Ask Paetec to config their Adtran router to bridge mode.  Then set the WAN to a static public IP address that they wil provide.

On my home LAN I have every system assigned an IP address by DHCP on pfSense. A number of my systems are assigned the same address every time by tieing their MAC address to an IP address in the DHCP Server configuration. You haven't said why you want to have the Linux systems with static addresses so I can't address that. On those systems with static IP address (as seen by the system) you need to specify by the gateway and the DNS server. If you use DHCP this stuff can be changed in one place (the DHCP server) rather than on multiple systems.

System > General Setup Uncheck "Allow DNS server list to be overridden by DHCP/PPP on WAN" As long as that is checked, the DNS servers received by PPPoE will be used by the router. If that is unchecked, then the values you type in will be used.

pfSense is a firewall. There can sometimes be good reason to place tight restrictions on traffic passed. Depending on your environment, "work" might mean more than "pass any traffic", it might mean "block certain types of unexpected traffic".

Hi, thanks for replying. Since then I discovered that the new 10.6 version of Mac OS X has the exact same behaviour I did try to set up the network settings manually but unfortunately the issue still exists. I found this thread explaining that the base of the problem is the ".local" tld used in our LAN. It is used by the "Bonjour" protocol. I am going to change my LAN tld into something not used by some fancy protocol (like ".lan" or something) I keep in touch.

So is there a way to hand code this in the config?

Well i wouldn't consider a forum as a form of documentation… @deanflyer: If there is something you think needs documentation: http://doc.pfsense.com You can apply for an account on the wiki by sending an email to one of the devs, or send the content of what you wanted added to someone with an account. (devs or me).

http://faq.pfsense.com –> http://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks%3F

I have tried it with both DHCP reply on and off.  I get the same issues. The WAN is a static IP Address.  Inside the subnet but outside the DHCP Scope. DHCP is obtained from the DHCP server on the WAN, not the pfsense box.

My friends. cmb u are right, the results are the same, i was doing the wrong test. The results are the same using dig. Thanks cmb for clarifying this, I appreciated  :)

The VPN randomly started working.  I'm not gong to ask any questions and just go along with it  ;D Thanks again for all your help.

This problem was solved, thanks to a bounty I paid (well worth the money).  See:  http://forum.pfsense.org/index.php/topic,18378.msg94747.html#msg94747

If you can email me a backup of your config (cmb at pfsense dot org) and reference this forum thread, I'll see if I can replicate that using your config.

Thats it. That solved the issue. Thank you very much. Regards, Marc @Bern: Have you set up a static route on your pfSense machine to your office's LAN? IIRC you have to do this with IPSec tunnels. Route it through the LAN interface of pfSense.

@joel.baxter: Deny unknown clients: If this is checked, only the clients defined below will get DHCP leases from this server. This only affects the DHCP server. The pfSense will communicate with devices not on the list below. –> You can configure a device with a static IP and it still can use the pfSense to access the internet. @joel.baxter: Enable Static ARP entries: Note: Only the machines listed below will be able to communicate with the firewall on this NIC. Here you essentially write the ARP table by hand. Only devices on the list can communicate with the pfSense. If the device is not on the list it cannot access the internet even if the IP gateway configuration is correct. @joel.baxter: Can we just the Range to zero addresses or it should be the full Available Range? What do you want? Set the range of availlable DHCP-addresses to 0? I'm not sure if this works, but you can just set the range to the netID (example: subnet:192.168.0.0/24 pfSense 192.168.0.1/24 DHCP-range start: 192.168.0.0, end 192.168.0.0) I dont know how this will behave, but you can enter it like this in the webGUI. @joel.baxter: If we do want to reserve a small range of addresses to be assigned without having to input a MAC, how would we do that? Is there a way to set these so that they have access to the internet but no access to internal resources? Just let the DHCP run. If you do this you cannot have the above two options. Why dont you add another interface for "guests"? You cannot control with the pfSense what within your network can access what. Traffic flowing only over the switch never reaches the firewall rules of the pfSense.