I’ve just noticed a little issue when configuring a new RB2011UAS-2HnD-IN (ROS 5.25) with QuickSet in Winbox as a basic SOHO router with PPPoE client on ether1 WAN port - it insists on setting up PPPoE on the SFP port (even with no SFP module present), ether1 doesn’t work by default (it does for DHCP, but not for PPPoE). Easy to fix after QuickSet by changing the PPPoE client settings manually to use the correct WAN port (change sfp1-gateway to ether1-gateway), but then QuickSet gets confused if later used again (adds a second PPPoE client, turns off NAT). No big problem really, but might be worth fixing for the next release. I haven’t tested it, but I’ve seen the PPPoE client allows more than one interface to be specified (if that doesn’t work, just add sfp1 and ether1 to a bridge and ron PPPoE on top of that).
EDIT: one more issue with QuickSet and PPPoE - the default firewall rules are insecure for PPPoE, as they drop input (traffic to the router itself) from sfp1-gateway or ether1-gateway, but not from pppoe-out1. It would be better to accept input from bridge-local, and drop by default (from any other interface) if not ICMP. Might be a good idea to optionally allow input from specified address/mask (remote management) though. All of this can be configured manually of course, but the point of QuickSet is to avoid such manual configuration in typical simple cases, and this is basic functionality in cheap TP-Link SOHO routers for example. Leaving the device open for remote management and not necessarily protected with a strong admin password is especially risky. The next day after installation, I’ve seen lots of failed ssh login attempts, and that’s what made me look at the QuickSet firewall rules more closely.
