PfSense as PPPoE mini-isp ?

  • Hi,

    we're looking to set up a pfsense box to essentially run as a mini-isp for a business park.  Currently our thinking is to get our backbone provider to give us a 100mb synchronous circuit with 32 public IP addresses, which we then want to route to the tenants on the business park.

    The PPPoE server seems ideal for this, but I can find VERY little useful info on it, especially when it comes to assigning public IP addresses to the PPPoE clients, rather than a 192.168.x.x or 172.16.x.x address.  We don't want pfsense to NAT ANYTHING - just pass all traffic for the associated IP to the WAN interface of the downstream router, which the tenant is responsible for, so that we don't have to get involved in maintaining firewall rules.

    Is the PPPoE server capable of this - I guess it's very similar to some WISP setups, but they all seem to use private IP's.

    All advice appreciated.


  • You can replace the private IP with public IP if you are using the local authentication.

    Or using radius to assign an IP address to client, this would be better than the local authentication because you can also have usage report from radius.

    One think it cant do now is set a rate limit/speed limit by radius attribute on the PPPoE, tried a few option but all didn't work. You can achieve this by setting up a limiter on the shaper and apply a firewall rule using the limiter per client.

    You will be using the PPP radius attribute instead of the WISP.

    And dont forgot to turn off the outbound NAT for the PPPoE or it will still go via your PFsense WAN IP.

Log in to reply