- On HQ, go to Policy & Objects > Multicast Policy.
Create a new policy and allow the multicast traffic from the source interface to the tunnel.
- Create another multicast policy that allows multicast traffic from the tunnel to the LAN interface of the multicast server.
- Go to VPN > IPsec Tunnels and edit the VPN tunnel.
Select Convert To Custom Tunnel and add a Phase 2 Selector with 10.1.1.0/24 as the local address and 220.127.116.11/8 as the remote address.
- Enter the following CLI command to enable multicast forwarding.
config system settings
set multicast-forward enable