PPPoE happens on layer2, this means you don't need anything else at this interface allowed and it still will work after authentication. If you only want users to be able to pass through your firewall after they connected to PPPoE delete all rules at the Interface you run PPPoE on and disable the DHCP-Server for this interface.
how?
Let's say you run the PPPoE-Server at OPT1, delete all rules for OPT1 and don't set up a DHCP-Server for this interface. Add pass-rules for your PPPoE Interface. Done.
I am "upgrading" some SonicWall equipment to pfsense. The SonicWall has settings for both TCP and UDP "Timeouts" (I can maybe understand TCP but isn't UDP stateless?) ANYWAY… I run terminal sessions via telnet over a VPN and I had to adjust the TCP Timeout on the SonicWall from a default of 15 mins to something like 60 mins otherwise users were getting dropped when they were idle. I don't see any settings like this in pfsense and am wandering if I might end up with a problem?
Thanks!
Default established timer is 24 hours using "normal" state timeouts.
That does fix it, but I would like the router to pull time from the central AD server as the rest of the clients do. I have researched some and found some distros of Linux work with it, some don't. (AD that is). I will just point the pfSense firewall at the pool.ntp.org along with the AD server for its external source. Thanks!
You can specify the subnet that is handled by the PPPoE Server, so you can have any subnetmask you wish. Speed and throughput of course is depending on your hardware.
I'm sorry Bill.
In fact you could be right.
The "Copy MAC" link that I'm talking about could actually well be the one in the DHCP server section.
Sorry about that ;)
Cheers