Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Dave_R
New Contributor

Created on ‎07-31-2024 08:22 AM

local in policy on pppoe-interface or wan interface?

I have a pppoe-interface set to use device wan2. 

Does the local in policy need to be applied to wan2 or the "sub interface" of pppoe-interface?

In what order does the local in policy apply to interfaces that have sub interfaces?

Or does it just not apply to the physical interface at all?

Thanks very much!

Dave

Labels:
584
0 Kudos
3 REPLIES 3
Toshi_Esumi
SuperUser
SuperUser

Created on ‎07-31-2024 08:24 AM

Unless it's a separate VLAN subinterface, use wan2 in local-in-policy.

 

Toshi

580
0 Kudos
Toshi_Esumi
SuperUser
SuperUser
In response to Toshi_Esumi

Created on ‎07-31-2024 08:31 AM

@xshkurtiis right. I was blindly assuming you wanted to block something with local-in-policies.

 

Toshi

573
0 Kudos
xshkurti
Staff
Staff

Created on ‎07-31-2024 08:29 AM

@Dave_R 
Normally, when you enable pppoe in an interface, pppoe traffic through that interface is allowed by default.
Unless you want to block it, the order is from top to button, so the first policy is checked, and then the others.
Note that the order should be to allow what you need to allow, and then block everything else, or block specific ports/services and allow the rest of services.

575
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.