03-26-2010 01:36 PM - edited 03-11-2019 10:26 AM
We have an ASA5510 which we need send 12 Multicast through. I am using igmp join-groups on the OUTSIDE interface so that it will forward the packets. Occasionally we need to limit some of the groups because its private video. I have tried setting up outbound filters with the specific MC groups that I would like to deny out andt hen applying it to the interface, but it doesn't seem to have any effect. The only think I have found that works is either addign or removing the igmp join-group statements from the interface - which stops those groups from going outbound.
Is there anyway to use access-lists or filtering to restrict certain groups from being forwarded?
thank you
LMCO
03-26-2010 01:43 PM
Have you tried this?
igmp access-group acl
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/i1.html#wp1691964
-KS
03-26-2010 01:44 PM
yes I did try igmp access-list but - the static joins appeared to override it.
03-26-2010 02:26 PM
do hte ASA access-lists not filter any multicast packets? Does MC bypass the interface filters?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: