New PPPoE features

New PPPoE features

PPPoE dynamic gateway support (397628)

Original design for PPPoE requires to configure a static gateway. Although it works in many scenarios, some customers require to add support for dynamic gateway for internet-service based routes.

No changes to the CLI neither to the GUI.

Support multiple PPPoE connections on a single interface (363958)

Multiple PPPoE connections on a single physical or vlan interface are now supported by the FortiGate. In addition the interface can be on demand PPPoE.

 

New PPPoE features                                            Support multiple PPPoE connections on a single interface (363958)

GUI

CLI

config system pppoe-interace edit <name> set dial-on-demand [enable|disable] set ipv6 [enable|disable] set device <interface> set username <string> set password <string>

set auth-type [auto|pap|chap|mschapv1|mschapv2] set ipunnumbered <class_ip>

set pppoe-unnumbered-negotiate [enable|disable] set idle-timeout <integer> set disc-retry-timeout <integer> set padt-retry-timeout <integer> set service-name <string> set ac-name <string>

Support multiple PPPoE connections on a single interface (363958)                                            New PPPoE features

set lcp-echo-interval <integer> set lcp-max-echo-fails <integer>

  • dial-on-demand- Enable/disable the dial on demand.feature l ipv6 – Enable/disable the use of IPv6. l device – The name of the physical interface.
  • username – User name for credentials l password – Password matching the above username l auth-type – The type of PPP authentication to be used.
  • auto – Automatic choice of authentication l pap – PAP authentication l chap – CHAP authentication l mschapv1 – MS-CHAPv1 authentication l mschapv2 – MS-CHAPv2 authentication
  • ipunnumbered – PPPoE unnumbered IP. l pppoe-unnumbered-negotiate – Enable/disable PPPoE unnumbered negotiation. l idle-timeout – Idle time in seconds before PPPoE auto disconnects. 0 (zero) for no timeout. l disc-retry-timeout – Timeout value in seconds for PPPoE initial discovery. 0 to 4294967295. Default = 1. l padt-retry-timeout – Timeout value in seconds for PPPoE terminatation. 0 to 4294967295. Default = 1.
  • service-name – PPPoE service name.) l ac-name – PPPoE AC name. l lcp-echo-interval – Interval in seconds allowed for PPPoE LCP echo. 0 to 4294967295. Default = 5.
  • lcp-max-echo-fails – Maximum number of missed LCP echo messages before disconnect. 0 to 4294967295. Default = 3.

Adding Internet services to firewall policies (389951)                                                                                           CLI

This entry was posted in FortiOS 5.6 on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.