I am currently testing a FortiNet FortiGate 30E UTM firewall and wanted to use it with my Sky Fibre broadband at home. I didn’t really want to use the Sky provided router as just added an extra layer of complexity. I therefore decided to purchase a Draytek Vigor 130 as supported DHCP Option 61.
From Draytek’s website:“The UK ISP Sky utilises DHCP (Dynamic Host Configuration Protocol) for its Sky Fibre Broadband & Now TV VDSL2 (FTTC) Internet services.
When the router connects to Sky and requests an IP address, it sends DHCP option 61 (Client ID) along with the request to authenticate its access to the Sky Fibre Broadband network. If those details match Sky’s requirements, the router is then assigned an Internet IP address by Sky’s network. These details are specific to the router supplied by Sky.”
Draytek Vigor 130
- Connect directly to the Vigor 130 via the RJ45 port and goto http://192.168.2.1 (admin/admin)
- Navigate to [Internet Access] > [MPoA / Static or dynamic IP], and on that page, select Enable
- Press OK to reboot the modem
Sky FTTC Credentials
There is lots of information on the internet about how to get your credentials from your Sky router but again, the steps are quite simple:
- Download and install Wireshark as you will need this to be able to look for a certain packet of data from your existing Sky router
- Ensure your machine is connected directly to the Sky router preferably via a cable rather than wireless
- Run a capture via your network card and filter for “udp.port==67”
- After a few minutes you should see some output and you need to look for “Option: (61) Client identifier”
- Within this you will see your username and password in the format of “=abcdefgh@skydsl|0123456789”
There was some trial and error in getting the FortiGate to connect but in the end, the solution was simple. There isn’t a GUI option but doesn’t take much to get the line added via CLI:
- Navigate to [Network] > [Interfaces] and edit the “wan” interface
- Ensure that “Addressing Mode” is set to DHCP
- SSH into the FortiGate with PuTTY or another client
- Type in the following – not the “=” from the start of the credentials is dropped as not required:
config system interface edit wan set dhcp-client-identifier "abcdefgh@skydsl|0123456789" end
It is important to issue the command “end” after adding the dhcp-client-identifier line as this saves the config.
Once this is completed, you can go back to the FortiGate interface and you should get the following showing the interface has connected: