diff --git a/data/templates/accel-ppp/pppoe.config.tmpl b/data/templates/accel-ppp/pppoe.config.tmpl
index 3e5c64eb8..08f82996b 100644
--- a/data/templates/accel-ppp/pppoe.config.tmpl
+++ b/data/templates/accel-ppp/pppoe.config.tmpl
@@ -1,185 +1,186 @@
 ### generated by accel_pppoe.py ###
 [modules]
 log_syslog
 pppoe
 shaper
 {# Common authentication backend definitions #}
 {% include 'accel-ppp/config_modules_auth_mode.j2' %}
 ippool
 {# Common IPv6 definitions #}
 {% include 'accel-ppp/config_modules_ipv6.j2' %}
 {# Common authentication protocols (pap, chap ...) #}
 {% include 'accel-ppp/config_modules_auth_protocols.j2' %}
 
 {% if snmp is defined %}
 net-snmp
 {% endif %}
 {% if limits is defined %}
 connlimit
 {% endif %}
 {% if extended_scripts is defined %}
 sigchld
 pppd_compat
 {% endif %}
 
 [core]
 thread-count={{ thread_count }}
 
 [log]
 syslog=accel-pppoe,daemon
 copy=1
 level=5
 
 {% if snmp is defined and snmp.master_agent is defined %}
 [snmp]
 master=1
 {% endif %}
 
 [client-ip-range]
 disable
 
 {# Common IP pool definitions #}
 {% include 'accel-ppp/config_ip_pool.j2' %}
 
 {# Common IPv6 pool definitions #}
 {% include 'accel-ppp/config_ipv6_pool.j2' %}
 
 {# Common DNS name-server definition #}
 {% include 'accel-ppp/config_name_server.j2' %}
 
 {% if wins_server is defined and wins_server is not none %}
 [wins]
 {%   for server in wins_server %}
 wins{{ loop.index }}={{ server }}
 {%   endfor %}
 {% endif %}
 
 {# Common chap-secrets and RADIUS server/option definitions #}
 {% include 'accel-ppp/config_chap_secrets_radius.j2' %}
 
 {% if session_control is defined and session_control != 'disable' %}
 [common]
 single-session={{ session_control }}
 {% endif %}
 
 [ppp]
 verbose=1
 check-ip=1
 ccp={{ "1" if ppp_options.ccp is defined else "0" }}
 unit-preallocate={{ "1" if authentication.radius.preallocate_vif is defined else "0" }}
 {% if ppp_options.min_mtu is defined and ppp_options.min_mtu is not none %}
 min-mtu={{ ppp_options.min_mtu }}
 {% endif %}
 {% if ppp_options.mru is defined and ppp_options.mru is not none %}
 mru={{ ppp_options.mru }}
 {% endif %}
 mppe={{ ppp_options.mppe }}
 lcp-echo-interval={{ ppp_options.lcp_echo_interval }}
 lcp-echo-timeout={{ ppp_options.lcp_echo_timeout }}
 lcp-echo-failure={{ ppp_options.lcp_echo_failure }}
 {% if ppp_options.ipv4 is defined and ppp_options.ipv4 is not none %}
 ipv4={{ ppp_options.ipv4 }}
 {% endif %}
 {# IPv6 #}
 {% if ppp_options.ipv6 is defined and ppp_options.ipv6 is not none %}
 ipv6={{ ppp_options.ipv6 }}
 {%   if ppp_options.ipv6_intf_id is defined and ppp_options.ipv6_intf_id is not none %}
 ipv6-intf-id={{ ppp_options.ipv6_intf_id }}
 {%   endif %}
 {%   if ppp_options.ipv6_peer_intf_id is defined and ppp_options.ipv6_peer_intf_id is not none %}
 ipv6-peer-intf-id={{ ppp_options.ipv6_peer_intf_id }}
 {%   endif %}
 ipv6-accept-peer-intf-id={{ "1" if ppp_options.ipv6_accept_peer_intf_id is defined else "0" }}
 {% endif %}
 {# MTU #}
 mtu={{ mtu }}
 {% if ppp_options.interface_cache is defined and ppp_options.interface_cache is not none %}
 unit-cache={{ ppp_options.interface_cache }}
 {% endif %}
 
