Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Configuring ADSL + PFsense

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      stilez
      last edited by

      New to PFsense (and can't wait to get it fully operational!)

      I have a UK ADSL connection with a block of static public IPs and a mATX based PFsense router ready to go. I need to configure my old router to handle the ADSL but leave all the routing/firewall/NAT functions to PFsense.  I have a Draytek 2820 and an older Zyxel P660H-D1, both of which are ADSL routers capable of handling multiple public IPs and PPPoE; the Draytek can also handle bridging. I think they can pass public IPs through on PPPoA but not sure how that works on them. Both are underpowered for my workload and shouldn't be doing more than ADSL-Ethernet bridging, ADSL authentication, and forwarding packets unfiltered and un-NATted between the ISP and PFsense, so the ADSL router won't run out of sessions/CPU/memory. All other computers are connected normally via a switch on the LAN side of the PFsense box - nothing complicated.

      My questions:

      • Guides suggest using the ADSL router in full bridging mode and PPPoE authentication on PFsense, which treats the router as a "dumb modem" with a PPPoE connection. Is that correct?

      • My ISP has an IP block not a single IP. Is this a problem?

      • I'm not sure if the ADSL router is then secure from probing/attacks from the ISP side and how to lock it down, or how to monitor its ADSL connection status and line data if there's a problem (which we often get here), since the admin interface probably becomes inaccessible.

      Assistance appreciated!

      1 Reply Last reply Reply Quote 0
      • B
        biggsy
        last edited by

        Probably the main reason for setting the ADSL router to bridging mode (apart from any performance benefit) is that it avoids double NAT.

        I can't answer your question about the IP address block - I only have a single IP.

        With the modem in bridge mode, pfSense gets the IP address(es) so your ADSL modem should be untouchable from the ISP/Internet side.  It would also be unreachable from your pfSense box.  My old modem allows me to treat its ethernet and USB connections separately, so I can always attach a laptop to the modem for management.

        Hope that helps.

        1 Reply Last reply Reply Quote 0
        • B
          biggsy
          last edited by

          This sounds like it might be applicable to your situation:

          http://forum.pfsense.org/index.php/topic,5253.0.html

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.