Hot!Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER

Author
duetgroup_tech
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/05/19 07:41:04
  • Status: offline
2020/05/19 07:49:47 (permalink)
0

Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER

Hello all.
 
 
If you are using a Fortigate with the Belgian Cable ISP Telenet, you should know that there is a known incompatibility between Fortigates and the new Telenet DOCSIS 3.1 E-ROUTER. This is the kind of router that they install for all new clients. For now, it is possible to request Telenet to install a DOCSIS 3.0 modem and that solves the issue, but going forward this could become a big problem, especially if they require all their clients to switch to DOCSIS3.1.
 
The problem seems to be that Fortigates don't support Unicast DHCP. 
 
As far as I can tell the incompatibility is known to Telenet, but I don't know if Fortinet knows or not. I have opened a TAC case to find out.
 
#1

13 Replies Related Threads

    mjcrevier
    Bronze Member
    • Total Posts : 23
    • Scores: 2
    • Reward points: 0
    • Joined: 2014/04/28 18:04:36
    • Status: offline
    Re: Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER 2020/05/19 11:53:35 (permalink)
    0
    I saw similar issues with Netgear modems used by Comcast in the States. Wonder if they use the same hardware.
    #2
    emnoc
    Expert Member
    • Total Posts : 6225
    • Scores: 435
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER 2020/05/19 12:27:53 (permalink)
    0
    Can you explain unicast DHCP? The whole purpose of DHCP is the client has no "address" so how is unicast used here? Outside of a DHCP-relay concept, DHCP is broadcasted 
     
    Ken Felix

    PCNSE 
    NSE 
    StrongSwan  
    #3
    duetgroup_tech
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/05/19 07:41:04
    • Status: offline
    Re: Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER 2020/05/20 03:48:17 (permalink)
    0
    From what I understand, "Unicast DHCP" is a misnomer.
    Unicast refers to the Broadcast flag set in the Bootp flags. The Fortigate sets it to "Broadcast", whereas regular Windows/MacOS clients set it to "Unicast".

    #4
    emnoc
    Expert Member
    • Total Posts : 6225
    • Scores: 435
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER 2020/05/21 12:24:22 (permalink)
    0
    Interesting i would have to capture a DHCP datagram,  but broadcast and unicast just determines  the action of the DHCP-offer as 0.0.0.0 or x.x.x.x in  the offer from my understanding.
     
    In the above you would need to look at the offer and witness is being set imho. I would use a dhcp-tool to test the above with the ISP and see what's happening or grab the difference 2 or more different devices for comparison.
     
    Ken Felix
     

    PCNSE 
    NSE 
    StrongSwan  
    #5
    waterboy1602
    New Member
    • Total Posts : 6
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/03/21 15:26:07
    • Status: offline
    Re: Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER 2020/05/28 09:44:42 (permalink)
    0
    Hi,
     
    I'm experiencing exactly the same problem. Did you already found a fix for this or did you just change your modem with a DOCSIS 3.0 one?
     
    I just swapped my DOCSIS 3.0 for a 3.1 one, but didn't do enough research to find this before hand. Can I possible fix this with the 3.1 modem?
    #6
    avka1453
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2021/10/07 05:15:43
    • Status: offline
    Re: Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER 2021/10/07 05:16:52 (permalink)
    0
    Hi,
     
    Does anyone know if this issue has been resolved with a fortinet update?
     
    thanks
    #7
    waterboy1602
    New Member
    • Total Posts : 6
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/03/21 15:26:07
    • Status: offline
    Re: Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER 2021/10/07 12:22:54 (permalink)
    0
    I can tell you that in the mean time this bug has been fixed. I'm using a DOCSIS 3.1 E-ROUTER from Telenet with a Fortigate firewall myself and the bridging functionality works without flaws.
    #8
    avka1453
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2021/10/07 05:15:43
    • Status: offline
    Re: Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER 2021/10/07 23:21:19 (permalink)
    0
    That's great! Which version are you on?
     
    Kind regards,
    #9
    waterboy1602
    New Member
    • Total Posts : 6
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/03/21 15:26:07
    • Status: offline
    Re: Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER 2021/10/13 04:31:53 (permalink)
    0
    Any idea how I can find on which version I am?
    #10
    avka1453
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2021/10/07 05:15:43
    • Status: offline
    Re: Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER 2021/10/13 04:34:30 (permalink)
    0
    Hi,
     
    sure, you go to the system menu and in the submenu Firmware, you can see the current version
     
    KR,
    #11
    waterboy1602
    New Member
    • Total Posts : 6
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/03/21 15:26:07
    • Status: offline
    Re: Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER 2021/10/13 06:42:14 (permalink)
    0
    I'm sorry, but this is not possible in the Telenet overview (mijn.telenet.be). As a Telenet customer we can't access the modem directly.
    #12
    avka1453
    New Member
    • Total Posts : 4
    • Scores: 0
    • Reward points: 0
    • Joined: 2021/10/07 05:15:43
    • Status: offline
    Re: Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER 2021/10/13 06:48:00 (permalink)
    0
    Hi,
     
    I'm sorry, I wanted to know which version of Fortigate firmware you are running :)
     
    KR,
    #13
    waterboy1602
    New Member
    • Total Posts : 6
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/03/21 15:26:07
    • Status: offline
    Re: Fortigates incompatibility with Telenet DOCSIS 3.1 E-ROUTER 2021/10/13 06:54:36 (permalink)
    0
    I'm sorry for the misunderstanding. My Fortigate firewall is on firmware version: FortiOS v6.0.6 build0272 (GA).
    #14
    Jump to:
    © 2021 APG vNext Commercial Version 5.5