 [pppoe]
 verbose=1
 ac-name={{ access_concentrator }}
 
 {% if interface is defined and interface is not none %}
 {%   for iface, iface_config in interface.items() %}
 {%     if iface_config.vlan_id is not defined and iface_config.vlan_range is not defined %}
 interface={{ iface }}
 {%     endif %}
 {%     if iface_config.vlan_range is defined %}
 {%       for regex in iface_config.regex %}
 interface=re:^{{ iface | replace('.', '\\.') }}\.({{ regex }})$
 {%       endfor %}
 vlan-mon={{ iface }},{{ iface_config.vlan_range | join(',') }}
 {%     endif %}
 {%     if iface_config.vlan_id is defined %}
 {%       for vlan in iface_config.vlan_id %}
 vlan-mon={{ iface }},{{ vlan }}
 interface=re:^{{ iface | replace('.', '\\.') }}\.{{ vlan }}$
 {%       endfor %}
 {%     endif %}
 {%   endfor %}
 {% endif %}
 
 {% if service_name %}
 service-name={{ service_name | join(',') }}
 {% endif %}
 
 {% if pado_delay %}
-{%   set pado_delay_param = namespace(value='0') %}
-{%   for delay in pado_delay|sort(attribute='0') %}
+{%   set delay_without_sessions = pado_delay.delays_without_sessions[0] | default('0') %}
+{%   set pado_delay_param = namespace(value=delay_without_sessions) %}
+{%   for delay, sessions in pado_delay.delays_with_sessions | sort(attribute='1') %}
 {%     if not loop.last %}
-{%       set pado_delay_param.value = pado_delay_param.value + ',' + delay + ':' + pado_delay[delay].sessions %}
+{%       set pado_delay_param.value = pado_delay_param.value + ',' + delay + ':' + sessions | string %}
 {%     else %}
-{%       set pado_delay_param.value = pado_delay_param.value + ',-1:' + pado_delay[delay].sessions %}
+{%       set pado_delay_param.value = pado_delay_param.value + ',-1:' + sessions | string %}
 {%     endif %}
 {%   endfor %}
 pado-delay={{ pado_delay_param.value }}
 {% endif %}
 {% if authentication.radius.called_sid_format is defined and authentication.radius.called_sid_format is not none %}
 called-sid={{ authentication.radius.called_sid_format }}
 {% endif %}
 
 {% if authentication is defined and authentication.mode is defined and authentication.mode == 'local' %}
 {%   if client_ip_pool is defined and client_ip_pool is not none %}
 {%     if client_ip_pool.name is defined and client_ip_pool.name is not none %}
 {%       for pool, pool_config in client_ip_pool.name.items() %}
 {%         if pool_config.subnet is defined and pool_config.subnet is not none %}
 ip-pool={{ pool }}
 {%           if pool_config.gateway_address is defined and pool_config.gateway_address is not none %}
 gw-ip-address={{ pool_config.gateway_address }}/{{ pool_config.subnet.split('/')[1] }}
 {%           endif %}
 {%         endif %}
 {%       endfor %}
 {%     endif %}
 {%  endif %}
 {% endif %}
 
 {% if limits is defined %}
 [connlimit]
 {%   if limits.connection_limit is defined and limits.connection_limit is not none %}
 limit={{ limits.connection_limit }}
 {%   endif %}
 {%   if limits.burst is defined and limits.burst %}
 burst={{ limits.burst }}
 {%   endif %}
 {%   if limits.timeout is defined and limits.timeout is not none %}
 timeout={{ limits.timeout }}
 {%   endif %}
 {% endif %}
 
 {# Common RADIUS shaper configuration #}
 {% include 'accel-ppp/config_shaper_radius.j2' %}
 
