New PPPoE features

PPPoE dynamic gateway support (397628)

Original design for PPPoE requires to configure a static gateway. Although it works in many scenarios, some customers require to add support for dynamic gateway for internet-service based routes.

No changes to the CLI neither to the GUI.

Support multiple PPPoE connections on a single interface (363958)

Multiple PPPoE connections on a single physical or vlan interface are now supported by the FortiGate. In addition the interface can be on demand PPPoE.

New PPPoE features                                            Support multiple PPPoE connections on a single interface (363958)

GUI

CLI

config system pppoe-interace edit <name> set dial-on-demand [enable|disable] set ipv6 [enable|disable] set device <interface> set username <string> set password <string>

set auth-type [auto|pap|chap|mschapv1|mschapv2] set ipunnumbered <class_ip>

set pppoe-unnumbered-negotiate [enable|disable] set idle-timeout <integer> set disc-retry-timeout <integer> set padt-retry-timeout <integer> set service-name <string> set ac-name <string>

Support multiple PPPoE connections on a single interface (363958)                                            New PPPoE features

set lcp-echo-interval <integer> set lcp-max-echo-fails <integer>

• dial-on-demand- Enable/disable the dial on demand.feature l ipv6 – Enable/disable the use of IPv6. l device – The name of the physical interface.
• username – User name for credentials l password – Password matching the above username l auth-type – The type of PPP authentication to be used.
• auto – Automatic choice of authentication l pap – PAP authentication l chap – CHAP authentication l mschapv1 – MS-CHAPv1 authentication l mschapv2 – MS-CHAPv2 authentication
• ipunnumbered – PPPoE unnumbered IP. l pppoe-unnumbered-negotiate – Enable/disable PPPoE unnumbered negotiation. l idle-timeout – Idle time in seconds before PPPoE auto disconnects. 0 (zero) for no timeout. l disc-retry-timeout – Timeout value in seconds for PPPoE initial discovery. 0 to 4294967295. Default = 1. l padt-retry-timeout – Timeout value in seconds for PPPoE terminatation. 0 to 4294967295. Default = 1.
• service-name – PPPoE service name.) l ac-name – PPPoE AC name. l lcp-echo-interval – Interval in seconds allowed for PPPoE LCP echo. 0 to 4294967295. Default = 5.
• lcp-max-echo-fails – Maximum number of missed LCP echo messages before disconnect. 0 to 4294967295. Default = 3.

Adding Internet services to firewall policies (389951)                                                                                           CLI