Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ekrishnan
Staff
Staff

Created on ‎11-28-2022 10:36 PM

Article Id 231154

Technical Tip: Link Monitor for DHCP/PPPOE interfaces

Description This article describes the configuration and working when DHCP/PPPOE interfaces for link monitoring are assigned.
Scope FortiGate, link monitor.
Solution

Interface with DHCP mode:

 

As per the test setup here, the WAN1 interface is in DHCP mode meaning the gateway is automatic in this case:

 

Configuration of link monitor:

 

# config system link-monitor
    edit "1"
        set srcintf "wan1"
        set server "8.8.8.8" <----- Probing server.
    next
end

 

Note:

On the above, there is no gateway configured.

 

# diag sys link-monitor status

Link Monitor: 1, Status: alive, Server num(1), Flags=0x1 init, Create time: Thu Nov 17 05:45:06 2022
Source interface: wan1 (5)
Interval: 500 ms
Peer: 8.8.8.8(8.8.8.8)
Source IP(192.168.0.243)
Route: 192.168.0.243->8.8.8.8/32, gwy(192.168.0.8)
protocol: ping, state: alive
Latency(Min/Max/Avg): 6.437/74.065/20.453 ms
Jitter(Min/Max/Avg): 0.016/65.932/13.671
Packet lost: 0.000%
Number of out-of-sequence packets: 0
Fail Times(0/5)
Packet sent: 54, received: 54, Sequence(sent/rcvd/exp): 55/55/56



Based on the above, it is possible to see that Fortios dynamically retrieves the gateway when the link-monitor is set.

 

The same is applied to the PPPOE interface, and below are the configurations.


# diagnose sys link-monitor status

Link Monitor: 1, Status: alive, Server num(1), HA state: local(alive), shared(alive)
Flags=0x1 init, Create time: Wed Nov 23 17:07:07 2022
Source interface: custvlan (ppp1) (27)
Interval: 500 ms
Service-detect: disable
Diffservcode: 000000
Class-ID: 0
Peer: 1.1.1.1(1.1.1.1)
Source IP(192.168.3.22)
Route: 192.168.3.22->1.1.1.1/32, gwy(192.168.4.254)------------>Gateway is automatically detected.
protocol: ping, state: alive -------------------------->Ping results state is alive
Latency(Min/Max/Avg): 7.445/9.461/8.637 ms
Jitter(Min/Max/Avg): 0.001/1.661/0.522 ms
Packet lost: 0.000%
Number of out-of-sequence packets: 0
Fail Times(0/5)
Packet sent: 649, received: 649, Sequence(sent/rcvd/exp): 650/650/651

 

Interface setting:

    edit "custvlan"
        set vdom "root"
        set mode pppoe <----- Mode PPPOE.
        set distance 10
        set device-identification enable
        set role lan
        set snmp-index 15
        set username "pppoe1"
        set password ENC xxxxxxxx
        set interface "port3 <----- VLAN interface bound to port3 as per the test setup.
1030
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.