Hello ... getting desparate ...

I've got BT Full Fibre (FFTP) and upload/download speeds are great ... BT Home Hub2 all working fine - including digital TV channels 399+

I want to utilise a Fotigate 60F as my firewall device as I have work-related subnets at home ... I havne't even started on them - this query is basic functionality ..!

I have read many post about using a 3rd party firewall device and I have a few configurations - all with the same result; I cant receive any of my digital channels ... general browsing, etc is still working fine, just digital TV channels.

I thought it was simply IGMP not being enabled on my Fortigate but it seems its a bit more involved.  I have psoed a similar quiestion on Fortigate's forum ... no response yet.

At its simplest here is where I am up to...

- Configure the BT Home Hub 2 as a simple "modem"

-- I achieved this by:

--- keep WAN port connected to ONT/modem

--- turning off wifi

--- turn off DHCP

--- configure IP as 192.168.1.254/255.255.255.0

--- configure port-forwarding to 192.168.1.253 ports 1.65535 TCP/UPD - (192.168.1.253 is my Fortigate)

--- configure firewall as "Disabled" 

On the Fortigate I have the BT Home Hub2 connected on the internal switch ports alongside my TV/Lounge ... all are on the same 192.168.1.0/24 subnet

The TV can "see" the internet all appears well - except I dont get any digital channels (399+)

At the Fortigate (FortiOS v6.4.4 build1803 (GA)) I have a Mulitcast Policy ALLOWing Protocol=IGMP for all interface on my "Home Network" ...  I have enabled SNAT  

At the FortiOS command line I have also enable igmp-snooping (or so I think!) ...

HUDFORTI001 # config system setting

HUDFORTI001 (settings) # set multicast-forward enable

HUDFORTI001 (settings) # set multicast-ttl-notchange enable

HUDFORTI001 (settings) # end

HUDFORTI001 #

... but is it going to be a lot more involved than that ..?

HUDFORTI001 # diagnose ip multicast status
PIM ON Assert: ON Socket in use: TRUE

HUDFORTI001 #

... do I need to setup an entire PIM Sparse Mode configuration with Rendezvous Points, etc etc ..?

... any help on this would be gratefully appreciated ... lots of head-scratching right now and dont want to go back to just the Smart Hub2 without the Fortigate - for many reasons !!!

Many thanks,

Charles K

For FTTP there is no modem within the Home Hub. The ONT performs that function. As the Fortigate is a router just connect it directly to the ONT and set up a PPPoE connection.

For multicast see HERE.

Hi @pippincp  ... 

I tried as suggested ... Internet up/downloads all working OK ...

ONT is plugged into "WAN1" port on Fortinet ... TV/lounge on port3 of "Internal" / Home network ...

I set my mulitcast policy as described ...

HUDFORTI001 # config firewall multicast-policy

HUDFORTI001 (multicast-policy) # show
config firewall multicast-policy
edit 1
set uuid 786d728e-6acb-51eb-5b7d-cd25a229c08b
set name "BT.IGMP.Allow.TV"
set logtraffic enable
set srcintf "wan1"
set dstintf "internal"
set srcaddr "all"
set dstaddr "all"
set protocol 2
next
end

HUDFORTI001 (multicast-policy) #

... I reset my set-top box ... checked for Software and Apps updates ... all OK.

Still getting IPC6023 errors for channel 399 and beyond ...

Any ideas ..?

I rather suspect you are in a minority of one with that device on here, you might get a better response on a Fortinet forum if there is one.