On 18/12/10 10:16, Evgeny Yurchenko wrote:
my only concern now is PPPoA... But I need public IP on pfSense for sure
to do port-forwarding.
Not really; if you can ask the modem to port-forward to the pfsense box,
you can then ask pfSense to port-forward to the final destination.
So the public IP stays on the modem's WAN interface, you burn a small
private network for the connection between the modem's LAN and pfSense's
WAN (using DHCP so that pfSense gets the modem's sense of DNS
providers), and provide ordinary services over pfSense's LAN.
This means you end up with double-NAT, which isn't ideal in a busy
environment, but is stable enough for quieter locations.
You could do that, but then you would have to disable the private
address filtering on the WAN side ofcourse !
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org