I’ve read everything, tried it and it’s not worth it, it doesn’t work.
I have fixed IP address, My ISP does not allow the router to switch in bridge mode. I put the WAN address from pFsense in the DMZ.
In pfSense I opened the port in both the WAN and LAN sections. On 10.10.10.10 I have an Unraid server with qBittorrent. And at 192.168.1.254 is the address of the ISP router.
You’ll have to tunnel out one way or another. If I were in your shoes I would stand up a wireguard server in the cloud and make that my home router’s default gateway - basically, route everything through that tunnel.
This also has the added benefit of improved privacy. Something I have considered for myself even without CGNAT.
I had a similar situation with my ISP. Ultimately I cloned the MAC address on the WAN port of their router to the WAN port on my pfSense router. Then the ISP’s ONT communicated flawlessly with my pfSense box and I repurposed the ISP router. May not be relevant to your situation, but I hope this helps someone somehow.
I could change my ISP provider. The new one offers me a bridge mode on the router and getting an IPOE connection. Would that solve the problems. I know it used to be a pppoe connection so this bugs me a bit.
