FortiGate 7.0.x With Bell Residential Fibre

I've been using Sophos' UTM since forever, but at work we're moving away from our legacy Cisco ASAs, and to FortiGate. So I'm making the switch at home with an entry-level FortiGate VM, on my home Hyper-V server. I'm not a fan of the Bell gear that comes with my home connection, so we're gonna move everything off that and onto my own gear.


First thing you need is somewhere for the fibre to terminate. The Bell Home Hub comes with a generic 1Gb SFP GBIC that you can drop into any 1Gb (that I've tried) SFP port. This is slotted into my ancient HP ProCurve 1800-24G J9028B, which I got in 2015 when we replaced our 7 year old networking equipment at work. The physical switch port, and the Hyper-V switch both need to be tagged on VLAN 35.

Since you're going to be using a dynamic gateway you need to enable it in your router config on the FortiGate:

config routter static
    edit 1
        set device <port for your WAN connection> 
        set dynamic-gateway enable
    next
end

In order to enable the PPPoE dial up settings for the port in the GUI it needs to be enabled via the CLI. You can set the username and password here, or in the GUI. In the CLI, you enter the plaintext password and the FortiGate will automatically encrypt it.

config system interface
    edit <port for your WAN connection>
        set mode pppoe
        set username "<User name>"
        set password <plaintext password>
    next
end

From the GUI you can set your username and dial in password. If you don't have these they're both available in your MyBell account by going to Change modem access password.