- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
local in policy on pppoe-interface or wan interface?
I have a pppoe-interface set to use device wan2.
Does the local in policy need to be applied to wan2 or the "sub interface" of pppoe-interface?
In what order does the local in policy apply to interfaces that have sub interfaces?
Or does it just not apply to the physical interface at all?
Thanks very much!
Dave
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Unless it's a separate VLAN subinterface, use wan2 in local-in-policy.
Toshi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@xshkurtiis right. I was blindly assuming you wanted to block something with local-in-policies.
Toshi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Dave_R
Normally, when you enable pppoe in an interface, pppoe traffic through that interface is allowed by default.
Unless you want to block it, the order is from top to button, so the first policy is checked, and then the others.
Note that the order should be to allow what you need to allow, and then block everything else, or block specific ports/services and allow the rest of services.
