Hello team,
I'm trying to deny a traffic from outside to inside.
I have the multicast source directly connected to the router.
The pc which receives the flow is on a LAN which is reached via inside zone.
I only have two zones, inside and outside.
I can't see the flow in audit trail.
How can I deny multicast traffic from certain sources or to limited destinations?
I don't even know if this should be on the out-to-self or in out-to-in rules, I tried a few configurations but always works.
I haven't configured it to be permitted but the traffic is flowing.
This traffic is crossing the router with no problems.
Trying to do the same at in-to-out direction, I only could deny this traffic by denying pim and igmp traffic between the router with the source and the router with the destination.
What do I need is to deny traffic but only to certain multicast directions.
Is that possible?
This is the extract from the config:
parameter-map type inspect PM-MY-PM-VALUES
audit-trail on
max-incomplete low 800
one-minute low 300
udp idle-time 75
icmp idle-time 90
dns-timeout 60
tcp idle-time 90
tcp finwait-time 5
tcp synwait-time 3
tcp max-incomplete host 500 block-time 10
sessions maximum 200
log dropped-packets
class-map type inspect match-any CM-OUT2IN
match protocol icmp
match protocol sip
match access-group name ACL-OUT2IN
policy-map type inspect PM-OUT2IN
class type inspect CM-OUT2IN
inspect PM-MY-PM-VALUES
class class-default
drop log
zone-pair security ZP-OUT2IN source EXTERNAL-ZONE destination INTERNAL-ZONE
service-policy type inspect PM-OUT2IN
ip access-list extended ACL-OUT2IN
permit icmp any any