| Description |
This article explains how to configure multicast traffic forwarding on a FortiGate. Multicast enables efficient delivery of data to multiple recipients simultaneously using a single transmission stream. Multicast is commonly used in applications such as real-time video/audio streaming and IPTV. This feature allows forwarding multicast streams statically between the FortiGate interfaces from the multicast routers and sources to the multicast receivers; however, it is not intended for routing multicast traffic using dynamic multicast routing protocols.
Note: Enabling both multicast forwarding and multicast routing simultaneously on the same device or VDOM is not recommended. Multicast forwarding treats the traffic statically, while routing uses dynamic procol decisions such as reverse path forwarding (RPF) checks.
|
| Scope | FortiGate allowing multicast flow from a multicast router or source at port2 to a multicast receiver at port1. |
| Solution |
Step 1:
Enabling multicast forwarding
By default, Multicast Forwarding is enabled on FortiGate devices and the multicast-forward setting must be used to enable or disable multicast forwarding.
Enable multicast forwarding from CLI using the following commands: config system setting
set multicast-forward enable end Prevent the TTL for forwarded packets from being changed.
To preserve TTL values for forwarded multicast packets, use the multicast-ttl-notchange option. Enable it only if packets expire prematurely before reaching the multicast router.
config system settings set multicast-ttl-notchange enable end Step 2:
Configure the multicast policy.
In a multicast policy, the source interface refers to the interface where the multicast receiver—such as an IPTV box—is located, while the destination interface is where the multicast router or source resides. The multicast group(s) is selected in the destination field. From the GUI:
Navigate to Policy & Objects -> Multicast Policy -> Create New. Select the source and destination interfaces with the source and destination IP addresses. Note: If the Multicast tab is not seen then navigate to System -> Feature Visiblilty, and enable Multicast Policy. 
From the CLI:
config firewall multicast-policy
edit 1 set srcintf port1 set dstintf port2 set srcaddr all set dstaddr all next end |
Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Spring Badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPresence
- FortiPortal
- FortiProxy
- FortiRecon
- FortiSRA
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
- Fortinet Community
- Knowledge Base
- FortiGate
- Technical Note: Forwarding multicast traffic in NA...
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.