This article explains how to create a DSL (PPPoA/PPTP) Ethernet interface on Sophos UTM.
Similar to PPPoE, some ISPs require PPPoA type connections in order to connect to their network. PPPoA connections use the PPTP protocol to establish a layer 2 tunnel from the client (in this case UTM) to the provider modem. Similar to PPPoE connections, access to the network is controlled by username and password validation. This should only be used if required by the ISP.
Use this interface type when you are:
- Connecting to a provider offering PPPoA connections.
Do NOT use this interface type if:
- You are not trying to connect to the internet.
- The provider does not use PPPoA.
This article focuses on a single interface type. To learn more about other interface types, please view KB article 118899
Known to apply to the following Sophos product(s) and version(s)
What To Do
Interfaces may be added and edited in the WebAdmin interface under: Interfaces & Routing | Interfaces | Interfaces.
- Click the New Interface button to add a new interface.
- In the Type field, select: DSL(PPPoA/PPTP)
- The following image and table outline the options available, and how to fill them out:
|Interface Image ||Configuration Options |
Name: This is the name that will be shown throughout the UTM configuration, wherever this interface is referenced. Names that indicate/are specific to purpose, are often the most useful. For example names like: Internal, DMZ, Guest, External. or External-XO, External-ATT, are purpose-specific names that make it clear to someone who didn't create the object, what purpose it serves.
Hardware: Unused Ethernet ports are shown here. If none are listed, then all interfaces are currently configured. UTM appliances configure eth3 by default for HA/Clustering. If HA is not needed, and HA is not disabled, eth3 may be made available on UTM appliances, by disabling HA under Management | High Availability | Configuration.
IPv4 Default GW: If the interface is a connection to the internet, then a default gateway IP may be set by enabling this option. If this is not an internet connection, then this option does not normally need to be enabled.
Username: The internet provider will provide credentials to use when connecting to their service. The supplied username should be entered here.
Password: The internet provider will provide credentials to use when connecting to their service. The supplied password should be entered here.
Comment: (Optional) This is a free text field, where brief comments may be recorded.
Modem IP: It may be necessary to manually specify the IP address of the DSL Modem. If so, enter the correct IP here. The correct value must be supplied by the provider.
NIC Address: Enter the IP of the UTM interface which will be connecting to the DLS modem. This should not need to be changed unless the Modem IP required changing. Be sure that the IP entered here is in the same subnet as the Modem IP above.
NIC Netmask: Enter the Subnet of the UTM interface which will be connecting to the DLS modem. This should not need to be changed unless the provider recommends a different subnet mask.
Ping Address: The address entered in this field will be monitored via ICMP Pings. If the host fails to respond, the UTM will consider the connection broken. This should typically be set to one of the DNS server IPs given by the provider.
MTU: The default value of 1492 is the typical value required for DSL connections. It may be apropriate to change this if connecting to ISPs that require smaller MTU values.
Daily Reconnect: DSL conections must reconnect periodically. This setting allows admins to control exactly when that reconnection will occur. By choosing a time that will be non-disruptive to network users, unexpected internet interruptions can be avoided.
Reconnect Delay: During the daily reconnect, the system will wait the specified amount of time after disconnecting before attempting to reconnect to the provider. This setting has no effect unless Daily Reconnect is enabled, and usually does not need to be changed. In some rare cases, the provider may not behave correctly if the client connects too quickly after disconnecting. In these cases, you may have to extend the reconnect interval.
Displayed max: (Optional) The displayed max value is a numeric field that is used for display purposes only. Entering the correct value in this field to match the available bandwidth provided on this link, allows the UTM to show accurate percentage graphs for each interface on dashboard. This has no impact on network behavior, as it is only used for display purposes.