Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Dave_R
New Contributor

local in policy on pppoe-interface or wan interface?

I have a pppoe-interface set to use device wan2. 

Does the local in policy need to be applied to wan2 or the "sub interface" of pppoe-interface?

In what order does the local in policy apply to interfaces that have sub interfaces?

Or does it just not apply to the physical interface at all?

Thanks very much!

Dave

3 REPLIES 3
Toshi_Esumi
SuperUser
SuperUser

Unless it's a separate VLAN subinterface, use wan2 in local-in-policy.

 

Toshi

Toshi_Esumi

@xshkurtiis right. I was blindly assuming you wanted to block something with local-in-policies.

 

Toshi

xshkurti
Staff
Staff

@Dave_R 
Normally, when you enable pppoe in an interface, pppoe traffic through that interface is allowed by default.
Unless you want to block it, the order is from top to button, so the first policy is checked, and then the others.
Note that the order should be to allow what you need to allow, and then block everything else, or block specific ports/services and allow the rest of services.

Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors