The separate network is understandable, but is the different subnet a must-have requirement? If not, consider setting up your pfsense box as a transparent firewall. Only permit local gateway and Internet traffic in and out, and run DHCP on your side with a non-overlapping scope.
"No battle plan survives contact with the enemy." - Field Marshal von Moltke