Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Multicast traffic not passing through from LAN to DMZ

Hi

I am experiencing one issue on ASA 5520 firewall with version 8.2(2).  There is a Server in LAN which sends the multicast traffic to DMZ network where in NAT is given for hiding real ip of  DMZ server and  further it forwards the multicast traffic to its clients at outside interface.

The issue is about multicast traffic not traversing from LAN interface to DMZ network. Eventhough we have allowed nonat entries from Sender and multicast ip, the traffic is not passing through at all. We have verified multicast routing is enabled on asa firewall and see the packet sent and receive response.

Can anyone  let me know  the reason of  blocking the multicast traffic from one interface to other interface

4 REPLIES
Cisco Employee

Re: Multicast traffic not passing through from LAN to DMZ

check this

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807631d2.shtml

this has server sitting on the outside, but it will give you pointers on what to look for, also it will tell you waht is supported and what is not

New Member

Re: Multicast traffic not passing through from LAN to DMZ

Hi Jathaval,

Thanks for your reply. I wanted to say something more on this. The multicast traffic was happening till last friday but on monday we found the issue on multicast traffic not passing between LAN and DMZ interface. There was no configuration changes done on firewall since Friday. All of sudden this problem raised and was able to capture IGMP traffic on Firewall. At last resort we did the reboot of firewall after which the multicast traffic found passing between LAN and DMZ firewall

we wish to know the reason behind it.  

IGMP Traffic Counters
Elapsed time since counters cleared: 06:47:00

                              Received     Sent
Valid IGMP Packets       32012        3981     
Queries                       2922         2910     
Reports                       28508        1066     
Leaves                        582          5        
Mtrace packets                0            0        
DVMRP packets                 0            0        
PIM packets                   0            0       

Errors:
Malformed Packets             0        
Martian source                0        
Bad Checksums                 0       

Cisco Employee

Re: Multicast traffic not passing through from LAN to DMZ

do you have any igmp debugs or captures collected on LAN and DMZ interface

New Member

Re: Multicast traffic not passing through from LAN to DMZ

Sorry we dont have debug information for IGMP. before recycling the firewall we took sh tech information of firewall. Is it useful now to find the reason for the problem?. If so,  what to search in sh logs information.

771
Views
0
Helpful
4
Replies