   .
   .
   .                                                          PPPOEFAQ.TXT
   .                                                      February 1, 2000
   .                          
   .
   .
   .
   .
   .
   .
   .
   .
   .   ____  ____  ____       _____
   .  |  _ \|  _ \|  _ \ ___ | ____|
   .  | |_) | |_) | |_) / _ \|  _|
   .  |  __/|  __/|  __/ (_) | |___
   .  |_|   |_|   |_|   \___/|_____|
   .
   .   _____ _    ___
   .  |  ___/ \  / _ \
   .  | |_ / _ \| | | |
   .  |  _/ ___ \ |_| |
   .  |_|/_/   \_\__\_\
   .
   .
   .
   .
   .
   .
   .
   .
   .
   .
   .
   .
   .
   .
   .                                                    F/X Communications
   .                                                       DK-4300 Holbaek
   .                                                               Denmark
   .                                                 E-mail: support@fx.dk
   .                                                      http://www.fx.dk
   .
   .
   .
   .
   .
   .
   .
   .
   .
   .     Copyright (c) 1999-2000, F/X Communications, All Rights Reserved.
   .
   .




NOTE: This Frequently Asked Questions file was correct (to the best of our
      knowledge) on its release date. We hope it is helpful and advise you
      to use it thoughtfully, but at your own risk. Corrections and 
      amplifications should be directed to the InJoy Mail List.




==========================================================================
 F R E Q U E N T L Y    A S K E D    Q U E S T I O N S
==========================================================================


1: What is PPPoE?

   PPPoE (Point to Point Protocol over Ethernet) specifies how a PC 
   interacts with a broadband ISP in order to achieve Internet access.
   It relies on two widely accepted standards, namely Ethernet and the
   point-to-point protocol (PPP). 

   Internet Service providers (ISPs) are implementing PPPoE to replace
   the static IP addressing or DHCP systems that do not offer
   authentication, billing, or service differentiation. 


2: What is ADSL?

   ADSL stands for Asymmetric Digital Subscriber Line, a type of DSL service
   with different (asymmetric) upstream and downstream capabilities. 


3: Can I share a PPPoE connection?

   Internet connection sharing is a feature of the InJoy Firewall. The
   InJoy Firewall supports PPPoE and the PPPoE based Internet can be
   shared - just as any other connection.


4: Does PPPoE require authentication?

   Generally yes. If you have been used to a dial-up based Internet
   connection, you will find that most of the same features are
   provided. That includes assignment of IP addresses, DNS addresses
   and PAP/CHAP authentication.


5: What IP address should I assign to my external LAN adapter?

   The IP address that you assign to your external Ethernet adapter
   is not used. PPPoE assigns an IP address to a new interface (ppp0)
   that is created once connected with PPPoE.

   Accordingly, almost any dummy IP address is okay for the LAN adapter,
   but don't use "0.0.0.0". Any other dummy address, e.g. "1.1.1.1" and
   "255.255.255.0" as netmask is okay.

   If you ISP connection was previously via DHCP, change to a dummy
   static IP.  Eventually the DHCP server will go away, causing a long
   delay in your boot time.


6: Where can I find the connection details?

   PPPoE creates the file "connect.txt" which includes IP addresses,
   DNS servers and other information.


7: Does PPPoE affect my network security

   Yes, there is a significant difference between the occasional dial-up 
   based PPP connection and the full time connection via PPPoE using
   cable/xDSL.

   As the millions of personal computers move from dialup lines to
   permanent connections, a vast new array of potential targets turn
   up on the Internet. PPPoE typically has a somewhat static IP address 
   that's easy for crackers to attack.

   Automated scan tools can quickly interrogate an entire domain, and identify
   machines that appear to be insecure.

   With faster connections, any computer user can scan 1000s of PCs for simple
   configuration mistakes that will allow unauthorised access.


8: Should I buy a firewall?

   If you use your PC solely for web surfing and gaming, then the
   security issues probably will not justity the cost of a firewall.

   You should be concerned if you use your machines for services such as 
   home banking or stock trading.

   If you have personal information, information about your work
   place or other secrets on your home network, then you have a
   solid argument for installing a firewall.

   For a business, the firewall is something you need to protect your
   network and business secrets. The firewall is also the tool that
   gives you full control of your network connection. Features such
   as accounting, connection sharing, link monitoring, port forwarding
   and VPN functionality are all features you will need sooner or later.

   And don't forget that an incorrectly configured firewall can be
   more dangerous than no firewall, so invest the time to understand
   and solve the security issues on your network.


9: How do I detect my max packet size (MTU)

   Start by turning off fragmentation in GATEWAY.CF

   Ping a consistent site using the following command at an OS/2 prompt:

      ping www.whatever.com 1400

   Keep increasing the packet size until ping FAILS to get a reply.

   The highest number you can set that had a successful reply is your
   optimum MTU for the LAN clients.

   This procedure might not work reliably on all TCP/IP stacks.

   Check the PPPoE documentation for more MTU issues.


10: What PPPoE ISP's have been tested with the InJoy Software?

    So far the InJoy PPPoE solution has been tested with these ISPs:

    - Sympatico
    - Bell Nexxia
    - Mindspring
    - Escape Communications in Winnipeg, Canada.


11: Any PPPoE performance implications?

    PPPoE generally introduces a small penalty on network bandwidth due
    to the added protocol layer handling and the extra data needed for
    the PPPoE signaling. This penalty is in the order of no more than
    5-10%, depending on both software and usage.


12: How is PPPoE different from normal xDSL?

    Instead of having the connection automatically occur when your
    computer boots, you will have to establish a logical connection
    using your PPPoE client software.

    Once you are "connected" using the client software, your connection will
    behave the same as any other Internet connection.


13: Can PPPoE coexist with the InJoy Firewall and IPSec VPN support?

    Yes.


14: How do I install, configure and operate the PPPoE software?

    PPPoE is installed seamlessly, as a plugin for the InJoy Firewall
    software.

    The configuration is organized into multiple ISP configuration profiles.
    An easy to use PM GUI can be used to edit the ISP profiles.
    For advanced configurations (or script manipulation), the same settings 
    are available in an ASCII formatted file.

    The PPPoE plugin can be used/operated from both the PM and the VIO
    Firewall modules. The VIO based module is for those environments where
    PM is not available or where the superior stability of a simple text
    window is required.


15: Where can I find more information?

    The InJoy Firewall web site at: http://www.fx.dk/firewall

    The InJoy PPPoE documentation.

    The InJoy mailing list: http://www.fx.dk/contadd.html





    Copyright (c) 1999-2000 F/X Communications.  All rights reserved.

