Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
818
Views
0
Helpful
8
Replies

Multicast on FWSM

img
Level 1
Level 1

‎08-13-2007 04:04 AM - edited ‎03-11-2019 03:56 AM

HI,

I am testing my FWSM for Multicast support.

i have made a test set-up..

The Multicast sendor is in "inside"(VLAN 10) & reciever is in "outside"(VLAN 203).

Both the interfaces are not created on MSFC. its only L2 Vlan on 6509E switch.

I tried all my normal application works but multicast is not working though i have configured following on FWSM:

multicast-routing

interface Vlan10

nameif inside

security-level 100

ip address 5.5.5.3 255.255.255.0

igmp join-group 239.255.1.1

pim

interface Vlan203

nameif outside

security-level 0

ip address 6.6.6.1 255.255.255.0

igmp join-group 239.255.1.1

pim

access-list ins_out extended permit ip 5.5.5.0 255.255.255.0 6.6.6.0 255.255.255.0 log debugging

access-list ins_out extended permit ip 5.5.5.0 255.255.255.0 224.0.0.0 240.0.0.0 log debugging

access-list outside_access_in extended permit ip 6.6.6.0 255.255.255.0 5.5.5.0 255.255.255.0 log debugging

access-list outside_access_in extended permit ip 6.6.6.0 255.255.255.0 224.0.0.0 240.0.0.0 log debugging

static (inside,outside) 5.5.5.0 5.5.5.0 netmask 255.255.255.0

access-group ins_out in interface inside

access-group outside_access_in in interface outside

end

Please suggest the problem & workaround.

Thanks in advance!

regards

IMG

Labels:
0 Helpful
8 Replies 8

img
Level 1
Level 1

‎08-13-2007 04:09 AM

I am not getting any log on syslog related to igmp query & reponse neither any hit from sending host not receiving host.

Please suggest what is pending ?

Thanks

IMG

0 Helpful

rigoberto.cintron
Level 1
Level 1
In response to img

‎08-13-2007 12:38 PM

Which software version r u running?

0 Helpful

img
Level 1
Level 1
In response to rigoberto.cintron

‎08-13-2007 07:45 PM

FWSM Version 3.2

0 Helpful

zubairjalal
Level 1
Level 1

‎08-13-2007 10:52 PM

Hi.

I think the problem lies in the ACL. Please change the ACL so that it points to specific multicast address..

access-list ins_out extended permit ip 5.5.5.0 255.255.255.0 host 239.255.1.1 log debugging

0 Helpful

img
Level 1
Level 1
In response to zubairjalal

‎08-14-2007 01:40 AM

239.255.1.1 is the multicast address i am using..

0 Helpful

rigoberto.cintron
Level 1
Level 1
In response to img

‎08-14-2007 05:06 AM

I don't think the acl is the problem, 224.0.0.0/4 cover the 239.255.1.1.

What I'll try is just make sure that igmp is enable in the necessary interfaces but don't use the join option.

0 Helpful

img
Level 1
Level 1
In response to rigoberto.cintron

‎08-14-2007 05:16 AM

Thanks for replying!

I removed the igmp group command still not working :)

is there any thing i need to do on 6509 ?

note: there is no vlan interface on MSFC as these are L2 vlan on switch & SVI ips are used as Gateway for the computers's connected in these vlans.

please suggest !

Thanks in advance!

0 Helpful

rigoberto.cintron
Level 1
Level 1
In response to img

‎08-14-2007 06:11 AM

What is the output of

sh igmp groups

sh igmp interfaces

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card