Hi all

i have a fortigate 61F with version 7.0.6 running in a remote branch

i have setup wan2 connection in PPPoE mode

as a temporary measurement i login to the switch over the public internet (on wan2 gui access enabled)

to configure the device.

it happened a few times that i get locked out because the fw loses its pppoe connection

and the only way to re-establish a connection is to reboot the fw.

and my question is

why do i need to reboot it? doesn't it auto reconnect?

how can i troubleshoot the interrupting?

-------Edit-------

after contacting the ISP support they told me that the session breaks because of user-requested breaks.

so the fortigate probably sends message to terminate the session or something like that.

ISP response:

At the moment, the session is active on the cisco since 10.10, according to the session history, we see that sessions from the Fortinet MAC addres in the logs, there are mostly User-Request breaks, either it periodically restarts itself, or your equipment spontaneously performs this. On the branch above, we do not fix restrictions. There are no errors on the port, there are no losses to the concentrator. You need to double-check the router. Unfortunately, we can't help you set up this router.

i've setup wan2 with PPPoE settings. so i dont use a virtual interface.

this is the config:

FGT (wan2) # show full
config system interface
    edit "wan2"
        set vdom "root"
        set vrf 0
        set fortilink disable
        set mode pppoe
        set distance 5
        set priority 1
        set dhcp-relay-interface-select-method auto
        set dhcp-relay-service disable
        set allowaccess ping https ssh http fgfm
        set fail-detect disable
        set arpforward enable
        set broadcast-forward disable
        set bfd global
        set l2forward disable
        set icmp-send-redirect enable
        set icmp-accept-redirect enable
        set reachable-time 30000
        set vlanforward disable
        set stpforward disable
        set ips-sniffer-mode disable
        set ident-accept disable
        set ipmac disable
        set subst disable
        set substitute-dst-mac 00:00:00:00:00:00
        set status up
        set netbios-forward disable
        set wins-ip 0.0.0.0
        set type physical
        set netflow-sampler disable
        set sflow-sampler disable
        set src-check enable
        set sample-rate 2000
        set polling-interval 20
        set sample-direction both
        set explicit-web-proxy disable
        set explicit-ftp-proxy disable
        set proxy-captive-portal disable
        set tcp-mss 0
        set inbandwidth 0
        set outbandwidth 0
        set egress-shaping-profile ''
        set ingress-shaping-profile ''
        set disconnect-threshold 0
        set spillover-threshold 0
        set ingress-spillover-threshold 0
        set weight 0
        set external disable
        set trunk disable
        set description ''
        set alias ''
        set l2tp-client disable
        set security-mode none
        set device-identification disable
        set lldp-reception vdom
        set lldp-transmission vdom
        set estimated-upstream-bandwidth 0
        set estimated-downstream-bandwidth 0
        set measured-upstream-bandwidth 0
        set measured-downstream-bandwidth 0
        set bandwidth-measure-time 0
        set monitor-bandwidth enable
        set vrrp-virtual-mac disable
        set role wan
        set snmp-index 2
        set preserve-session-route disable
        set auto-auth-extension-device disable
        set ap-discover enable
        set switch-controller-mgmt-vlan 4094
        set switch-controller-igmp-snooping-proxy disable
        set switch-controller-igmp-snooping-fast-leave disable
        set swc-first-create 0
        config ipv6
            set ip6-mode static
            set nd-mode basic
            set ip6-address ::/0
            unset ip6-allowaccess
            set icmp6-send-redirect enable
            set ra-send-mtu enable
            set ip6-reachable-time 0
            set ip6-retrans-time 0
            set ip6-hop-limit 0
            set dhcp6-prefix-delegation disable
            set dhcp6-information-request disable
            set vrrp-virtual-mac6 disable
            set vrip6_link_local ::
            set ip6-send-adv disable
            set autoconf disable
            set dhcp6-relay-service disable
        end
        set dhcp-relay-request-all-server disable
        set dhcp-client-identifier ''
        set dhcp-renew-time 0
        set ipunnumbered 0.0.0.0
        set username xxx
        set password xxx
        set idle-timeout 0
        set disc-retry-timeout 20
        set padt-retry-timeout 5
        set service-name ''
        set ac-name ''
        set lcp-echo-interval 5
        set lcp-max-echo-fails 3
        set defaultgw enable
        set dns-server-override enable
        set dns-server-protocol cleartext
        set auth-type chap
        set pptp-client disable
        set speed 100full
        set mtu-override enable
        set mtu 1492
        set wccp disable
        set drop-overlapped-fragment disable
        set drop-fragment disable

i hope that someone can tell me what to adjust.