we have done multicast configuration and we are unable to receive multicast through firewall PA-3060. Also whenever we did add our LAN interface into multicast configuration “ other IP flood” critical threat gets started into that particular LAN as shown below. Kindly help me to resolved the same.
Scenario as below,
As per above scenario which interface should I add the RP typeae1.3013 or ae2.3 ..??
Should I increes the SYN alarm rate or disable the SYN in zone protection here? (IS THAT CORRECT?)
NOTE: we have PA-3060 modal with PAN-OS 8.0.16
Could you please provide your valuable suggestion here to fix an issue.
When we enabled our LAN interface to be part of multicasting other IP flood threats get started and same is drops in zone protection in critical category and which also spike up my data plane CPU by 10 %
Also we removed zone protection from LAN zone and enabled multicast , then our firewall goes on toss i.e. it disturb my CPU as well as other protocol like BGP.
In customer environment they have configured Dos policy from WAN to LAN zone, and also Zone protection profile for LAN zone as well as WAN zone ..?? (Is this a recomended way for using both Dos and Zone protection profile ?)
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!