Description
Scope
Solution
Applications like Bonjour (used for airplay, airprint, apple TV), dynamic routing protocols, and video streaming use multicast traffic for communication. This knowledge article explains how to forward multicast traffic on a FortiGate device.
Scope
FortiGate v4.0 and above.
Solution
It is assumed that multicast traffic needs to be allowed from Port1 to DMZ.
Procedure
Step 1
Enable multicast forwarding from CLI using the following commands:
config system setting
set multicast-forward enable
set multicast-ttl-notchange enable
end
Step 2
Configure multicast policy for source and destination.
From GUI:
Navigate to Policy & Objects > Multicast > Create New. Select the source and destination interface with source and destination IP address.
Note: If the Multicast tab is not seen then Navigate to System > Config > Features. Enable Multicast policy to get it on the GUI.
From CLI:
config firewall multicast-policy
edit 1
set srcintf port1
set dstintf dmz
set srcaddr all
set dstaddr all
next
end
Procedure
Step 1
Enable multicast forwarding from CLI using the following commands:
config system setting
set multicast-forward enable
set multicast-ttl-notchange enable
end
Step 2
Configure multicast policy for source and destination.
From GUI:
Navigate to Policy & Objects > Multicast > Create New. Select the source and destination interface with source and destination IP address.
Note: If the Multicast tab is not seen then Navigate to System > Config > Features. Enable Multicast policy to get it on the GUI.
From CLI:
config firewall multicast-policy
edit 1
set srcintf port1
set dstintf dmz
set srcaddr all
set dstaddr all
next
end
