 has full access to TCP port 86.

 

This is a strange application so I understand. Normally a router would provide this but being a single internal network with no router for internet for the Multicast decoding TVs at this hotel we had to come up with a different solution. 

 

Its the same concept as preventing any user from accessing the Switches configuration login in simple terms. 

 

According to this article from zyxel they send me it looks just like what I was needed...so we will see. 

 

https://kb.zyxel.com/KB/searchArticle!gwsViewDetail.action?articleOid=016012&lang=EN

 

 

You wouldn’t have two VLANs if the device itself doesn’t understand VLANs. But yes it looks like that switch’s ACLs are advanced enough that you can filter the way you are looking for.