Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
dbabic
Staff
Staff

Created on ‎08-20-2019 02:31 AM Edited on ‎06-08-2022 02:36 PM By Anonymous

Article Id 193428

Technical Tip: How to disable the ability for the PPOoE interface to automatically insert a default static route in the routing table

Description
This article describes how to disable the ability for the PPOoE interface to automatically insert a default static route in the routing table.
By default, when the interface with the PPPoE mode is configured and once the IP address settings is given from the PPPoE server and the interface is up, a default route with the interface ‘ppp’ is automatically inserted in the routing table.
For example:
Port1 = Static IP connection
Port2 = PPPoE connection

- Interface with PPPoE mode:

# show system interface port3
config system interface
    edit "port3"
        set vdom "root"
        set mode pppoe
        set type physical
        set snmp-index 3
        set username "username”
        set password ENC  “password”
    next
end

- Verification of the default route in the routing table with interface ‘ppp’

# get router info routing-table database
Routing table for VRF=0
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
       O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       > - selected route, * - FIB route, p - stale info

S    *> 0.0.0.0/0 [5/0] via 10.11.1.4, ppp0            <---------- PPPoE
S       0.0.0.0/0 [10/0] via 10.10.1.4, port1
C    *> 10.10.0.0/20 is directly connected, port1
C    *> 10.11.1.0/24 is directly connected, ppp0


Solution
To disable the automatic insertion of the default route by the PPPoE interface, follow the steps via GUI or CLI:

From the GUI:

Disable the option "Retrieve default gateway from server" under the PPPoE interface setting.
For example: port3 is used as PPPoE connection:
Interfaces -> select port3 and Edit -> disable option “Retrieve default gateway from server” -> Save setting by clicking on “OK”

From the CLI:

# conf sys interface
    edit port3
        set defaultgw disable
end

## defaultgw --- Enable to get the gateway IP from the DHCP or PPPoE server.

- Verification of the default route in the routing table with interface ‘ppp’ .

# get router info routing-table database
Routing table for VRF=0
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
       O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       > - selected route, * - FIB route, p - stale info

S    *> 0.0.0.0/0 [10/0] via 10.10.1.4, port1
C    *> 10.10.0.0/20 is directly connected, port1
C    *> 10.11.1.0/24 is directly connected, ppp0

- In the above routing table, the default route with the interface ‘ppp’ is not inserted.



7032
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.