Fortinet black logo

Handbook

Multicast forwarding and FortiGate devices

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:90491
Download PDF

Multicast forwarding and FortiGate devices

In both transparent mode and NAT mode, you can configure FortiGate devices to forward multicast traffic.

For a FortiGate to forward multicast traffic, you must add FortiGate multicast security policies. Basic multicast security policies accept any multicast packets at one FortiGate interface and forward the packets out another FortiGate interface. You can also use multicast security policies to be selective about the multicast traffic that's accepted, based on source and destination address, and to perform NAT on multicast packets.

In the example in the next section, a multicast source on the marketing network with IP address 192.168.5.18 sends multicast packets to the members of network 239.168.4.0. At the FortiGate, the source IP address for multicast packets originating from workstation 192.168.5.18 is translated to 192.168.18.10. In this example, the FortiGate isn't acting as a multicast router.

Multicast forwarding and FortiGate devices

In both transparent mode and NAT mode, you can configure FortiGate devices to forward multicast traffic.

For a FortiGate to forward multicast traffic, you must add FortiGate multicast security policies. Basic multicast security policies accept any multicast packets at one FortiGate interface and forward the packets out another FortiGate interface. You can also use multicast security policies to be selective about the multicast traffic that's accepted, based on source and destination address, and to perform NAT on multicast packets.

In the example in the next section, a multicast source on the marketing network with IP address 192.168.5.18 sends multicast packets to the members of network 239.168.4.0. At the FortiGate, the source IP address for multicast packets originating from workstation 192.168.5.18 is translated to 192.168.18.10. In this example, the FortiGate isn't acting as a multicast router.