In my home network I use a Cisco SG300 L3 switch to do my inter-vlan routing. The switch is great but it doesn’t do multicast routing, so I can’t get dlna to work between VLANs with it. Here’s where RouterOS has come in to my setup: I have set up RouterOS CHR on my ESXi host with interfaces on all of the VLANs that I want DNLA to be routed between, as well as an interface on my management VLAN. I installed the multicast package and enabled the interfaces in PIM and hey presto DLNA works between the VLANs.
What I want to achieve is the following:
-
The RouterOS instance isn’t able to route regular traffic; ideally I want to lock it down so it only routes DLNA for now (and other specific multicast traffic I may want in the future would have to be configured).
-
The UI is only available from the management VLAN interface, though with a default gateway configured as my SG300 so authorized hosts on other VLANs can still get to it
How do I achieve this? Using the Firewall package with some blanket "deny all"s and selectively add some rules to allow what I want?
Thanks