From securityrouter.org, an OpenBSD-based firewall
Jump to: navigation, search

In some countries it's common to tunnel internet (IP) traffic over PPPoE, instead of using Ethernet directly.

PPPoE client

In case your internet service provider (ISP) requires you to use PPPoE in order to connect to the internet, adjust your configuration according to the example below.

This is not a complete example, but rather an inspirational template. Text highlighted in green is what has to be added, with regards to the default configuration.

interface em0 {
	group "wan"
	interface pppoe0 {
		group "wan"
		user "[email protected]"
		password "ABC123"

By default, authentication uses protocol chap (pap is also available).

Interface addresses may be specified. The default is address which implies that any address suggested over the PPPoE negotiation will be accepted. If no addresses is specified a default route route default will be created as well.

If the MTU is not changed on the PPPoE interface, an automatic rule is created to fix a max-mss issue[1] that may occur.

PPPoE server

At this time we have no official support for npppd[2] (PPPoE server) in the web admin or configuration. If you need this you'll need to enable root access and configure it manually.