Configuring Acceptable Groups (NSM Procedure)
You can create access lists to identify the acceptable sources, multicast groups, and RPs, and then configure the virtual router to accept PIM messages only from those specified in the access lists.
To configure acceptable groups on the virtual router:
- In the NSM navigation tree, select Device Manager > Devices. Double-click the device icon to open the device configuration.
- Configure the virtual router for PIM-SM:
In the device navigation tree, select Network > Virtual Router.
Double-click the virtual router in which you are configuring a PIM-SM instance. The General Properties screen appears.
In the virtual router navigation tree, select Dynamic Routing Protocol.
Select the Configure PIM-SM check box. PIM-SM configuration options now appear in the virtual router navigation tree under Dynamic Routing Protocol.
In the virtual router navigation tree, select Dynamic Routing Protocol > PIM-SM > Acceptable Groups.
Select the access list that identifies the permitted multicast group(s).
In the Group Specific Access Policies area, click the Add icon to map a multicast group to access lists. The Multicast Group IP dialog box appears.
Enter the IP address of the multicast group for which you created access lists for permitted RPs and permitted sources.
Select the ID of the access list that identifies the permitted RP(s). The device drops traffic for the multicast group if the traffic is from an RP that is not on the access list.
Select the ID of the access list that identifies the permitted source(s). This prevents unauthorized sources from sending data into your network. When you use this feature, the device drops multicast data from sources not in the list.
- Click OK to save the new Multicast Group IP.
- Click OK to save your changes to the virtual router, and then click OK again to save your changes to the device configuration.