FortiWAN Configurations for a WAN link in Brideg Mode: PPPoE

Configurations for a WAN link in Brideg Mode: PPPoE

[Bridge Mode: PPPoE] is used for PPPoE WAN link (ISP provides dynamic or static IP addresses via PPPoE). In

[Basic Settings], you shall configure upstream and downstream, user name, password and service name given by ISP. Left [IP Address] blank if you are assigned an dynamic IP address; otherwise, enter your static IP address. Select an FortiWAN WAN port to which PPPoE ADSL Modem is connected, e.g. port1. Checks [Redial Enable] to enable redial. As some ISPs automatically reconnect to the network within a certain time interval, [Redial Enable] will avoid simultaneous redialing of WAN links, which properly staggers WAN redial time. In case of connecting several DHCP/PPPoE WAN links to the same ISP, the connections might fail if they are deployed on the same physical WAN port via VLAN because the same MAC address. Via [Clone MAC Enable] you can configure MAC address clone on FortiWAN for this deployment.

Basic Setting

WAN Port The physical port (network interface) on FortiWAN used to connect the WAN link. For the deployment of multiple WAN links on one WAN port, set this field with the same value for those WAN links. For example, select Port1 for configurations of WAN link1, WAN link2 and WAN link3 for deploying the three WAN links on WAN port1. Note: The port has to be mapped to [WAN] beforehand in [VLAN and Port Mapping] (See “WAN link and WAN port”, “VLAN and port mapping” and “Configurations for VLAN and Port Mapping”).
Up/Down Stream The WAN link’s transfer speed at which you can upload/download data to/from the Internet e.g. 512Kbps.
Up/Down Stream Threshold Specify upstream/downstream (Kbps) threshold for the WAN link. WAN link with traffic that exceeds the threshold values will be considered as failed. FortiWAN’s Auto Routing and Multihoming (See “Outbound Load Balancing and Failover (Auto Routing)” and “Inbound Load Balancing and Failover (Multihoming)”) use the value while balancing traffic between WAN links if the Threshold function is enabled. Leave it blank or zero if you do not apply threshold to the WAN link.
MTU (Maximum Transmission unit) refers to the size of the largest packet or frame that a given layer of a communications protocol can pass onwards. It allows dividing the packet into pieces, each small enough to pass over a single link.
User Name Fill in the Username provided by ISP.
Password Fill in Password provided by ISP.
Service Name Fill in service name provided by ISP. Left it blank if ISPs do not require it.
IPv4 Address Fill in the IPv4 address provided by ISP. Left it blank if ISPs do not require it.
IPv6 Enable Check to enable IPv6 over PPPoE.
Redial Enable Since some ISPs tend to turn off PPPoE connection at a certain schedule, FortiWAN will automatically re-establish every disconnected PPPoE link when detected. In order to prevent simultaneous re-connection of multiple links, different re-connection schedules can be configured for different WAN links to avoid conjunction. After reconnection schedule is configured (HH:MM), the system will perform PPPoE reconnection as scheduled daily.
Clone MAC Enable Configure MAC address clone.
See also

l WAN link and WAN port l VLAN and port mapping l Configurations for VLAN and Port Mapping l Outbound Load Balancing and Failover (Auto Routing) l Inbound Load Balancing and Failover (Multihoming)

This entry was posted in Administration Guides, FortiWAN on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

One thought on “FortiWAN Configurations for a WAN link in Brideg Mode: PPPoE

  1. Rainer

    Hi Mike
    Maybe you could give me a hint how to configure the following scenario:

    I have a location where 3 neighbors share one internet connection. The ISP provides an IP-Subnet (/29) over PPPOE. Actually I would like to use the FGT only as PPPoE to Layer2 Bridge.

    Every neighbor gets his personal public IP out of the /29 Subnet and should configure his personal firewall to be use that personal IP as WAN ip.

    So actually I would basically need a device that dials in to ppoe and bridges that connection to a hardware switch where all neigbors could plug in their wan cables. But sadly I did not find any description in the net – with your ppoe article I think I am close by, but I am not 100% sure if a FGT would work for my plans.

    Thanks in advance for your help.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.