I am getting the log below:
Deny udp src outside:192.168.20.11/21002 dst identity:239.224.20.7/1007 by access-group "outside_access_in"
The systems (192.168.20.11) sits on the outside port of the firewall and does the streaming to 239.224.20.7/1007.. In my ACL i allow the 192.168.20.0/24 and the 239.224.20.0/24 into the firewall to be accessed by our 192.168.200.0/24 and 192.168.2.0/24 networks.
I have a pim rp-address of an outside pim router that also has an access-list associated with it. This access-list allows 239.224.20.0/24 into the router.
I am assuming my ACL is incomplete and not sure why..Shouldn't my inside system requesting to join 239.224.20.0/24 feeds, pull the feeds from the outside? Or does that feed need to have access to the switch/router on the inside for the it to push the multicast through the firewall?
My work around right now is to allow any any through.. The is a standalone network so it has no internet access.. I will upload the firewall configuration also. Just note that I have done a lot of additional objects that will later allow me to lock down the firewall more.
Currently there is only one system on the outside of the firewall that will supply multicast streams but eventually we will have multiple systems with different subnets...