To Create or Modify a Multicast
PolicyMulticast policies permit multicast control traffic, such as IGMP or PIM messages, to cross NetScreen devices. Unlike firewall policies where you can specify either deny or permit as an action, the action in multicast policies is always permit. You cannot create a multicast policy to deny traffic to a particular source or group.
Multicast policies control the flow of multicast control traffic only. To allow data traffic (both unicast and multicast) to pass between zones, you must configure firewall policies.
To Create or Modify a Multicast
PolicyEnter the necessary information:
MGroup Address: The multicast group for which you want the NetScreen device to permit multicast control traffic. Select one of the following:
Any: Allows multicast control traffic for any multicast group.
Access List: The ID of the access list that defines the multicast group(s) that hosts can join.
IP/Netmask: The multicast group IP address and netmask.
Translated MGroup Address: The NetScreen device can translate a multicast group address in an internal zone to a different address on the egress interface. To translate a group address, you must specify both the original multicast address and the translated multicast group address in the multicast policy.
Bidirectional: Check this option to indicate that the multicast policy applies to both directions of traffic.
PIM Message: Check this option to indicate the multicast policy applies to one or both of the following Protocol-Independent Multicast (PIM) control messages:
BSR Static RP: Check this option to indicate the multicast policy applies to bootstrap messages and static-RP mappings.
Join/Prune: Check this option to indicate the multicast policy applies to join-prune messages.
IGMP Message: Check this option to indicate the multicast policy applies to Internet Group Management Protocol (IGMP) control messages.
Click OK to save the configuration.