Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Uwe_Sommerfeld
New Contributor

Multicast /IGMP on Soho Device internal switch

Hi there is there any solution to the following scenario - the fortigate 60c/d internal interface transmits any multicast traffic on the local lan interfaces to every interface. A simple switch with igmp snooping can prevent multicast being sent to non-subscriber interfaces, however I don' t find any option for this on the fortigate. Is there a way to configure this? I don' t want multicast traffic spamming the interfaces...
2 REPLIES 2
emnoc
Esteemed Contributor III

The switch function of the fortigate is not like a real switch, so i' m sorry to say features like IGMP/PIM/DHCP snooping is probably not a feature present within the switch of the fortigate appliance. Did you search the Kb or pub on fortinet? You might want to re-architect your network to install a IGMP-enabled switch between the fortigate and LAN. You have a a few low-end models from HP and Cisco SBS 200 series that could do the job & offer igmp-snooping.

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Uwe_Sommerfeld
New Contributor

Hi Emnoc, the issue is (as always) with wireless bridging which is desirables for quite a few users. If multicast hits the internal interface I feel the wireless might get unusable in the situation. My goal was actually stupid enough (but only for testing & curiosity anyway). I have an IPTV setup at home and am at the point of plugging the IPTV into the Fortigate which is my only switch in the living room. the other rooms are connected through an IGMPv3 capable switch and are " protected" . Still it should be simple to listen for IGMP messages and enable / disable ports in my opiniont. multicast forwarding has all the IGMP logic built in and the ports are fake anyway. So the way to go is a) buy another switch or b) don' t do wireless bridging.
Labels
Top Kudoed Authors