Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
akileshc
Staff
Staff

Created on ‎04-16-2023 10:05 PM Edited on ‎03-17-2024 07:32 AM By Moderator

Article Id 252473

Technical Tip: How to forward the multicast packets with TTL=1 through a FortiGate

Description

By default, FortiGate firewalls drop multicast packets with a TTL (Time to Live) value of 1, which is a common value used for link-local multicast traffic.

This article describes how it is possible to configure the FortiGate to forward multicast packets with TTL=1.
Scope FortiGate.
Solution

When multicast-forward is enabled on a FortiGate firewall, it will forward multicast IP packets with a TTL value of 2 or higher, while reducing the TTL in the IP header by 1.


To allow multicast forward packet with TTL = 1, use the following option:

 

config system settings

set multicast-ttl-notchange enable

end

 

Note: When multicast-forwarding mode is selected, multicast-routing should be disabled. Follow the steps in the administration guide.
1779
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.