Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
861
Views
0
Helpful
2
Replies

ASA Site to Site VPN w/VTI Multicast Issues

Mike Wagner
Level 1
Level 1

‎08-25-2019 09:22 PM

Hi All,

 

We have a site-to-site routed (not policy based) VPN.  One side is an ASA 5506 and the other side is a Palo Alto.  We're having issues passing multicast traffic.  I've set the Palo Alto as the RP.  The ASA doesn't seem to want to send join requests over the tunnel.  When I do a debug pim, this is what I get (HRVPN is the tunnel interface name).

IPv4 PIM: (*,239.0.8.1) Processing Periodic Join-Prune timer
IPv4 PIM: (*,239.0.8.1) J/P processing
IPv4 PIM: (*,239.0.8.1) Periodic J/P scheduled in 50 secs
IPv4 PIM: (*,239.0.8.1) J/P adding Join on HRVPN
IPv4 PIM: Sending J/P to an invalid neighbor: HRVPN 10.202.23.1

 

Any help is much appreciated! 

 

Thanks,

 

-Mike

 

Labels:
0 Helpful
2 Replies 2

pieterh
VIP
VIP

‎08-26-2019 05:27 AM - edited ‎08-26-2019 05:30 AM

is the uplink configured in a redundant configuration with HSRP?

The ASA's routing table points to the HSRP IP 10.0.0.1 as the next-hop device:
ciscoasa# sh run route route outside 0.0.0.0 0.0.0.0 10.0.0.1 1
However, the PIM neighbor relationship is formed between the physical interface IP addresses of the routers, and not the HSRP IP:

0 Helpful

Mike Wagner
Level 1
Level 1
In response to pieterh

‎08-26-2019 05:30 AM

No HSRP in this scenario :(  

 

I can't imagine what else would generate that error.  I may see about generating some packet captures.

0 Helpful
Customers Also Viewed These Support Documents