Hi everyone,

I noticed Multicast policy to control Multicast stream does not allow granular control for applications. For example, we want only UDP 1781 multicast stream should be allowed through FW. I do not see any command within Multicast Security policies, that will allow me to restrict flow based on UDP port numbers.

VERSION INFO:

FortiGate-VM64 # get system status Version: FortiGate-VM64 v6.2.0,build0866,190328 (GA)

Hostname: FortiGate-VM64 Operation Mode: NAT Current virtual domain: root Max number of virtual domains: 1 Virtual domains status: 1 in NAT mode, 0 in TP mode Virtual domain configuration: disable FIPS-CC mode: disable Current HA mode: standalone Branch point: 0866 Release Version Information: GA FortiOS x86-64: Yes System time: Sun Jan 26 04:23:32 2020

EXAMPLE:

config firewall multicast-policy edit 1 set srcintf "EXT" set dstintf "INT" set srcaddr "A" set dstaddr "all" next end

FortiGate-VM64 (1) # set protocol <integer> please input integer value 0: ANY 1: ICMP 2: IGMP 6: TCP 17: UDP 89: OSPF xx: Other

No option to define UDP port number.

Is there anyway I can define UDP port number and reference them to in Multicast Security Policy?

Thanks and have a good weekend!!