Thanks for the reply Freppa!
I figured out I need to enable NAT and got that working, kinda.
The machines in the subnet can ping and resolve DNS perfectly - but no websites load and I honestly don't know why.
There's no firewall enabled, just the NAT masquerade:
nat {
rule 5000 {
description mate
log disable
outbound-interface pppoe0
protocol all
source {
address 192.168.2.0/24
group {
}
}
type masquerade
}
}
