DSL (PPPoA/PPTP)

To configure a connection using the PPP over ATM Protocol (PPPoA), you will need an unused Ethernet interface on Sophos UTM on AWS as well as an external ADSL modem with an Ethernet port. The connection to the Internet proceeds through two separate connections. Between Sophos UTM on AWS and the ADSL modem, a connection using the PPTP over Ethernet Protocol is established. The ADSL modem is, in turn, connected to the ISP using the PPP over ATM Dialing Protocol.

The configuration will require the DSL connection information, including username and password, provided by your Internet Service Provider (ISP).

Note – Once the DSL connection is activated, Sophos UTM on AWS will be connected to your ISP 24 hours a day. You should therefore ensure that your ISP bills on a flat-rate or bandwidth-based system rather than based on connection time.

To configure a DSL (PPPoA/PPTP) interface, proceed as follows:

  1. On the Interfaces tab, click New Interface.

    The Add Interface dialog box opens.

  2. Make the following settings:

    Name: Enter a descriptive name for the interface.

    Type: Select DSL (PPPoA/PPTP) from the drop-down list.

    Hardware: Select an interface from the drop-down list.

    IPv4/IPv6 default GW (optional): Select this option if you want to use the default gateway of your provider.

    Username: Enter the username, provided by your ISP.

    Password: Enter the password, provided by your ISP.

    Comment (optional): Add a description or other information.

  3. Optionally, make the following advanced settings:

    Modem IP: Enter the IP address of your ADSL modem here. This address will usually be provided by your ISP or the modem hardware and cannot be changed. Example: 10.0.0.138 (with AonSpeed).

    NIC address: Enter the IP address of the network card on Sophos UTM on AWS which is attached to the modem here. This address must be in the same subnet as the modem. Example: 10.0.0.140 (with AonSpeed).

    NIC netmask: Enter the network mask to use here. Example: 255.255.255.0 (with AonSpeed).

    Ping address (optional): Enter the IP address of a host on the Internet that responds to ICMP ping requests. In order to test the connection between Sophos UTM on AWS and the external network, you have to enter an IP address of a host on the other side of the PPTP link. You can try to use the DNS server of your ISP. Sophos UTM on AWS will send ping requests to this host: if no answer is received, the connection will be broken.

    MTU: Enter the maximum transmission unit for the interface in bytes. You must enter a value fitting your interface type here if you want to use traffic management. A sensible value for the interface type is entered by default. Changing this setting should only be done by technically adept users. Entering wrong values here can render the interface unusable. An MTU size greater than 1500 bytes must be supported by the network operator and the network card (e.g., Gigabit interface). By default, an MTU of 1492 bytes is set for the DSL (PPPoA) interface type.

    Daily reconnect: Define at what time you want the connection to close and reopen. You can select either Never or pick a specific time.

    Reconnect delay: Here you can change the reconnect delay. By default, it is set to 5 Seconds. If your ISP demands a longer delay you can set it to One Minute or Fifteen Minutes.

    Asymmetric (optional): Select this option if your connection's uplink and downlink bandwidth are not identical and you want the Dashboard to reflect this. Then, two textboxes are displayed, allowing you to enter the maximum uplink bandwidth in either MB/s or KB/s. Select the appropriate unit from the drop-down list.

    Displayed max (optional): Here you can enter the maximum downlink bandwidth of your connection, if you want the Dashboard to reflect it. The bandwidth can be given in either MB/s or KB/s. Select the appropriate unit from the drop-down list.

  4. Click Save.

    The system will now check the settings for validity. After a successful check the new interface will appear in the interface list. The interface is not yet enabled (toggle switch is gray).

  5. Enable the interface.

    Click the toggle switch to activate the interface.

    The interface is now enabled (toggle switch is green). The interface might still be displayed as being Down. The system requires a short time to configure and load the settings. Once the Up message appears, the interface is fully operable.

To show only interfaces of a certain type, select the type of the interfaces you want to have displayed from the drop-down list. To either edit or delete an interface, click the corresponding buttons.