After a bit of poking around in various manuals, I found that it is possible to put the modem in bridge mode, effectively allowing the pfSense firewall to do the PPPoE connection. I prefer this method to having the modem be a firewall and the second firewall just act as a pass-through - it seems less flexible to me. But this raised a somewhat sacrilegious question in my head.
With the way modern modems run cut-down free operating systems to do their firewalling and administration, is it necessary for me to have a separate firewall running another free operating system in order to get the functionality I want? My old Belkin Wifi AP, for instance, allowed two WPA pass-phrases - one for 'full network access' and one that could only access the internet; pfSense only has one, that gives full network access. The NetComm's advanced setup was as sophisticated as anything I've seen from pfSense or Smoothwall, albeit without the neat graphs and SSH access. Should I be paying an extra $450 for a separate piece of kit where a $100 modem has the same functionality?
All posts licensed under the CC-BY-NC license. Author Paul Wayper.