On 17 Dec 2010, at 21:45, Michel Servaes wrote: > On 18/12/10 10:16, Evgeny Yurchenko wrote: >>> my only concern now is PPPoA... But I need public IP on pfSense for sure >>> to do port-forwarding. >> Not really; if you can ask the modem to port-forward to the pfsense box, >> you can then ask pfSense to port-forward to the final destination. >> >> So the public IP stays on the modem's WAN interface, you burn a small >> private network for the connection between the modem's LAN and pfSense's >> WAN (using DHCP so that pfSense gets the modem's sense of DNS >> providers), and provide ordinary services over pfSense's LAN. >> >> This means you end up with double-NAT, which isn't ideal in a busy >> environment, but is stable enough for quieter locations. >> >> > You could do that, but then you would have to disable the private address > filtering on the WAN side ofcourse !
I'm in the UK and I use a Draytek Vigor 120 router that out of the box will work as an ADSL modem. It autodetects your ADSL settings and performs PPoE to PPoA authentication so I simply configure the WAN port on PFSense for PPoE and use my ISP ADSL userid and password. This works a treat and I get my Internet IP address on PFSense, in fact I have a netblock from my ISP so I just add Proxy ARP Virtual address entries on PFSense for the additional IP addresses and 1:1 NAT rules to map my additional external IP addresses to devices on my internal networks. Hope that helps David
smime.p7s
Description: S/MIME cryptographic signature
