FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 225700
Description This article describes the basic steps to troubleshoot PPPoE connection failure when FortiGate is configured as the PPPoE client.
Scope FortiGate.

1) Verify that the username and password are correctly configured.


2) If the PPPoE interface is correctly configured, it would be required to capture the following information from FortiGate:


# diag netlink interface list <pppoe>

# diag deb app pppoed -1

# diag deb en


3) It would also be good to perform packet capture on the PPPoE interface:


# diag sniffer packet <pppoe> '' 6 0 a


4) Verify if PPPoE negotiation is successful:


Client to server: Initiation (PADI) -> Server to client: Offer (PADO) -> Client to server: request (PADR) -> Server to client: session-confirmation (PADS).


Should the transaction is valid, it will be possible to see the transactional information in the Wireshark:





If there is only broadcast (PADI) information noticed, it could happen due to incorrectly physical wiring or to the ISP router not responding to the request.

In such case, it would be required to check on the physical layer and/or logs on the ISP router if it received the broadcast packet and responded accordingly.


Related documents:

Technical Tip: pppoe-interface configuration

Technical Tip: How to import 'diagnose sniffer packet' data to WireShark