Thursday, April 4, 2019

Need Help with Multicast and VPN

Hey I need assistance. Maybe I am not thinking right about this issue or maybe there is something I haven't thought of yet.

I have an issue where I want to send multicast over a network, however I want to encrypt the multicast traffic. I also want to keep the multicast destination the same from the trust side to the untrust side, so this way I can allow the traffic to still flow to multiple sites simultaneously. I have access to both Juniper routers and a Cisco routers to solve this issue, so any thoughts will help.

My vision of how this would work is to encapsulate the original header information and add new header information while keeping the multicast destination the same.

Here is a visual representation of what I am after. https://imgur.com/a/4cPb5UL

The reason why is because we have security camera's around the campus, they output to an individual multicast address, I don't control what the security section purchases, so I have no influence there.

These cameras allow for the security team to see what is going on around the buildings at different locations.

I have more than one security section that is interested in the video, even though my image only depicts one.

So I have to allow for the traffic to flow to both sections simultaneously, it works today no issues, however if someone were to insert themselves somewhere and sniff the MCast traffic they would see the cameras. I would like to prevent this.

Any help?



No comments:

Post a Comment