First configure the one port VDSL modem, then configure pfSense. These steps may also be a useful reference for configuring other Firewall's based on Linux or other.
But first things first.
Configure the Netgear DM200
The Netgear DM200 is a very basic 1 port VDSL modem. You can buy one from our online store.
Open the box etc. But before you plug in the "phone" line, you must upgrade the firmware first. Versions prior to V22.214.171.124 will cause NBN to block your port.
You will need V126.96.36.199 or better to connect to any provider who uses VLAN's in their configuration (TPG and others).
There is no reason not to install whatever is the latest version. Download it from the Netgear website.
First, upgrade firmware as follows
Plug a computer into the LAN port of the modem, and the modem will provide an IP address via DHCP.
Use a browser to connect to http://192.168.1.1
Note: the menus can be a bit slow as the DM200 is very low end. It's perfect as a bridging modem though.
The modems default username and password are admin and password respectively.
Click the Advanced tab, click to expand the Administration drop down on the left hand side, then click Firmware Upgrade. Follow the steps.
Now, configure the modem for bridge mode
When firmware upgrade is complete, again in the Advanced tab, click to expand the Setup drop down on the left hand side, then click Internet Setup. Ensure the mode DHCP is set as the modem will get confused when set to bridge if previously set to PPPoE.
Then click LAN Setup from the same menu, set the modems IP range to something that doesn't clash with your LAN, disable DHCP.
Tip: Label the modem with the IP address you just gave it for later reference.
In the Advanced tab once again, click the Device Mode option. Set the Device Mode option to Modem (Modem only).
Tick the Passthrough VLAN option. Even if your ISP doesn't use VLANs it won't hurt.
You can now plug the modem into the "phone" line. Do so.
You can probably find your ISP specific settings on this reference: http://whirlpool.net.au/wiki/fttn_registered_modem_router#vdsl2_modem_routers_isp_settings
Your ISP uses IPoE
Some ISP's just use IPoE, which is excellent.
In which case your pfSense firewall, for which WAN is set to DHCP by default, should just work when the VDSL modem is in bridge mode (as above).
In theory an ISP might use IPoE with a VLAN, but none are known at this time. Please contact us if yours does this and we will gladly expand this guide for you.
ISP uses PPPoE without VLAN's (i.e. Exetel)
Just create a normal PPPoE interface like you would with ADSL. Set the MTU to 1492 if you want to be specific but it should automatically detect.
Note1: for TPG FTTN you **must** set MTU to 1500 or PPPoE wont connect.
Note2: for TPG FTTN you **must** set MSS to 1492 (or less) otherwise large frames will be sent and dropped - resulting in extreme packet loss.
If your ISP also has a "VLAN" setting, read on.
ISP uses PPPoE VLAN's (i.e. TPG)
The steps are as follows: first create the PPPoE interface as normal (see above), for TPG ensure MTU is 1500. Second, we create a VLAN in pfSense, then finally have PPPoE use it.
Click Interfaces then select (assign). In the page that appears click the VLANs tab.
Click "+ Add" to create a new one
Select the Parent interface, probably em0 (it will be if you use a Deciso device from our online store).
Enter the VLAN Tag (aka VLAN ID or VLAN Number) as per your ISP requirements. For TPG this is VLAN 2.
Having VLAN Priority of 0 is fine.
Set the description to something like "TPG VLAN2"
Change PPPoE to use VLAN interface
From above you should still be in the Interfaces page. So click the PPPs tab, then click the Pencil icon "Edit PPP Interface" for the pppoe1 (or whichever) Interface.
Now you're on the PPP Configuration page. Select from the Link Interface(s) list, your new VLAN interface. It will be called something like "em0_vlan2 - TPG VLAN2"
The WAN interface of your pfSense Firewall should now connect to your ISP almost instantly.
Recommended: Create an interface to administer the Modem
Click Interfaces then select (assign). In the page that appears select from the Available network ports list the interface that your modem is attached to, then click "+ Add".
Enable the interface. Description of the interface might be something like "MODEM" or "EM0MODEM", IPv4 should be static, then set the IP address and range to match the modems (recall that you changed it before)
Now click Firewall and select NAT. Select the Outbound tab and add new rules for your LAN to NAT in to the modem network. As the modem wont know how to return traffic to your LAN.
Now from your LAN, you can admin your modem and see how your signal is doing etc.
If these steps have helped you, please put a 5 star review on our Facebook page
By using the above links or codes when signing up, we get a tiny commission and as your dealer can assist you with configuration problems etc.
If you need something faster, we can also provide recommendations for faster and higher SLA services available in your area.