asked on
The difference between WAN interface and DSL Interface
Hello,
we have fortigate 100d and it have 2 WAN interfaces along with other interfaces but no DSL interface in it, And i want to know if i can use this WAN interface to connect directly to the ISP without any modem or router between the firewall and the ISP or the Internet. I have a router with VDSL interfaces but it reboot frequently so i want to get rid of it by puting the firewall in his place.
so can anyone explain why a lot of firewalls and routers today have WAN interfaces and not DSL interfaces?
we have fortigate 100d and it have 2 WAN interfaces along with other interfaces but no DSL interface in it, And i want to know if i can use this WAN interface to connect directly to the ISP without any modem or router between the firewall and the ISP or the Internet. I have a router with VDSL interfaces but it reboot frequently so i want to get rid of it by puting the firewall in his place.
so can anyone explain why a lot of firewalls and routers today have WAN interfaces and not DSL interfaces?
Network OperationsBroadbandNetwork Management
Last Comment
Bryant Schaper
no, they are different, wan interfaces are just ethernet interfacing with routing on them, ie you can assign them an ip and such. they are rj45. A dSL interface is rj11 for a DSL circuit and supports the DSL protocols such as VDSL, adsl.
ASKER
Thanks Bryant, I want to know also why firewalls such as fortigate 100d and also sophos do not have DSL interfaces only WAN interfaces, and why they have functions such as NAT that is useful only for Port Forwarding or NAT/PAT of private addresses to public addresses while they don't have any DSL interface.??
SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Yes I know the usage of NAT/PAT and Port Forwarding but what i mean by my question is how you can do port forwarding with a Firewall without public address ? i mean if we have fortigate in the middle of our topology between LAN and WAN, and we want to do port forwarding in the firewall not in the DSL router?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Looks like it is possible with a google search. here is the doc from Fortinet
http://docs-legacy.fortinet.com/fos50hlp/50/index.html#page/FortiOS%205.0%20Help/interfaces.100.17.html
http://docs-legacy.fortinet.com/fos50hlp/50/index.html#page/FortiOS%205.0%20Help/interfaces.100.17.html
ASKER
This is what i'm looking for "PPPoE passthrough", thank you, in last i want to ask you : how to configure PPPoE passthrough on cisco router so that my firewall gets public ip address ? (public ip will be assigned dynamically via ISP DHCP)
Just set it up as
ip address dhcp
Then it will get an ip from the ISP, but you will have to have the dialer and pppoe configured so the interface can logon to the isp.
ip address dhcp
Then it will get an ip from the ISP, but you will have to have the dialer and pppoe configured so the interface can logon to the isp.
ASKER
I understand how to configure my firewall as PPPoE client (Fortigate in my case), but i want to know what i need to configure in my cisco router to let it act as PPPoE Passthrough ?
so now I am a bit confused, is the cisco router the dsl modem from the carrier? Do you have a model number
I figured your network was like this
ISP --> DSL router --> Fortigate --> Inside network
ISP --> DSL router --> Fortigate --> Inside network
ASKER
yes my cisco router is used as dsl modem the model number is 2901
so wouldn't you want the public IP on the router? the 2901 will probably handle routing better with greater flexibility.
I am not sure how to configure passthrough on the 2901, sure it can be done, normally the cheap dsl routers have a bridge mode feature that you just enable. I have to think cisco does it too, but probably a bit more complex.
I am not sure how to configure passthrough on the 2901, sure it can be done, normally the cheap dsl routers have a bridge mode feature that you just enable. I have to think cisco does it too, but probably a bit more complex.
ASKER
I know cisco's router can handle routing and also nat and so on, but we have problem in it so it reboot frequently and also we want to consolidate everything in the Fortigate firewall and also we need cisco router just because it has VDSL interface.
can you just replace with a cheap dsl modem? My experience with DSL is that they all require reboots.
ASKER
this is also a good solution anyway i will test the cheap modem or configure cisco router as PPPoE Passthrough,
Thanks a lot Bryant I appreciate your help
Thanks a lot Bryant I appreciate your help
no problem.