On 10-12-17 04:59 PM, David Bottrill wrote:
On 17 Dec 2010, at 21:45, Michel Servaes wrote:
On 18/12/10 10:16, Evgeny Yurchenko wrote:
my only concern now is PPPoA... But I need public IP on pfSense for sure
to do port-forwarding.
Not really; if you can ask the modem to port-forward to the pfsense box,
you can then ask pfSense to port-forward to the final destination.
So the public IP stays on the modem's WAN interface, you burn a small
private network for the connection between the modem's LAN and pfSense's
WAN (using DHCP so that pfSense gets the modem's sense of DNS
providers), and provide ordinary services over pfSense's LAN.
This means you end up with double-NAT, which isn't ideal in a busy
environment, but is stable enough for quieter locations.
You could do that, but then you would have to disable the private address
filtering on the WAN side ofcourse !
I'm in the UK and I use a Draytek Vigor 120 router that out of the box will
work as an ADSL modem.
It autodetects your ADSL settings and performs PPoE to PPoA authentication so I
simply configure the WAN port on PFSense for PPoE and use my ISP ADSL userid
and password.
This works a treat and I get my Internet IP address on PFSense, in fact I have
a netblock from my ISP so I just add Proxy ARP Virtual address entries on
PFSense for the additional IP addresses and 1:1 NAT rules to map my additional
external IP addresses to devices on my internal networks.
Hope that helps
David
That would be ideal for me. The site is in UK -) I am wondering if my modem can
do the same stuff.
Gentlemen, I understand double-nat thing and can certainly configure that, but the simpler the better, I'd prefer to
have public IP (range) on pfSense box.
Thanks all for ideas! Now I have more hopes that it'll work.
Evgeny.
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