 {% if extended_scripts is defined %}
 [pppd-compat]
 verbose=1
 radattr-prefix=/run/accel-pppd/radattr
 {% set script_name = {'on_up': 'ip-up', 'on_down': 'ip-down', 'on_change':'ip-change', 'on_pre_up':'ip-pre-up'} %}
 {%   for script in extended_scripts %}
 {{ script_name[script] }}={{ extended_scripts[script] }}
 {%   endfor %}
 {% endif %}
 
 [cli]
 tcp=127.0.0.1:2001
diff --git a/smoketest/scripts/cli/test_service_pppoe-server.py b/smoketest/scripts/cli/test_service_pppoe-server.py
index 8514801a8..fa3090e25 100755
--- a/smoketest/scripts/cli/test_service_pppoe-server.py
+++ b/smoketest/scripts/cli/test_service_pppoe-server.py
@@ -1,270 +1,293 @@
 #!/usr/bin/env python3
 #
 # Copyright (C) 2020-2023 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
 # published by the Free Software Foundation.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import os
 import unittest
 
 from base_accel_ppp_test import BasicAccelPPPTest
 
 from configparser import ConfigParser
 from vyos.configsession import ConfigSessionError
 from vyos.util import process_named_running
 
 local_if = ['interfaces', 'dummy', 'dum667']
 ac_name = 'ACN'
 interface = 'eth0'
 
 class TestServicePPPoEServer(BasicAccelPPPTest.TestCase):
     def setUp(self):
         self._base_path = ['service', 'pppoe-server']
         self._process_name = 'accel-pppd'
         self._config_file = '/run/accel-pppd/pppoe.conf'
         self._chap_secrets = '/run/accel-pppd/pppoe.chap-secrets'
 
         super().setUp()
 
     def tearDown(self):
         self.cli_delete(local_if)
         super().tearDown()
 
     def verify(self, conf):
         mtu = '1492'
 
         # validate some common values in the configuration
         for tmp in ['log_syslog', 'pppoe', 'ippool',
                     'auth_mschap_v2', 'auth_mschap_v1', 'auth_chap_md5',
                     'auth_pap', 'shaper']:
             # Settings without values provide None
             self.assertEqual(conf['modules'][tmp], None)
 
         # check Access Concentrator setting
         self.assertTrue(conf['pppoe']['ac-name'] == ac_name)
         self.assertTrue(conf['pppoe'].getboolean('verbose'))
         self.assertTrue(conf['pppoe']['interface'], interface)
 
         # check ppp
         self.assertTrue(conf['ppp'].getboolean('verbose'))
         self.assertTrue(conf['ppp'].getboolean('check-ip'))
         self.assertEqual(conf['ppp']['mtu'], mtu)
         self.assertEqual(conf['ppp']['lcp-echo-interval'], '30')
         self.assertEqual(conf['ppp']['lcp-echo-timeout'], '0')
         self.assertEqual(conf['ppp']['lcp-echo-failure'], '3')
 
         super().verify(conf)
 
     def basic_config(self):
         self.cli_set(local_if + ['address', '192.0.2.1/32'])
 
         self.set(['access-concentrator', ac_name])
         self.set(['interface', interface])
 
         super().basic_config()
 
     def test_pppoe_server_ppp_options(self):
         # Test configuration of local authentication for PPPoE server
         self.basic_config()
 
         # other settings
         mppe = 'require'
         self.set(['ppp-options', 'ccp'])
         self.set(['ppp-options', 'mppe', mppe])
         self.set(['limits', 'connection-limit', '20/min'])
 
         # min-mtu
         min_mtu = '1400'
         self.set(['ppp-options', 'min-mtu', min_mtu])
 
         # mru
         mru = '9000'
         self.set(['ppp-options', 'mru', mru])
 
         # interface-cache
         interface_cache = '128000'
         self.set(['ppp-options', 'interface-cache', interface_cache])
 
         # commit changes
         self.cli_commit()
 
         # Validate configuration values
         conf = ConfigParser(allow_no_value=True, delimiters='=')
         conf.read(self._config_file)
 
