>
    Create an IPv4 MRoute
    Focus
    Download PDF
    Focus
    1. Home
    2. PAN-OS
    3. Advanced Routing
    4. Create an IPv4 MRoute
    Download PDF

    Create an IPv4 MRoute

    Table of Contents

    Create an IPv4 MRoute

    Create an mroute for IPv4 multicast on a logical router.
    Where Can I Use This?What Do I Need?
    • NGFW (Managed by Strata Cloud Manager)
    • NGFW (Managed by PAN-OS or Panorama)
    For cloud-managed NGFWs:
    The Advanced Routing Engine allows you to configure IPv4 multicast routing for a logical router. Recall that PIM checks whether the firewall received the packets on the same interface that the firewall uses to send unicast packets back to the source, by checking the unicast RIB.
    In a topology where you want unicast packets to take a different route from multicast packets, you can configure an mroute. An mroute is static unicast route that points to a multicast source; the mroute is stored in the multicast RIB (MRIB). PIM uses the mroute for the RPF checks, rather than using the unicast RIB for RPF checks. Whether PIM uses the MRIB or URIB for RPF checking depends on the RPF lookup mode configured for PIM. During RPF checks, the mroute used is the one with the longest prefix match.
    An mroute is useful, for example, when some devices along the path do not support multicast routing, so a tunnel is used to connect multicast routers.

    PAN-OS

    Create an mroute for IPv4 multicast on a logical router on a PAN-OS firewall.
    Create an mroute (static route) for IPv4 multicast on a logical router on a PAN-OS firewall.
    1. Configure a Logical Router.
    2. Select NetworkRoutingLogical Routers and select a logical router.
    3. Select Multicast and enable multicast protocol.
    4. Create an mroute.
      1. Select Static and Add an mroute by Name. The name must start with an alphanumeric character, underscore (_), or hyphen (-), and contain zero or more alphanumeric characters, underscore, or hyphen. No dot (.) or space is allowed.
      2. Enter the Destination (IPv4 Address/Mask or address object) of the mroute, which is the multicast source or subnet to which the firewall performs an RPF check.
      3. Select the egress Interface for the unicast route to the multicast source.
      4. Enter the IPv4 address (or address object) of the Next Hop router toward the source.
      5. Enter a Preference for the route; range is 1 to 255.
      6. Click OK.
    5. Click OK.
    6. Commit your changes.

    Strata Cloud Manager

    Create an mroute for IPv4 multicast on a logical router on Strata Cloud Manager.
    Create an mroute for IPv4 multicast on a logical router on Strata Cloud Manager.
    1. Select ConfigurationNGFW and Prisma Access.
    2. For Configuration Scope, select Folders and then select All Firewalls, a specific folder, or the specific firewalls you want to configure. (Don’t choose Global.)
    3. Select Device SettingsRoutingRouters and select the logical router you're configuring.
    4. Edit the Multicast card and Enable multicast.
    5. Create an IPv4 mroute.
      1. Select the Static tab and Add a static route.
      2. Enter a Name for the static route (mroute). The name contains a maximum of 63 alphanumeric, dot (.), underscore (_), or hyphen (-) characters.
      3. Enter the Destination (IPv4 address/mask or address object) of the mroute, which is the multicast source or subnet to which the firewall performs a reverse-path forwarding (RPF) check.
      4. Select the egress Interface for the unicast route to the multicast source.
      5. Enter the IPv4 address (or address object) of the Next Hop router toward the source.
      6. Enter a Preference for the route; the range is 1 to 255.
      7. Add the mroute.
    6. Update the static routes.
    7. Push Config and Push the configuration. Select the Admin Scope and enter a Description for the configuration. Select Push again.

    © 2025 Palo Alto Networks, Inc. All rights reserved.