Configuring A Pppoe Client On The Wan Interface With Traffic Routed Over Pppoe - D-Link NetDefend DFL-210 User Manual

3.3.4. PPPoE
Control Protocols (NCPs) can be used to transport traffic for a particular protocol suite, so that
multiple protocols can interoperate on the same link, for example, both IP and IPX traffic can share
a PPP link.
Authentication is an option with PPP. Authentication protocols supported are Password
Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), Microsoft
CHAP (version 1 and 2). If authentication is used, at least one of the peers has to authenticate itself
before the network layer protocol parameters can be negotiated using NCP. During the LCP and
NCP negotiation, optional parameters such as encryption, can be negotiated.
3.3.4.2. PPPoE Client Configuration
The PPPoE interface
Since the PPPoE protocol runs PPP over Ethernet, the firewall needs to use one of the normal
Ethernet interfaces to run PPPoE over. Each PPPoE Tunnel is interpreted as a logical interface by
the NetDefendOS, with the same routing and configuration capabilities as regular interfaces, with
the IP rule set being applied to all traffic. Network traffic arriving at the firewall through the PPPoE
tunnel will have the PPPoE tunnel interface as its source interface. For outbound traffic, the PPPoE
tunnel interface will be the destination interface. As with any interface, one or more routes are
defined so NetDefendOS knows what IP addresses it should accept traffic from and which to send
traffic to through the PPPoE tunnel. The PPPoE client can be configured to use a service name to
distinguish between different servers on the same Ethernet network.
IP address information
PPPoE uses automatic IP address allocation which is similar to DHCP. When NetDefendOS
receives this IP address information from the ISP, it stores it in a network object and uses it as the IP
address of the interface.
User authentication
If user authentication is required by the ISP, the username and password can be setup in
NetDefendOS for automatic sending to the PPPoE server.
Dial-on-demand
If dial-on-demand is enabled, the PPPoE connection will only be up when there is traffic on the
PPPoE interface. It is possible to configure how the firewall should sense activity on the interface,
either on outgoing traffic, incoming traffic or both. Also configurable is the time to wait with no
activity before the tunnel is disconnected.
Example 3.12. Configuring a PPPoE client on the wan interface with traffic routed over
PPPoE.
CLI
gw-world:/> add Interface PPPoETunnel PPPoEClient EthernetInterface=wan
Web Interface
1. Go to Interfaces > PPPoE > Add > PPoE Tunnel
2. Then enter:
• Name: PPPoEClient
• Physical Interface: wan
• Remote Network: all-nets (as we will route all traffic into the tunnel)
Network=all-nets Username=exampleuser Password=examplepw
62
Chapter 3. Fundamentals