         # basic verification
         self.verify(conf)
 
         self.assertEqual(conf['chap-secrets']['gw-ip-address'], self._gateway)
 
         # check ppp
         self.assertEqual(conf['ppp']['mppe'], mppe)
         self.assertEqual(conf['ppp']['min-mtu'], min_mtu)
         self.assertEqual(conf['ppp']['mru'], mru)
 
         self.assertTrue(conf['ppp'].getboolean('ccp'))
 
         # check other settings
         self.assertEqual(conf['connlimit']['limit'], '20/min')
 
         # check interface-cache
         self.assertEqual(conf['ppp']['unit-cache'], interface_cache)
 
         # Check for running process
         self.assertTrue(process_named_running(self._process_name))
 
     def test_pppoe_server_authentication_protocols(self):
         # Test configuration of local authentication for PPPoE server
         self.basic_config()
 
         # explicitly test mschap-v2 - no special reason
         self.set( ['authentication', 'protocols', 'mschap-v2'])
 
         # commit changes
         self.cli_commit()
 
         # Validate configuration values
         conf = ConfigParser(allow_no_value=True)
         conf.read(self._config_file)
 
         self.assertEqual(conf['modules']['auth_mschap_v2'], None)
 
         # Check for running process
         self.assertTrue(process_named_running(self._process_name))
 
     def test_pppoe_server_client_ip_pool(self):
         # Test configuration of IPv6 client pools
         self.basic_config()
 
         subnet = '172.18.0.0/24'
         fwmark = '223'
         limiter = 'htb'
         self.set(['client-ip-pool', 'subnet', subnet])
 
         start = '192.0.2.10'
         stop = '192.0.2.20'
         stop_octet = stop.split('.')[3]
         start_stop = f'{start}-{stop_octet}'
         self.set(['client-ip-pool', 'start', start])
         self.set(['client-ip-pool', 'stop', stop])
         self.set(['shaper', 'fwmark', fwmark])
 
         # commit changes
         self.cli_commit()
 
         # Validate configuration values
         conf = ConfigParser(allow_no_value=True)
         conf.read(self._config_file)
 
         # check configured subnet
         self.assertEqual(conf['ip-pool'][subnet], None)
         self.assertEqual(conf['ip-pool'][start_stop], None)
         self.assertEqual(conf['ip-pool']['gw-ip-address'], self._gateway)
 
         # Check for running process
         self.assertTrue(process_named_running(self._process_name))
 
 
     def test_pppoe_server_client_ip_pool_name(self):
         # Test configuration of named client pools
         self.basic_config()
 
         subnet = '192.0.2.0/24'
         gateway = '192.0.2.1'
         pool = 'VYOS'
 
         subnet_name = f'{subnet},name'
         gw_ip_prefix = f'{gateway}/24'
 
         self.set(['client-ip-pool', 'name', pool, 'subnet', subnet])
         self.set(['client-ip-pool', 'name', pool, 'gateway-address', gateway])
         self.cli_delete(self._base_path + ['gateway-address'])
 
         # commit changes
         self.cli_commit()
 
         # Validate configuration values
         conf = ConfigParser(allow_no_value=True, delimiters='=')
         conf.read(self._config_file)
 
         # Validate configuration
         self.assertEqual(conf['ip-pool'][subnet_name], pool)
         self.assertEqual(conf['ip-pool']['gw-ip-address'], gateway)
         self.assertEqual(conf['pppoe']['ip-pool'], pool)
         self.assertEqual(conf['pppoe']['gw-ip-address'], gw_ip_prefix)
 
 
     def test_pppoe_server_client_ipv6_pool(self):
         # Test configuration of IPv6 client pools
         self.basic_config()
 
