Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    Introducing Netgate Nexus: Multi-Instance Management at Your Fingertips.

    Using a public IP on a DMZ interface while PPPoE is configured on the WAN

    Scheduled Pinned Locked Moved Routing and Multi WAN
    3 Posts 2 Posters 92 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I Offline
      itnl
      last edited by

      Hi,
      Is it possible to use additional IP addresses from a subnet (/30) that is assigned via a PPPoE account on the WAN port, on a separate interface?
      The goal is to use these IP addresses without NAT, so the public IP can be assigned directly.
      We are currently using a DrayTek where this works via the routed subnet configuration.
      Does anyone have experience with a similar setup on other equipment?
      We need to make this public IP address available to a third party that does not want to use NAT.

      SteveITSS 1 Reply Last reply Reply Quote 0
      • SteveITSS Offline
        SteveITS Rebel Alliance @itnl
        last edited by

        @itnl sure if they route that subnet to your WAN IP.
        https://docs.netgate.com/pfsense/en/latest/recipes/route-public-ip-addresses.html

        To upgrade, select your branch in System/Update/Update Settings. When upgrading, allow 10-15 minutes to reboot, or more depending on packages, CPU, and/or disk speed.
        Only install packages for your version of pfSense.
        Upvote 👍 helpful posts!

        1 Reply Last reply Reply Quote 0
        • I Offline
          itnl
          last edited by

          We found an undocumented solution by doing our own investigation.
          It works by creating an interface that has the same IP address (.30) as the one assigned to you by PPPoE on your WAN.
          Note: configure this before PPPoE becomes active; otherwise, you won’t be able to set the address.
          Next, disable NAT for traffic originating from this interface and create a firewall rule for incoming traffic on the interface with the public IP you are using as the destination.

          You can now use a public IP address on the host behind the DMZ you just created.
          As the gateway, use the WAN address that is also configured on your DMZ port.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2026 Rubicon Communications LLC (Netgate). All rights reserved.