Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Brice92
New Contributor

FortiWiFi 60CX-ADSL-A issue to setting up ADSL PPoE from ISP FAILED always

Hello everyone,

 

My device is a Fortinet FortiWiFi 60CX-ADSL-A (Firmware version v5.2.9,build736(GA))

I have login and password from our ISP where these informations are set into the LIVEBOX ADSL and the LiveBox works fine with them.

 

The FortiWiFi 60CX-ADSL-A can use PPoA or PPoE and i found that i have to use the PPoE... But, when i try to set username/password the interface status says "failed"

 

in the CLI we can see CHAP Error : 

 

On the GUI  : 

 

Other information about the status Led on the front of the device :

ADSL sync : Fix

ADSL TX/RX : Blink

 

If someone has already seting up a device like this with ADSL please help me because i lost more 2 weeks on it and never find the solution and the Fortinet support says this is a problem with your ISP but as you see above in my post, the login and password are correct.

 

The same issue with a Fortigate 30D.

 

Regards,

 

 

 

 

 

6 REPLIES 6
Brice92
New Contributor

Hello,

 

Nobody has never set a FORTINET with an ADSL to help me ?

 

I'm blocked from more one month...:(

 

Thanks

ede_pfau
Esteemed Contributor III

You might check if your ISP delivers on a VLAN. In Germany, two of the big ISPs deliver VLAN 7 on the WAN side.

Many/some homeuse modems strip the VLAN tag on ingress if there is one; you will never notice.

 

So, create a VLAN interface on the WAN port and set it to authenticate via PPPoE. See if that provides a login.

If it does, create policies from this VLAN to internal, instead of WAN to internal.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Brice92

Hello,

 

Thanks for the skill i'll try to find these informations from my ISP.

 

If i found, i come back quickly to aknowledge this informaiton.

 

Thanks mate.

Brice92

Hello, i confirm that i need to create a VLAN interface and link this interface to my WAN1 interface...

I'm not sure how to do this task but i will post here my steps to setting up this interface...

 

The CLI is mandatory in order to configure : At the fresh install of the FG40 i have this set on it :

 

config system interface     edit "wan1"         set mode dhcp         set allowaccess ping fgfm auto-ipsec         set type physical         set snmp-index 1     next     edit "wan2"         set allowaccess ping fgfm auto-ipsec         set type physical         set snmp-index 2     next     edit "modem"         set mode pppoe         set type physical         set snmp-index 3     next     edit "ssl.root"         set type tunnel         set alias "SSL VPN interface"         set snmp-index 6     next     edit "internal"         set ip 192.168.1.99 255.255.255.0         set allowaccess ping https ssh http fgfm capwap         set type physical         set snmp-index 7     next end

I saw some example like create a VLAN and link to "WAN1" interface but some command in CLI seems not working because i'm under 5.2 OS version

 

 

config system interface     edit "wan1"         set mode static         unset allowaccess         unset role wan     next     edit "wan1.835"         set vdom "root"         set mode pppoe         set username "fti/********"         set password ********         set interface "wan1"         set vlanid 835         set role wan     next end

 

Do you know how i can do the same with a 5.2 version...?

"set role "wan"" = KO

"set vdom "root"" = KO

 Otherwise after some config set on it i got it :

 

config system interface     edit "wan1"         set mode dhcp         set type physical         set snmp-index 1     next     edit "wan2"         set allowaccess ping fgfm auto-ipsec         set type physical         set snmp-index 2     next     edit "modem"         set mode pppoe         set type physical         set snmp-index 3     next     edit "ssl.root"         set type tunnel         set alias "SSL VPN interface"         set snmp-index 6     next     edit "internal"         set ip 192.168.1.99 255.255.255.0         set allowaccess ping https ssh http fgfm capwap         set type physical         set snmp-index 7     next     edit "wan1.orange"         set mode pppoe         set snmp-index 4         set username "fti/xxxxxxx"         set password ENC xxxxxxxxxxxxxxxxxx         set interface "wan1"         set vlanid 835     next end

Now i can see this through the GUI :

 

 

 What is the next step a policy or something to test the configuration ?

 

I try "get router info routing-table all"

Result :

get router info routing-table all Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP        O - OSPF, IA - OSPF inter area        N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2        E1 - OSPF external type 1, E2 - OSPF external type 2        i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area        * - candidate default C       192.168.1.0/24 is directly connected, internal

 

Toshi_Esumi
Esteemed Contributor III

I have no idea how 60CX-ADSL-A would operate. But if it's coming on ADSL interface, configuring a VLAN on WAN1 wouldn't help. It needs to be attached to ADSL. I don't know if possible though.

ede_pfau
Esteemed Contributor III

Just ignore the "set role" statement, introduced in v5.6. It is not crucially important for operation.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Labels
Top Kudoed Authors