         # Enable IPv6
         allow_ipv6 = 'allow'
         random = 'random'
         self.set(['ppp-options', 'ipv6', allow_ipv6])
         self.set(['ppp-options', 'ipv6-intf-id', random])
         self.set(['ppp-options', 'ipv6-accept-peer-intf-id'])
         self.set(['ppp-options', 'ipv6-peer-intf-id', random])
 
         prefix = '2001:db8:ffff::/64'
         prefix_mask = '128'
         client_prefix = f'{prefix},{prefix_mask}'
         self.set(['client-ipv6-pool', 'prefix', prefix, 'mask', prefix_mask])
 
         delegate_prefix = '2001:db8::/40'
         delegate_mask = '56'
         self.set(['client-ipv6-pool', 'delegate', delegate_prefix, 'delegation-prefix', delegate_mask])
 
         # commit changes
         self.cli_commit()
 
         # Validate configuration values
         conf = ConfigParser(allow_no_value=True, delimiters='=')
         conf.read(self._config_file)
 
         for tmp in ['ipv6pool', 'ipv6_nd', 'ipv6_dhcp']:
             self.assertEqual(conf['modules'][tmp], None)
 
         self.assertEqual(conf['ppp']['ipv6'], allow_ipv6)
         self.assertEqual(conf['ppp']['ipv6-intf-id'], random)
         self.assertEqual(conf['ppp']['ipv6-peer-intf-id'], random)
         self.assertTrue(conf['ppp'].getboolean('ipv6-accept-peer-intf-id'))
 
         self.assertEqual(conf['ipv6-pool'][client_prefix], None)
         self.assertEqual(conf['ipv6-pool']['delegate'], f'{delegate_prefix},{delegate_mask}')
 
         # Check for running process
         self.assertTrue(process_named_running(self._process_name))
 
 
     def test_accel_radius_authentication(self):
         radius_called_sid = 'ifname:mac'
         radius_acct_interim_jitter = '9'
 
         self.set(['authentication', 'radius', 'called-sid-format', radius_called_sid])
         self.set(['authentication', 'radius', 'acct-interim-jitter', radius_acct_interim_jitter])
 
         # run common tests
         super().test_accel_radius_authentication()
 
         # Validate configuration values
         conf = ConfigParser(allow_no_value=True, delimiters='=')
         conf.read(self._config_file)
 
         # Validate configuration
         self.assertEqual(conf['pppoe']['called-sid'], radius_called_sid)
         self.assertEqual(conf['radius']['acct-interim-jitter'], radius_acct_interim_jitter)
 
 
+    def test_pppoe_server_pado_delay(self):
+        delay_without_sessions = '10'
+        delays = {'20': '200', '30': '300'}
+
+        self.basic_config()
+
+        self.set(['pado-delay', delay_without_sessions])
+        self.cli_commit()
+
+        conf = ConfigParser(allow_no_value=True, delimiters='=')
+        conf.read(self._config_file)
+        self.assertEqual(conf['pppoe']['pado-delay'], delay_without_sessions)
+
+        for delay, sessions in delays.items():
+            self.set(['pado-delay', delay, 'sessions', sessions])
+        self.cli_commit()
+
+        conf = ConfigParser(allow_no_value=True, delimiters='=')
+        conf.read(self._config_file)
+
+        self.assertEqual(conf['pppoe']['pado-delay'], '10,20:200,-1:300')
+
+
 if __name__ == '__main__':
     unittest.main(verbosity=2)
diff --git a/src/conf_mode/service_pppoe-server.py b/src/conf_mode/service_pppoe-server.py
index f6182f8ea..aeb8df7eb 100755
--- a/src/conf_mode/service_pppoe-server.py
+++ b/src/conf_mode/service_pppoe-server.py
@@ -1,121 +1,148 @@
 #!/usr/bin/env python3
 #
 # Copyright (C) 2018-2020 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
 # published by the Free Software Foundation.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 import os
 
 from sys import exit
 
 from vyos.config import Config
 from vyos.configdict import get_accel_dict
 from vyos.configverify import verify_accel_ppp_base_service
 from vyos.template import render
 from vyos.util import call
 from vyos.util import dict_search
 from vyos.util import get_interface_config
 from vyos.range_regex import range_to_regex
 from vyos import ConfigError
 from vyos import airbag
 airbag.enable()
 
 pppoe_conf = r'/run/accel-pppd/pppoe.conf'
 pppoe_chap_secrets = r'/run/accel-pppd/pppoe.chap-secrets'
 
