- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Multicast through FortiGate firewall
Hello all! This is my first time working with Fortinet hardware, specifically a FortiGate firewall and I’ve hit a big roadblock. I’m on a massive time crunch and management is coming down on me hard to resolve it, so I’m hoping someone here might know the answer.
The long and short of it is, I have a webpage that operates in a closed network (no external network access, physically). This webpage displays a video feed that is put out from a camera via multicast and in that closed network, everything works great. Management says they want to now do a test to see how this website could be accessed on the internal company network. They’ve provided me a FortiGate 90G and said ‘make it work’. I’ve managed to get the webpage itself through the firewall using NAT and it is accessible on the corporate network.. but the video component isn’t coming through. The video player says it could not open the webRTC stream. So far, I have:
- Enabled advanced routing and multicast policy in the feature visibility menu
- Enabled multicast routing and configured a static RP using the IP of the WAN interface
- Created an interface in the multicast configuration using the WAN port to enable sparse mode IGMPv3
- Configured an allow any/any multicast policy (just to get the traffic to flow, will restrict further once I can get the video out) with log allowed traffic on (no logs have generated yet..)
As I’ve never used this before, I’m at a loss.. I have two days to figure it out and could really use the help of someone more experienced than me. Any help/suggestions would be EXTREMELY appreciated. Thanks so much in advance!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Greetings!
It seems like you are facing challenges with getting multicast video traffic to flow through a FortiGate firewall for a closed network webpage. Here are some steps you can take to troubleshoot and potentially resolve the issue:
1. Verify Multicast Routing Configuration: Double-check your multicast routing configuration to ensure that the settings are correctly applied. Make sure that the static rp is properly configured and matches the requirements of your network setup.
2. Check Multicast Policy: Review your multicast policy settings. Ensure that the policy is allowing the necessary multicast traffic to flow between the interfaces. Verify that the source and destination addresses are correctly defined.
3. Inspect Firewall Logs: Monitor the firewall logs to see if any multicast traffic is being blocked or allowed. This can help you identify if the traffic is reaching the firewall and how it is being handled.
4. Test Connectivity: Use tools like VLC Media Player to test multicast streaming within the closed network first to ensure the video feed works internally. This can help isolate if the issue lies within the firewall configuration.
Here are some article that can help:
