- Forums
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiAP
- FortiClient
- FortiADC
- FortiAnalyzer
- FortiBridge
- FortiAuthenticator
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiExtender
- FortiEDR
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiProxy
- FortiPortal
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiScan
- FortiSASE
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiWebCloud
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- RIP Multicast at wrong interface
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
RIP Multicast at wrong interface
Hello,
currently I' m trying to switch our network from static routes to RIP.
During configuration of our Fortigate cluster (FGT-310B A-P running FortiOS 5.0.7) I discovered that RIP multicasts (udp/520 packets to the destination 224.0.0.9) are sent out from port1, port3, port4 and several WiFi and VLAN interfaces, although I only enabled RIP at port1.
Here is a part of my config file:
config system settings
set multicast-forward disable
end
config router prefix-list
edit " allow_internal"
config rule
edit 1
set prefix 192.168.0.0 255.255.0.0
set ge 17
set le 32
next
end
next
end
config router rip
config distribute-list
edit 1
set listname " allow_internal"
set status enable
next
end
config interface
edit " port1"
set receive-version 2
set send-version 2
next
end
config network
edit 1
set prefix 192.168.0.0 255.255.0.0
next
end
config redistribute " connected"
set status enable
end
end
Maybe someone can help me to fix this.
Sincerely
Harald
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Harald,
the RIP interfaces are selected through the RIP network statement (192.168.0.0/16) in your case. If all your interfaces are in this range, that explain why you are sending the RIP updates through all your interfaces.
The " config interface" statement is used to select which RIP version should be used for send and received. This is not used for the selection of the RIP interface.
You can use the " passive-interface" configuration to disable RIP on unwanted interfaces that are selected by your network statement.
In your case:
config router rip
set passive-interface port3 port4 VLANxxx
end
Benoit
Related Posts
- VDOM configuration 144 Views
- S2S VPN Traffic from a 1GB... 281 Views
- 7.4.4 - IPSec - Route not... 203 Views
- How can I automatically block the... 508 Views
- Split Session sync / heartbeat 181 Views
Labels
-
fortigate
6,989 -
FortiClient
1,375 -
5.2
801 -
5.4
639 -
FortiManager
607 -
FortiAnalyzer
441 -
6.0
416 -
FortiAP
365 -
5.6
362 -
FortiSwitch
362 -
FortiClient EMS
285 -
FortiMail
271 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
170 -
6.4
128 -
FortiNAC
123 -
FortiGuard
111 -
IPsec
103 -
FortiGateCloud
92 -
SSL-VPN
92 -
FortiSIEM
91 -
FortiCloud Products
86 -
FortiToken
76 -
Customer Service
70 -
4.0MR3
64 -
Wireless Controller
63 -
FortiProxy
48 -
FortiADC
45 -
SD-WAN
43 -
Fortivoice
43 -
FortiEDR
42 -
FortiDNS
37 -
FortiExtender
36 -
FortiGate v5.4
35 -
FortiSandbox
33 -
FortiSwitch v6.4
32 -
Firewall policy
31 -
FortiAuthenticator
29 -
High Availability
28 -
VLAN
27 -
FortiConnect
24 -
FortiWAN
23 -
ZTNA
21 -
DNS
21 -
FortiConverter
21 -
BGP
19 -
FortiGate v5.2
19 -
SAML
18 -
FortiPortal
18 -
Certificate
18 -
FortiSwitch v6.2
17 -
LDAP
17 -
VDOM
16 -
FortiMonitor
14 -
Authentication
14 -
FortiLink
14 -
Interface
14 -
Logging
14 -
FortiGate v5.0
13 -
Routing
13 -
FortiDDoS
13 -
Fortigate Cloud
12 -
FortiCASB
12 -
RADIUS
11 -
NAT
11 -
SSL SSH inspection
10 -
Traffic shaping
10 -
Virtual IP
10 -
SSO
10 -
FortiRecorder
10 -
SSID
9 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
Application control
9 -
Web profile
9 -
4.0MR2
9 -
IP address management - IPAM
8 -
FortiBridge
8 -
WAN optimization
8 -
FortiGate v4.0 MR3
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
FortiAnalyzer v5.0
7 -
SNMP
7 -
Web application firewall profile
7 -
Admin
7 -
4.0
7 -
Security profile
6 -
Traffic shaping policy
6 -
IPS signature
5 -
Packet capture
5 -
Proxy policy
5 -
FortiAP profile
5 -
Automation
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
Antivirus profile
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
Web rating
4 -
3.6
4 -
FortiScan
4 -
trunk
4 -
Port policy
4 -
FortiDeceptor
3 -
Fortinet Engage Partner Program
3 -
FortiToken Cloud
3 -
Traffic shaping profile
3 -
FortiPAM
3 -
DoS policy
3 -
Email filter profile
3 -
FortiDB
3 -
Intrusion prevention
3 -
Protocol option
2 -
FortiInsight
2 -
NAC policy
2 -
System settings
2 -
Users
2 -
FortiAI
2 -
VoIP profile
2 -
FortiHypervisor
2 -
Fabric connector
2 -
Netflow
2 -
Multicast routing
2 -
4.0MR1
1 -
TACACS
1 -
Subscription Renewal Policy
1 -
Replacement messages
1 -
FortiCWP
1 -
FortiNDR
1 -
Schedule
1 -
SDN connector
1 -
Application signature
1 -
Authentication rule and scheme
1 -
FortiManager-VM
1 -
DLP sensor
1 -
Internet Service Database
1 -
Explicit proxy
1 -
Zone
1
Top Kudoed Authors
| User | Count |
|---|---|
| 1016 | |
| 841 | |
| 493 | |
| 440 | |
| 144 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.