Link to home
Start Free TrialLog in
Avatar of omar fdal
omar fdal

asked on

The difference between WAN interface and DSL Interface

Hello,

we have fortigate 100d and it have 2 WAN interfaces along with other interfaces but no DSL interface in it, And i want to know if i can use this WAN interface to connect directly to the ISP without any modem or router between the firewall and the ISP or the Internet. I have a router with VDSL interfaces but it reboot frequently so i want to get rid of it by puting the firewall in his place.

so can anyone explain why a lot of firewalls and routers today have WAN interfaces and not DSL interfaces?
Avatar of Bryant Schaper
Bryant Schaper
Flag of United States of America image

no, they are different, wan interfaces are just ethernet interfacing with routing on them, ie you can assign them an ip and such.  they are rj45.  A dSL interface is rj11 for a DSL circuit and supports the DSL protocols such as VDSL, adsl.
Avatar of omar fdal
omar fdal

ASKER

Thanks Bryant, I want to know also why firewalls such as fortigate 100d and also sophos do not have DSL interfaces only WAN interfaces, and why they have functions  such as NAT that is useful only for Port Forwarding or NAT/PAT of private addresses to public addresses while they don't have any DSL interface.??
SOLUTION
Avatar of Bryant Schaper
Bryant Schaper
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Yes I know the usage of NAT/PAT and Port Forwarding but what i mean by my question is how you can do port forwarding with a Firewall without public address ? i mean if we have fortigate in the middle of our topology between LAN and WAN, and we want to do port forwarding in the firewall not in the DSL router?
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Looks like it is possible with a google search.  here is the doc from Fortinet

http://docs-legacy.fortinet.com/fos50hlp/50/index.html#page/FortiOS%205.0%20Help/interfaces.100.17.html
This is what i'm looking for "PPPoE passthrough", thank you, in last i want to ask you : how to configure PPPoE passthrough on cisco router so that my firewall gets public ip address ? (public ip will be assigned dynamically via ISP DHCP)
Just set it up as

ip address dhcp

Then it will get an ip from the ISP, but you will have to have the dialer and pppoe configured so the interface can logon to the isp.
I understand how to configure my firewall as PPPoE client (Fortigate in my case), but i want to know what i need to configure in my cisco router to let it act as PPPoE Passthrough ?
so now I am a bit confused, is the cisco router the dsl modem from the carrier?  Do you have a model number
I figured your network was like this

ISP --> DSL router --> Fortigate --> Inside network
yes my cisco router is used as dsl modem the model number is 2901
so wouldn't you want the public IP on the router?  the 2901 will probably handle routing better with greater flexibility.  

I am not sure how to configure passthrough on the 2901, sure it can be done, normally the cheap dsl routers have a bridge mode feature that you just enable.  I have to think cisco does it too, but probably a bit more complex.
I know cisco's router can handle routing and also nat and so on, but we have problem in it so it reboot frequently and also we want to consolidate everything in the Fortigate firewall and also we need cisco router just because it has VDSL interface.
can you just replace with a cheap dsl modem?  My experience with DSL is that they all require reboots.
this is also a good solution anyway i will test the cheap modem or configure cisco router as PPPoE Passthrough,

Thanks a lot Bryant I appreciate your help
no problem.