Open Source Appliances
Cart 0

FTTN NBN with pfSense

First configure the one port VDSL modem, then configure pfSense. These steps may also be a useful reference for configuring other Firewall's based on Linux or other.

But first things first.

VDSL Modem

Configure the Netgear DM200

The Netgear DM200 is a very basic 1 port VDSL modem. You can buy one from our online store.

Open the box etc. But before you plug in the "phone" line, you must upgrade the firmware first. Versions prior to V1.0.0.36 will cause NBN to block your port.

You will need V1.0.0.44 or better to connect to any provider who uses VLAN's in their configuration (TPG and others).

There is no reason not to install whatever is the latest version. Download it from the Netgear website.

First, upgrade firmware as follows

Plug a computer into the LAN port of the modem, and the modem will provide an IP address via DHCP.

Use a browser to connect to http://192.168.1.1

Note: the menus can be a bit slow as the DM200 is very low end. It's perfect as a bridging modem though.

The modems default username and password are admin and password respectively.

Click the Advanced tab, click to expand the Administration drop down on the left hand side, then click Firmware Upgrade. Follow the steps.

Now, configure the modem for bridge mode

When firmware upgrade is complete, again in the Advanced tab, click to expand the Setup drop down on the left hand side, then click Internet Setup. Ensure the mode DHCP is set as the modem will get confused when set to bridge if previously set to PPPoE.

Then click LAN Setup from the same menu, set the modems IP range to something that doesn't clash with your LAN, disable DHCP.

Tip: Label the modem with the IP address you just gave it for later reference.

In the Advanced tab once again, click the Device Mode option. Set the Device Mode option to Modem (Modem only).

Tick the  Passthrough VLAN option. Even if your ISP doesnt use VLANs it won't hurt.

You can now plug the modem into the "phone" line.

pfSense

    You can probably find your ISP specific settings on this reference: http://whirlpool.net.au/wiki/fttn_registered_modem_router#vdsl2_modem_routers_isp_settings

    For home, check out the A10 Dual Core or A10 Quad Core appliances in Desktop profile.

    For business, check out the A10 Quad Core or the Xeon Quad Core Gen3 as Rackmount appliances.

      Your ISP uses IPoE

      Some ISP's just use IPoE, which is excellent.

      In which case your pfSense firewall, for which WAN is set to DHCP by default, should just work when the VDSL modem is in bridge mode (as above).

      In theory an ISP might use IPoE with a VLAN, but none are known at this time. Please contact us if yours does this and we will gladly expand this guide for you.

      ISP uses PPPoE without VLAN's (i.e. Exetel)

      Just create a normal PPPoE interface like you would with ADSL. Set the MTU to 1492 if you want to be specific but it should automatically detect.

      Note: for TPG FTTN you **must** set MTU to 1500

      Configure WAN for PPPoE

      If your ISP also has a "VLAN" setting, read on.

      ISP uses PPPoE VLAN's (i.e. TPG)

      The steps are as follows: first create the PPPoE interface as normal (see above), for TPG ensure MTU is 1500. Second, we create a VLAN in pfSense, then finally have PPPoE use it.

      Create VLAN

      Click Interfaces then select (assign). In the page that appears click the VLANs tab.

      Click "+ Add" to create a new one



      Select the Parent interface, probably em0 (it will be if you use a Deciso device from our online store).

      Enter the VLAN Tag (aka VLAN ID or VLAN Number) as per your ISP requirements. For TPG this is VLAN 2.

      Having VLAN Priority of 0 is fine.

      Set the description to something like "TPG VLAN2"

      Click Save

      Change PPPoE to use VLAN interface

      From above you should still be in the Interfaces page. So click the PPPs tab, then click the Pencil icon "Edit PPP Interface" for the pppoe1 (or whichever) Interface.



      Now you're on the PPP Configuration page. Select from the Link Interface(s) list, your new VLAN interface. It will be called something like "em0_vlan2 - TPG VLAN2"

      Click Save

      The WAN interface of your pfSense Firewall should now connect to your ISP almost instantly.

      Recommended: Create an interface to administer the Modem

      Click Interfaces then select (assign). In the page that appears select from the Available network ports list the interface that your modem is attached to, then click "+ Add".

      Enable the interface. Description of the interface might be something like "MODEM" or "EM0MODEM", IPv4 should be static, then set the IP address and range to match the modems (recall that you changed it before)

      Now click Firewall and select NAT. Select the Outbound tab and add new rules for your LAN to NAT in to the modem network. As the modem wont know how to return traffic to your LAN.

      Now from your LAN, you can admin your modem and see how your signal is doing etc.

       

      Disclosure

      We are dealers for both Exetel (Dealer BA1372) and TPG (Dealer NAUAAH).

      By using the above links or codes when signing up, we get a tiny commission and as your dealer can assist you with configuration problems etc.

      If you need something faster, we can also provide recommendations for faster and higher SLA services available in your area.



      Newer Post