2 USG Flex50s, IPSec VPN with VTI and Multicast IPTV

Andr8174

Hello,

so my goal is to be able to watch my Multicast IPTV service which I pay for from my home to another location. For this, I purchased two Zyxel USG Flex50s. There is an article on the Zyxel site which I followed to the point and I set up the IPSec VPN with VTI, it connects, I can see multicast traffic in the IGMP Statistics but the STB is not connecting.

So basically the setup is in location 1 I have an ISP router where the IPTV comes in from and it’s VLANd on ports 3 and 4. So to my USG50, I have ISP Port 1 → USG50 WAN port for internet and ISP Port 4 → USG50 Port 5 (OPT). In Location 2, ISP Port 1 → USG50 WAN port for internet and then the IPTV STB in LAN1.

Can anyone please assist on configuration?

Zyxel_James

Hi @Andr8174 Yes, USGFLEX50 supports IGMP proxy IPSec VTI tunnel.

May I know your IGMP direction on WAN, LAN, VTI interfaces on both sides?

And did you see the IGMP traffic on the remote side?

Andr8174

https://community.zyxel.com/en/discussion/comment/57276#Comment_57276

So USGFlex50 #1: this is where the mutlicast stream comes in from the ISP router:

WAN: Downstream
LAN5/OPT port: Upstream
VTI: Downstream

USGFlex50 #2: where the STB is plugged in to LAN1 port to receive the stream

WAN: Upstream
LAN1: Downstream
VTI: Upstream

I followed the instructions in this article for the whole configuration but it does not seem to work:

https://support.zyxel.eu/hc/en-us/articles/360015684519-VPN-Configure-IPSec-to-Route-IGMP-Multicast-Traffic-over-VPN-Tunnel

There must be some other issue with routing or am I supposed to set an IP to the LAN ports on either side? The IP On USGFlex50 #1 is set to automatic and it gets some IP address 10.x.x.x which seems kind of strange.. I assume it is getting this IP address from the multicast server from the ISP router?

Andr8174

https://community.zyxel.com/en/discussion/comment/57276#Comment_57276

@Zyxel_James Have you seen my response? Any assistance?