Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
technik
New Contributor

FG 100d Multiple Wan PPPoE

Good Afternoon, Just had BT Infinity installed today. This now requires a modem and a router compare to previous modem/router. So considered using PPPoE on the FG100D removing known vpn problems with bt routers. connected the modem up on port1 setup pppoe with correct username and password. It received the correct ip and I set up to obtain gateway. Tried to get on the internet with no luck. Checked the routing as I previously had static routing. which has been removed. The routes are there but interface states ppp1. Now I have 4 internet connections and if i connect all 4 I end up with 2 records for each connection, interfaces ppp1,ppp2,ppp3,ppp4 Due to lack of time I had to refit the modems. Would there be any problem having 4 pppoe connections? Do I need to change all my firewall policies to use interface ppp1 instead of port1? I could not find any reference through the web interface of ppp1.
21 REPLIES 21
technik
New Contributor

hello bob, the original setup before removing the nat routers in front of the gateway was done using the priority setting on gateway. The new internet connections, the default gateway changes so I have to leave the interface as retrieving the gateway address. Heres my current routing table. the only static routes I have is for the vpn subnets the only policy routes I have is 80,21,443 via port 2
rwpatterson
Valued Contributor III

I changed that. Distances should be equal. PRIORITY should be numerically lower.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
rwpatterson
Valued Contributor III

OK. Now I get the complication. Let me chew on this between my tasks here.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
technik
New Contributor

sorry edited above post to take on board what you suggest. I am unable to set static routes to the default gateway as it changes.
ede_pfau
SuperUser
SuperUser

@technik: You are confusing " distance" with " priority" ! Bob said you should set the priorities different but the distances equal. In FortiOS, the priority denotes an additional parameter (it is vendor-specific). Translate " priority" with " cost" and you get the picture: with equal distances, higher priority means higher cost means less preferred. If you tweak the distances then routes drop out of the routing table.
0.0.0.0/0.0.0.0 port1 0.0.0.0 10 1 0.0.0.0/0.0.0.0 port1 0.0.0.0 10 2 0.0.0.0/0.0.0.0 port1 0.0.0.0 10 3 0.0.0.0/0.0.0.0 port1 0.0.0.0 10 4
I cannot make any sense out of that - 4 times to port1?? Did you just copy&paste, or do you mean it?
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
technik
New Contributor

0.0.0.0/0.0.0.0 port1 0.0.0.0 10 1 0.0.0.0/0.0.0.0 port2 0.0.0.0 10 2 0.0.0.0/0.0.0.0 port3 0.0.0.0 10 3 0.0.0.0/0.0.0.0 port4 0.0.0.0 10 4 I did copy and paste. the 10 is the distance and the 1,2,3,4 at the end is the priority. I' m not confused about that section. Creating such links like above even with a lower identical distance for example 9 still does not work. 0.0.0.0/0.0.0.0 port1 0.0.0.0 9 1 0.0.0.0/0.0.0.0 port2 0.0.0.0 9 2 0.0.0.0/0.0.0.0 port3 0.0.0.0 9 3 0.0.0.0/0.0.0.0 port4 0.0.0.0 9 4 That will appear in the routing monitor and cancel out the automatically detected gateway routes but then nothing can connect to externally. I' m assuming due to no gateway being stated. Would changing it from Source Based routing to Weight Based routing possibly solve this?
ede_pfau
SuperUser
SuperUser

OK let' s get this straight, it' s not as complicated as it seems: 1. you have to use automatic assignment of the gateway address with PPPoE connections 2. you can set distance and priority on each PPPoE interface. 3. same distance routes will all show up in the Routing Monitor 4. if having the same distance, a route with LOWER priority will be preferred. 5. you do not use static routes 6. to force some kind of traffic to a specific interface use a Policy Route That' s all there is to this topic. With PPPoE interfaces, you can set the priority only in the CLI (conf sys int, edit wan1, set priority ...). Make sure that when changing routing parameters you start with an empty session table. Otherwise, you will see no effect.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
technik
New Contributor

Thank You very much ede_pfau Setting the priority on the interface fixed the problem straight away. I was unaware priority could be set on interface itself. Does this only apply to pppoe connections or can it be done with all interfaces Many thanks
ede_pfau
SuperUser
SuperUser

This is only available when mode is pppoe or dhcp
From the FortiOS v5 CLI Reference, pg. 569.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
rwpatterson
Valued Contributor III

Glad you guys got all that straightened out. I had the right direction, but no time to give you more. I' m only in charge of 3 servers here. I had to rebuild all of them this month for various reasons... Shoot me... Monday!

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors