I just received the unit today. It came with 6.3.3 and I upgraded it to 7.0.0.
My network topology for testing is: I have 5 public IP address which I assigned an unused on the Pepwave’s WAN ethernet port (networked A). I have a wired network siting behind a pfSense setup (Network B). I ran my my network tests from Network B -> A.
First: I was disappointed to find the default ingress rules was allow everything.
Second: I found that the the WAN firewall rule only appears to configure for ‘Deny’ and there is no ‘Drop’ option. The different is Deny results in an ICMP respose of connection refused. Drop is basically a ‘stealth’ mode. Stealth mode is preferred. However, so far, ports >= are resulting in ‘Connection timed out’ which is desired.
Formally, I had a Netgear WNDR3700 running WW-DRT behind the pfSense fireware. However, I really wanted the wireless network on its own trunk and have my two laptops VPN to the other networks as needed. But the lack of stealth mode is deal breaker.