03-26-2010 01:36 PM - edited 03-11-2019 10:26 AM
We have an ASA5510 which we need send 12 Multicast through. I am using igmp join-groups on the OUTSIDE interface so that it will forward the packets. Occasionally we need to limit some of the groups because its private video. I have tried setting up outbound filters with the specific MC groups that I would like to deny out andt hen applying it to the interface, but it doesn't seem to have any effect. The only think I have found that works is either addign or removing the igmp join-group statements from the interface - which stops those groups from going outbound.
Is there anyway to use access-lists or filtering to restrict certain groups from being forwarded?
thank you
LMCO
03-26-2010 01:43 PM
Have you tried this?
igmp access-group acl
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/i1.html#wp1691964
-KS
03-26-2010 01:44 PM
yes I did try igmp access-list but - the static joins appeared to override it.
03-26-2010 02:26 PM
do hte ASA access-lists not filter any multicast packets? Does MC bypass the interface filters?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide