PPoe secondary ip

My ISP connection is on ppoe/DHCP and i have a secondary ip xxx.xxx.xxx.xxx/30.
How can i set this ip as my pubblic ip and use for BOVPN and SSLVPN?


  • Options
    Add an IP from this range as a secondary IP addr, and use it for your SSLVPN & BOVPN
  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    You'll need to define the secondary IP on the interface that connects to your ISP device (your external interface.)


    Once that is configured, you can set the SSLVPN IP in the SSLVPN config to the secondary IP.

    -James Carson
    WatchGuard Customer Support

  • Options

    Thanks everyone for the replies.
    I tried entering the secondary ip address in both the form x.x.x.137/30 and x.x.x.137/32.
    It doesn't work and in the traffic log I see many blocks at addresses x.x.x.137, 136, 138,139

  • Options
    You will see denies for incoming packets which do not match a policy allowing them.

    Exactly what doesn’t work?
  • Options

    Hi Bruce, this is an extract of trafic monitor...

  • Options
    I see some outgoing allowed traffic and a lot of denied packets from the Internet.
    Nothing looks wrong to me.
  • Options

    Hi Bruce, i'm unable to connect with SSLVPN and also BOVPN not work.
    I can't ping the secondary ip address from internet.
    I don't know if i must configure somethings else in NAT or ROUTE...

  • Options
    edited October 2023
    You need a Ping policy to allow incoming pings - From: Any-external To: Firebox or a specific external IP addr.

    If you have a support license on your Firebox you can open a support case and get help from a WG rep with your issues.
  • Options
    There are client logs on the SSLVPN app and you can turn on Diagnostic Logging for both SSLVPN and IPSec which may show something to help.
Sign In to comment.