+def convert_pado_delay(pado_delay):
+    new_pado_delay = {'delays_without_sessions': [],
+                      'delays_with_sessions': []}
+    for delay, sessions in pado_delay.items():
+        if not sessions:
+            new_pado_delay['delays_without_sessions'].append(delay)
+        else:
+            new_pado_delay['delays_with_sessions'].append((delay, int(sessions['sessions'])))
+    return new_pado_delay
+
 def get_config(config=None):
     if config:
         conf = config
     else:
         conf = Config()
     base = ['service', 'pppoe-server']
     if not conf.exists(base):
         return None
 
     # retrieve common dictionary keys
     pppoe = get_accel_dict(conf, base, pppoe_chap_secrets)
+
+    if dict_search('pado_delay', pppoe):
+        pado_delay = dict_search('pado_delay', pppoe)
+        pppoe['pado_delay'] = convert_pado_delay(pado_delay)
+
     return pppoe
 
+def verify_pado_delay(pppoe):
+    if 'pado_delay' in pppoe:
+        pado_delay = pppoe['pado_delay']
+
+        delays_without_sessions = pado_delay['delays_without_sessions']
+        if len(delays_without_sessions) > 1:
+            raise ConfigError(
+                f'Cannot add more then ONE pado-delay without sessions, '
+                f'but {len(delays_without_sessions)} were set'
+            )
+
 def verify(pppoe):
     if not pppoe:
         return None
 
     verify_accel_ppp_base_service(pppoe)
+    verify_pado_delay(pppoe)
 
     if 'wins_server' in pppoe and len(pppoe['wins_server']) > 2:
         raise ConfigError('Not more then two IPv4 WINS name-servers can be configured')
 
     if 'interface' not in pppoe:
         raise ConfigError('At least one listen interface must be defined!')
 
     # Check is interface exists in the system
     for iface in pppoe['interface']:
         if not get_interface_config(iface):
             raise ConfigError(f'Interface {iface} does not exist!')
 
     # local ippool and gateway settings config checks
     if not (dict_search('client_ip_pool.subnet', pppoe) or
            (dict_search('client_ip_pool.start', pppoe) and
             dict_search('client_ip_pool.stop', pppoe))):
         print('Warning: No PPPoE client pool defined')
 
     if dict_search('authentication.radius.dynamic_author.server', pppoe):
         if not dict_search('authentication.radius.dynamic_author.key', pppoe):
             raise ConfigError('DA/CoE server key required!')
 
     return None
 
 
 def generate(pppoe):
     if not pppoe:
         return None
 
     # Generate special regex for dynamic interfaces
     for iface, iface_options in pppoe['interface'].items():
         if 'vlan_range' in iface_options:
             pppoe['interface'][iface]['regex'] = []
             for vlan_range in iface_options['vlan_range']:
                 pppoe['interface'][iface]['regex'].append(range_to_regex(vlan_range))
 
     render(pppoe_conf, 'accel-ppp/pppoe.config.tmpl', pppoe)
 
     if dict_search('authentication.mode', pppoe) == 'local':
         render(pppoe_chap_secrets, 'accel-ppp/chap-secrets.config_dict.tmpl',
                pppoe, permission=0o640)
     else:
         if os.path.exists(pppoe_chap_secrets):
             os.unlink(pppoe_chap_secrets)
 
     return None
 
 
 def apply(pppoe):
     if not pppoe:
         call('systemctl stop accel-ppp@pppoe.service')
         for file in [pppoe_conf, pppoe_chap_secrets]:
             if os.path.exists(file):
                 os.unlink(file)
 
         return None
 
     call('systemctl restart accel-ppp@pppoe.service')
 
 if __name__ == '__main__':
     try:
         c = get_config()
         verify(c)
         generate(c)
         apply(c)
     except ConfigError as e:
         print(e)
         exit(1)