FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
By default, FortiGate firewalls drop multicast packets with a TTL (Time to Live) value of 1, which is a common value used for link-local multicast traffic.
This article describes how it is possible to configure the FortiGate to forward multicast packets with TTL=1.
Scope
FortiGate.
Solution
When multicast-forward is enabled on a FortiGate firewall, it will forward multicast IP packets with a TTL value of 2 or higher, while reducing the TTL in the IP header by 1.
To allow multicast forward packet with TTL = 1, use the following option:
config system settings
set multicast-ttl-notchange enable
end
Note: When multicast-forwarding mode is selected, multicast-routing should be disabled. Follow the steps in the administration guide.
