Our users connect to other sites through the private MPLS under the following set-up. Now we would like to allow the users to surf the Internet by purchasing the Internet service. To secure our local network, we plan to set up the pfSense firewall and connect it to our local network as below:
Subnet: 192.168.1.0/24
PCs --> switch --> Layer-3 switch --> Router --> Private MPLS
|
|--> pfSense --> ISP Router --> Internet
Is our set-up correct? Is it possible to allow PC users to access the Internet via pfSense without setting up a proxy server? (we try to avoid it because some applications may not work under proxy)