Posted by This was a bit of a faff, so I thought I’d document it. The setup here is an ADSL modem plugged into ge-0/0/4 with the SRX doing PPPoE (CHAP) via that modem. Apparently this is the same for VDSL2 (FTTC) via the BT OpenReach modem also. Config below:
interfaces {
ge-0/0/4 {
description "Plusnet Off-Net WAN via Zyxel Modem";
unit 0 {
encapsulation ppp-over-ether;
}
}
pp0 {
unit 0 {
ppp-options {
chap {
default-chap-secret "your-password";
local-name "yourusername@plusdsl.net";
no-rfc2486;
passive;
}
}
pppoe-options {
underlying-interface ge-0/0/4.0;
idle-timeout 0;
auto-reconnect 10;
client;
}
family inet {
mtu 1480;
negotiate-address;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop pp0.0;
}
}
security {
zones {
security-zone public {
interfaces {
pp0.0 {
host-inbound-traffic {
system-services {
ping;
traceroute;
ike;
ssh;
}
}
}
}
}
}
flow {
tcp-mss {
all-tcp {
mss 1440;
}
}
}
}
ge-0/0/4 {
description "Plusnet Off-Net WAN via Zyxel Modem";
unit 0 {
encapsulation ppp-over-ether;
}
}
pp0 {
unit 0 {
ppp-options {
chap {
default-chap-secret "your-password";
local-name "yourusername@plusdsl.net";
no-rfc2486;
passive;
}
}
pppoe-options {
underlying-interface ge-0/0/4.0;
idle-timeout 0;
auto-reconnect 10;
client;
}
family inet {
mtu 1480;
negotiate-address;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop pp0.0;
}
}
security {
zones {
security-zone public {
interfaces {
pp0.0 {
host-inbound-traffic {
system-services {
ping;
traceroute;
ike;
ssh;
}
}
}
}
}
}
flow {
tcp-mss {
all-tcp {
mss 1440;
}
}
}
}
Really helpful post, thanks!
In particular, the stuff about mtu and mss I had missing from my config.
I’m using zen Internet with a draytek Vigor 130 modem. I don’t have ‘no-rfc2486’ in my config yet, but everything appears to work ok.