Tutorial: Allow UDP Multicast and IGMP to Pass Through

Abstract

Access Server transfers information by unicast. Follow these steps to change this and allow UDP multicast and IGMP to pass through.

Overview

This tutorial guides you through switching from unicast (Access Server's default data transfer) to allowing UPD multicast and IGMP. This is done with the configuration key, vpn.routing.allow_mcast.

Access Server blocks multicast or broadcast traffic. Follow these steps to lift that restriction.

Prerequisites

An installed Access Server.
Console access and the ability to get root access.

Step 1: Allow UDP multicast and IGMP to pass through

Connect to the console and get root privileges.
Switch to the scripts directory:
```
cd /usr/local/openvpn_as/scripts/
```

Allow UDP multicast and IGMP traffic to pass through:

./sacli --key "vpn.routing.allow_mcast" --value "true" ConfigPut
./sacli start

This setting implements these iptables rules on the VPN server, which is what allows the traffic to pass through:

ACCEPT udp   -- anywhere  base-address.mcast.net/4 udp
ACCEPT igmp  -- anywhere  anywhere
ACCEPT udp   -- anywhere  base-address.mcast.net/4 udp
ACCEPT igmp  -- anywhere  anywhere

To restore the default setting (and again restrict UDP multicast and IGMP traffic):
```
./sacli --key "vpn.routing.allow_mcast" ConfigDel
./sacli start
```

In this section:

Tutorial: Allow UDP Multicast and IGMP to Pass Through

Overview

Prerequisites

Step 1: Allow UDP multicast and IGMP to pass through

Search results