Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
560
Views
0
Helpful
5
Replies

ASA Multicast routing help please

ksherwood
Level 1
Level 1

‎03-11-2015 02:46 AM - last edited on ‎03-25-2019 05:55 PM by Community Manager

Hello all,

                 I have two ASA connected together and can't seem to get a multicast stream out the other end.

There are so many options I am confused on what to use.

 

Here is my network:           Source  --> outside-ASA1-inside  -->  ouside-ASA2-inside  -> destination

 

I want the stream to be seen on ASA2 inside but it doesn't get there !

What minimal commands do I need to effect this other than "multicast-routing" ?

 

Can someone please help me configure both ASA with source sending 224.1.1.1  (make up IPs on all interfaces)

 

Thanks in advance.
 

Labels:
0 Helpful
5 Replies 5

Andre Neethling
Level 4
Level 4

‎03-11-2015 02:59 AM

Do you have Access Rules allowing the Multicast traffic on both ASAs in both directions? Are you trying to enable something Specific like BGP? 

0 Helpful

ksherwood
Level 1
Level 1
In response to Andre Neethling

‎03-11-2015 03:55 AM

Hi Andre, I tried to simplify things first so I used "permit IP any any". No specific routing enabled, just the simple mcast stream required. So can you give me a quick template with made up addressing for both ASAs. I just need the minimal config to give me confidence to proceed.

Thanks.

0 Helpful

Andre Neethling
Level 4
Level 4
In response to ksherwood

‎03-11-2015 05:19 AM

Hi. Can you please post the config of both ASAs?

0 Helpful

Andre Neethling
Level 4
Level 4
In response to Andre Neethling

‎03-11-2015 02:17 PM

You can try to permit the entire Multicast range of 224.0.0.0/12 through all interfaces in both directions the stream will flow through. 

0 Helpful

ksherwood
Level 1
Level 1
In response to Andre Neethling

‎03-13-2015 01:46 AM

I've got this:

1st ASA

multicast-routing
!
interface GigabitEthernet0/0
 nameif outside
 security-level 0
 ip address 10.1.1.1 255.255.255.0
!
interface GigabitEthernet0/1
 nameif inside
 security-level 100
 ip address 192.168.10.1 255.255.255.0
!
access-list mcastallowed extended permit udp any host 239.1.1.1
access-group mcastallowed in interface outside
route inside 0.0.0.0 0.0.0.0 192.168.10.2 1

2nd ASA

multicast-routing
!
interface GigabitEthernet0/0
 nameif outside
 security-level 0
 ip address 192.168.10.2 255.255.255.0
 igmp join-group 239.1.1.1
!
interface GigabitEthernet0/1
 nameif inside
 security-level 50
 ip address 192.168.11.1 255.255.255.0
 igmp forward interface outside
!
access-list mcastallowed extended permit udp any host 239.1.1.1
access-group mcastallowed in interface outside
route outside  131.1.1.0 255.255.255.0 192.168.10.1 1

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card