Hello.
I think to accomplish the goal of allowing the host to access a limited range of hosts and ports you can use an ACL like the example below, just modifying it to the desired ports and addresses.
ip access-list extended “Remote-Hosts_and_Ports”
10 permit udp 192.168.10.10 255.255.255.255 10.10.10.10 255.255.255.255 eq XX
20 permit udp 192.168.10.10 255.255.255.255 10.10.10.20 255.255.255.255 eq XX
25 permit TCP 192.168.10.10 255.255.255.255 10.10.10.30 255.255.255.255 eq XX
30 permit TCP 192.168.10.10 255.255.255.255 10.10.10.40 255.255.255.255 eq XX
80 deny ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
And apply it to the desired port
#interface 11
ip access-group "Remote-Hosts_and_Ports" in
untagged vlan 1042
exit