|
|
|
What can I do here?
Use this window to define multicast access restrictions for the interface. These restrictions specify multicast groups (addresses or address ranges) to allow or block.
|
Getting Here - Gateways & Servers > Select gateway > Edit > Network Management > Click the Expand button > Select an interface > Edit > Advanced |
A multicast enabled router forwards multicast datagrams from one interface to another. When multicast is enabled on a Security Gateway, you can define multicast access restrictions on each interface. These restrictions specify multicast groups (addresses or address ranges) to allow or block.
The enforcement is performed on outgoing multicast datagrams. Anti-spoofing makes sure that the source IP address of the packets entering an interface with multicast datagrams is performed on the multicast group address.
Gateway with per-interface multicast restrictions
When no restrictions for multicast datagrams are defined, multicast datagrams entering the gateway on one interface are allowed out of all others.
As well as defining a per-interface restrictions, a rule must also be defined in the Firewall Rule Base that allows multicast traffic and required services. The Destination of this rule must allow the required multicast groups.
VPN connections
Multicast traffic can be encrypted and sent across VPN links that are defined using multiple VPN tunnel interfaces (virtual interfaces associated with the same physical interface).
