Draytek Vigor 130, FortiGate 30E & Sky FTTC Broadband

I am currently testing a FortiNet FortiGate 30E UTM firewall and wanted to use it with my Sky Fibre broadband at home. I didn’t really want to use the Sky provided router as just added an extra layer of complexity. I therefore decided to purchase a Draytek Vigor 130 as supported DHCP Option 61.

From Draytek’s website:

“The UK ISP Sky utilises DHCP (Dynamic Host Configuration Protocol) for its Sky Fibre Broadband & Now TV VDSL2 (FTTC) Internet services.

When the router connects to Sky and requests an IP address, it sends DHCP option 61 (Client ID) along with the request to authenticate its access to the Sky Fibre Broadband network. If those details match Sky’s requirements, the router is then assigned an Internet IP address by Sky’s network. These details are specific to the router supplied by Sky.”

Draytek Vigor 130

Draytek have a full guide on how to configure the Vigor 130 for Sky FTTC but you have to put the modem into Bridge Mode and the basic steps are:

  • Connect directly to the Vigor 130 via the RJ45 port and goto http://192.168.2.1 (admin/admin)
  • Navigate to [Internet Access] > [MPoA / Static or dynamic IP], and on that page, select Enable
  • Press OK to reboot the modem

Sky FTTC Credentials

There is lots of information on the internet about how to get your credentials from your Sky router but again, the steps are quite simple:

  • Download and install Wireshark as you will need this to be able to look for a certain packet of data from your existing Sky router
  • Ensure your machine is connected directly to the Sky router preferably via a cable rather than wireless
  • Run a capture via your network card and filter for “udp.port==67”
  • After a few minutes you should see some output and you need to look for “Option: (61) Client identifier”
  • Within this you will see your username and password in the format of “=abcdefgh@skydsl|0123456789”

FortiGate 30E

There was some trial and error in getting the FortiGate to connect but in the end, the solution was simple. There isn’t a GUI option but doesn’t take much to get the line added via CLI:

  • Navigate to [Network] > [Interfaces] and edit the “wan” interface
  • Ensure that “Addressing Mode” is set to DHCP
  • SSH into the FortiGate with PuTTY or another client
  • Type in the following – not the “=” from the start of the credentials is dropped as not required:
config system interface
edit wan
set dhcp-client-identifier "abcdefgh@skydsl|0123456789"
end

It is important to issue the command “end” after adding the dhcp-client-identifier line as this saves the config.

Once this is completed, you can go back to the FortiGate interface and you should get the following showing the interface has connected:


References

Leave a Reply

Your email address will not be published. Required fields are marked *