I have configured in my firewall different tunnel GRE all managed by PIM dense mode. I would like to enable PIM only for some specific tunnel GRE and let the other use the normal delivery of multicast without PIM (forward enable). I tried to do that but when enable PIM multicast also the other tunnel GRE without multicast PIM do not deliver the multicast packet.
How can I create a mixed environment tunnell GRE with PIM and GRE without PIM to deliver multicast packet? Do you believe that using different VDOM this is possible? At the moment it seems that if I enable PIM multicast routing all the firewall has to be manage with PIM, I cant use different interface for this. I have a firewall Fortigate 600e with 6.4.7 build 1911 firmware.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello,
Thank you for your question. Yes, FortiGate does not allow mixing multicast forwarding and routing together. So in your case, as you suggested, VDOM will be the best solution, migrate interfaces to each vdom based on if you need forwarding or routing on that interface.
Hello,
One interface can be assigned to one vdom only. Sub-interfaces on physical interface, like Vlans, can be member of different vdoms.
Hello,
Thank you for your question. Yes, FortiGate does not allow mixing multicast forwarding and routing together. So in your case, as you suggested, VDOM will be the best solution, migrate interfaces to each vdom based on if you need forwarding or routing on that interface.
Hello Adrian, according to your last reply that has satisfied my question, kindly I would like to receive a further reply to a new my question with the same topic. Question is If the same interface of my firewall could be assigned to different VDOMs with different multicast methods by creating a sub-interface PIM and multicast forwarding. I have a group of node working with forwarding multicast and another group of node with PIM (dense or sparse is not important) but the physical interface connected to the WAN common is the same! Both the group of nodes working with GRE tunnels. I am not too much optimistic about a solution but I will try with your experience to have a reply. Thanks
Hello,
One interface can be assigned to one vdom only. Sub-interfaces on physical interface, like Vlans, can be member of different vdoms.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1634 | |
1063 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.