Enable PIM on the Firewall, Firewall Cluster, or Virtual Firewall
You must enable PIM for the Firewall, Firewall Cluster, or Virtual Firewall in the Engine Editor.
For more details about the product and how to configure features, click Help or
press F1.
Steps
-
Select
Configuration.
- Right-click an engine, then select Edit <element type>.
- In the navigation pane on the left, browse to .
- From the Multicast Routing Mode drop-down list, select PIM.
- If you do not want to use the default PIM Profile, select another PIM Profile element from the PIM Profile drop-down list.
- (Optional, PIM-SM only) Expand the Bootstrap Settings section, then modify the settings.
-
Click
Save.
Next steps
You are now ready to add a PIM Interface Settings element to the engine on the Routing branch.
Engine Editor > Routing > Multicast Routing
Use this branch to define static multicast, IGMP-based multicast forwarding, or PIM dynamic routing. Only IPv4 addresses are supported.
| Option | Definition |
|---|---|
| Multicast Routing Mode | Specifies how the NGFW Engine routes multicast traffic.
|
| Option | Definition |
|---|---|
| When Multicast Routing Mode is Static Click Add to add a row to the table, or Remove to remove the selected row. |
|
| Source Interface | Select the interface to use for multicast routing. |
| Source IP Address | Enter the unicast IP address of the multicast source. |
| Destination IP Address | Enter the multicast destination IP address. The destination address must be within the multicast range of 224.0.0.0 to 239.255.255.255. |
| Destination Interface | Right-click Destination Interface, then select Edit Destination Interface to select the interfaces where you want this multicast traffic forwarded. |
| Comment (Optional) |
A comment for your own reference. |
| Option | Definition |
|---|---|
| When Multicast Routing Mode is IGMP Proxy | |
| Upstream Interface | Select the interface to use as the upstream interface. If the multicast servers and the hosts are in the local networks, or if you want to limit the multicast to the local networks, it is not necessary to define the upstream interface. In that case, leave Not Set selected. |
| Upstream IGMP Version | Select the IGMP version according to the upstream network environment. The default IGMP version is version 3. |
| Downstream Interfaces table Click Add to add a row to the table, or Remove to remove the selected row. |
|
| Interface | Select the downstream interfaces. |
| IGMP Querier Settings | Select an IGMP Querier Settings element according to the downstream network environment. The element defines the IGMP version and query parameters. |
| Option | Definition |
|---|---|
| When Multicast Routing Mode is PIM | |
| PIM Profile | Select a PIM Profile to use. The profile contains the multicast groups and determines the PIM mode that is used. |
| Multicast Routing Preference | Note: This option is not supported in this version of Forcepoint NGFW.
The routing table is used to specify reverse path forwarding (RPF) information whenever multicast traffic from source addresses uses a different path than
unicast traffic from the same source address.
|
| Bootstrap Settings — see RFC 5059 for more information. | |
| RP Candidate | If you want to use the firewall as a rendezvous point (RP) candidate, select an IP address. Otherwise, select Not a Candidate. |
| RP Priority | Enter a value for the RP priority. |
| Multicast Groups | Add the multicast IPv4 networks for which the firewall acts as an RP candidate. Click Add to add a row to the table, or Remove to remove the selected row. |
| BSR Candidate | If you want to use the firewall as a bootstrap router (BSR) candidate, select an IP address. Otherwise, select Not a Candidate. |
| BSR Priority | Enter a value for the BSR priority. |