Problem with multicast traffic
Dear sirs,
We have an m400 which we are trying to setup for multicast traffic from one server to be routed both locally and to a VPN. Multicast traffic has been enabled and one interface has been set as multicast. For this interface, the Rendezvous Point option has been enabled.
When the server connected directly to the multicast interface sends an RTP stream to a multicast IP (e.g. 239.3.3.1), traffic monitor says the following:
2023-07-25 14:21:31 Deny 192.168.0.147 239.3.3.1 1234/udp 10000 1234 Biblos Firebox udp flooding 792 128 (Internal Policy) proc_id="firewall" rc="101" msg_id="3000-0148"
I presumed that after enabling multicast and setting an interface as multicast, it would be possible to send data to a multicast address and connect a client to it for receiving the stream.
Am I mistaken about this? How can I proceed in order to have a multicast IP that can receive traffic?
Thank you!
Best regards,
gerardo.
Comments
"Drop UDP flood attacks" is an option in Default Threat Protection -> Default Packet Handling
About Default Packet Handling Options
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/intrusionprevention/default_pkt_handling_opt_about_c.html
It can be disabled or the value can be adjusted to meet your needs.