Multicast over site to site vpn using ASA's 5580

Unanswered Question
Mar 12th, 2010


Would any one know if it is possible to run multicast over a site to site vpn

I have the following setup

multicast source ---6500----asa-------site to site vpn----------asa-------6500------multicast clients

if so..... is there any fun and games i should look out for ?

Cheers for any info


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Lei Tian Fri, 03/12/2010 - 10:01

Hi Mark,

Ipsec doesnt support multicast, you can configure GRE on 6500 to encapsulate multicast traffic before the encryption.


Lei Tian

Federico Coto F... Fri, 03/12/2010 - 14:24


Like Letian said, the ASA's only support unicast traffic over IPsec.

You can run OSPF over the IPsec tunnel, but its because OSPF is passed as unicast.

If you need to pass multicast, terminating the VPN on the ASA is not an option, or using GRE on the router/switch to pases the mulsticast traffic

If you want to encrypt the traffic, the best choice is to configure GRE on the 6500 and IPsec on the ASAs.

In this way the ASA can encrypt the GRE packets using IPsec (Multicast will be carried in GRE).


andre.ortega Mon, 04/12/2010 - 10:04


is possible. You could configure L2TP + IPSec.

L2TP permit use of multicast.


Federico Coto F... Mon, 04/12/2010 - 10:33

Can you configure a Site-to-Site between two ASAs using L2TP over IPsec?

I've never seen it.


santoshvijapur Thu, 07/01/2010 - 12:26

Hi All,

I have similar requirment , I need to access multicast stream over RAS VPN client machine . please can you help me how to do it

I am having CIsco ASA 5540 VPN device ,


This Discussion

Related Content