Feature request

Description

In the documentation for users that are using our pfsense recommendations - we advocate for the removal of DHCP on the LAN interface and walk the user how to setup the admin workstation for a static address.

This is un-necessary from a security perspective and adds extra manual configuration steps for the administrator. Not to mention that it also requires the admin to toggle this IP setting off and on if they are trying to utilize the admin workstation off-site.

The documentation should be updated to:

• advocate leaving DHCP on the LAN interface
• updating the firewall rule alias section to refer to the admin_workstation as the DHCP pool range

I was originally going to suggest we shorten the pool to only a single address (the proposed admin_workstation address of 10.20.1.2 and shorten the DHCP lease time) - but really I think this is just an annoying extra step that doesnt add any value. So I'd like some feedback on that respect.

User Stories

As an administrator, I would like to shorten the manual steps necessary under the network firewall configuration documentation.

Still worth considering; note that SSH-over-LAN support was added after this issue was filed, and we'd have to carefully test that any change to the recommended network configuration works in all possible system states.

Does this complicate the setup for the SG-3100 router, though? Where the admin workstation and app server share the same vlan, one would have a static IP, the other would be using DHCP, sounds sus.