Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
dbabic
Staff
Staff

Created on ‎08-20-2019 02:31 AM Edited on ‎08-20-2024 04:14 AM By Moderator

Article Id 193428

Technical Tip: How to disable the ability for the PPOoE interface to automatically insert a default static route in the routing table

Description

 

This article describes how to disable the ability for the PPOoE interface to automatically insert a default static route in the routing table.

 

Scope

 

FortiGate.

Interface with PPPoE mode:

 

show system interface port3
config system interface
    edit "port3"
        set vdom "root"
        set mode pppoe
        set type physical
        set snmp-index 3
        set username "username”
        set password ENC  “password”
    next
end

 

Verification of the default route in the routing table with interface ‘ppp’

 

get router info routing-table database

Routing table for VRF=0
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
       O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       > - selected route, * - FIB route, p - stale info

S    *> 0.0.0.0/0 [5/0] via 10.11.1.4, ppp0            <- PPPoE.
S       0.0.0.0/0 [10/0] via 10.10.1.4, port1
C    *> 10.10.0.0/20 is directly connected, port1
C    *> 10.11.1.0/24 is directly connected, ppp0


Solution

 

By default, when the interface with the PPPoE mode is configured and once the IP address settings is given from the PPPoE server and the interface is up, a default route with the interface ‘ppp’ is automatically inserted in the routing table.
For example:
Port1 = Static IP connection
Port2 = PPPoE connection

 

To disable the automatic insertion of the default route by the PPPoE interface, follow the steps via GUI or CLI:

From the GUI:

Disable the option 'Retrieve default gateway from server' under the PPPoE interface setting.
For example: port3 is used as PPPoE connection:
Go to Interfaces -> select port3 and Edit -> disable the option 'Retrieve default gateway from server' -> Save the setting by selecting 'OK'.


pppoe_gw.PNG
From the CLI:

 

conf sys interface

edit port3

set defaultgw disable

end

 

defaultgw --- Enable to get the gateway IP from the DHCP or PPPoE server.

 

Verification of the default route in the routing table with interface 'ppp'.

 

get router info routing-table database

Routing table for VRF=0
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
       O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       > - selected route, * - FIB route, p - stale info

S    *> 0.0.0.0/0 [10/0] via 10.10.1.4, port1
C    *> 10.10.0.0/20 is directly connected, port1
C    *> 10.11.1.0/24 is directly connected, ppp0

 

In the above routing table, the default route with the interface ‘ppp’ is not inserted.

8199
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.