Description |
This article describes how to configure multicast policies between interfaces that are members of the same zone. |
Scope |
FortiGate. |
Solution |
In FortiGate, a multicast policy is a configuration that controls the forwarding of multicast traffic. Multicast traffic is a type of communication where a single source sends data to multiple specified recipients simultaneously, but without broadcasting the data to all devices in the network. It's commonly used in scenarios like video conferencing, IPTV broadcasting, and other applications that require data to be sent to multiple recipients concurrently. The multicast policy in FortiGate performs several key functions:
Configure 'set intrazone allow' on the zone.
config system zon
Configure a multicast policy and use the source and destination interfaces as 'any', restricting the traffic using the source and destination address.
config firewall multicast-polic edit <> set logtraffic enable set srcintf "any" set dstintf "any" set srcaddr <SOURCE PREFIX> set dstaddr <DESTINATION PREFIX> end
Note: It is important to note that a multicast policy in FortiGate does not replace the need for proper multicast routing and group management configurations (like IGMP for group membership and PIM for multicast routing). Instead, the multicast policy works in conjunction with these protocols to provide a layer of security and control over the multicast traffic as it traverses the FortiGate appliance. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.