Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
536
Views
0
Helpful
4
Replies

Pix 7.0.2 multicast configuration

pviennet
Level 1
Level 1

‎08-01-2005 12:25 PM - edited ‎02-21-2020 12:18 AM

I have to implement the following config:

Multicast Source inside -> Pix -> outside

I need to be able to forward multicasts from a transmission source on the inside through the pix outside interface.

In earlier version (6.3) I would have done the following config:

multicast interface outside

multicast interface inside

mroute 1.1.1.1 255.255.255.255 inside 224.64.64.128 255.255.255.255 outside

What would be the equivalent config in version 7.0.2?

Thx for your response.

Regards,

Pierre Viennet

pviennet@ib-group.com

0 Helpful
4 Replies 4

rsmith
Level 3
Level 3

‎08-01-2005 12:48 PM

Global config: "multicast-routing"

Int eth0 (outside?)

ip pim (may be enabled by default when the global command is entered)

ip igmp (same as above)

igmp join-group 224.64.64.128 (if needed)

(enter on inside interface (eth1?) also, very similar to Cisco Router IOS commands)

0 Helpful

pviennet
Level 1
Level 1
In response to rsmith

‎08-01-2005 01:18 PM

Ok, just saw the multicast-routing command...

Pim and igmp are enabled by default...

Let me know what you think about the following?

multicast-routing

!

interface Ethernet0

nameif outside

security-level 0

ip address 172.16.8.173 255.255.255.0

igmp static-group 224.64.64.128

!

interface Ethernet1

nameif inside

security-level 100

ip address 1.1.1.1 255.255.255.0

!

!

mroute 1.1.1.1 255.255.255.255 inside

Regards,

Pierre V.

0 Helpful

rsmith
Level 3
Level 3
In response to pviennet

‎08-01-2005 01:29 PM

Your inside IP address and Multicast source have the same IP address.

I do not think you need the mroute command, since the multicast is being routed by the PIX (I do not have them anymore). (be sure to turn OFF PIM and igmp on any interfaces not needing multicast, save some processing power, ram, etc.)

Otherwise, all I can say is test it to see if it works!.

0 Helpful

MariaMaggio
Level 1
Level 1

‎08-31-2005 01:08 AM

Hi Pierre,

I have a problem and I think you can help me.

I want to realize your same configuration:

Multicast Source inside -> Pix -> outside

and I use a Firewall Pix with version 6.3.

The difference is that between inside and outside there isn't only the PIX but university subnet too.

In my Pix I applied the following commands:

multicast interface outside

igmp access-group outside_multicastACL

igmp join-group 233.0.73.29

igmp join-group 233.0.73.30

multicast interface inside

igmp forward interface outside

igmp access-group inside_multicastACL

igmp join-group 233.0.73.29

igmp join-group 233.0.73.30

mroute 1.0.0.8 255.255.255.255 inside 233.0.73.29 255.255.255.255

If I join to the group a computer of the univerity through a VPN all is ok, but if the computer is at my home and I connect it through a VPN the multicast stream doesn't arrive.

What do you think?

Is it possible for you this is caused by another university firewall?

I hope I'm successful to explain the situation.

Regards.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card