bradwindy · January 19, 2025 20:14
diff --git a/guide.txt b/guide.txt
 Edgerouter X 2Degrees PPPoE WAN IPv4 + IPv6 Setup Steps:


 Chapter 1 - The Basics:
 1) Connect computer to eth0
 2) Set computer to have a static/manual IP connection over this ethernet connection with the following settings:
 	- IP addr: 192.168.1.2
 	- Subnet: 255.255.255.0
 	- Router/gateway: 192.168.1.1
 3) Navigate to 192.168.1.1 in a browser
 4) Login with the details ubnt/ubnt
 5) Do not start default wizard when prompted, instead go to the wizards tab at the top right
 6) Choose WAN+2LAN2
 7) Fill out the details accoring to your network, some things to keep in mind for this specific setup are:
 	- Choose PPPoE and enter your connection details from 2Degrees
 	- Connection is on VLAN with an ID of 10
 	- Do NOT enable default IPv6 firewall or DHCPv6 PD, we will do this later, they cause issues early on.
 	- Create a new admin user with a solid password as per best security practices, do not use default user
 8) Apply changes and reboot
 9) Re-plug the ONT/modem into eth0, and your computer into it's normal place
 10) Go back to your computer's connection settings and change your IPv4 configuration back to using DHCP
 11) You should now have internet access over IPv4


 Chapter 2 - IPv6: 
 1) Navigate to your gateway IP address, in my case, I configured this in setup to 10.0.0.1
 2) Login with new details
 3) Using the action buttons on the right of the dashboard tab, change MTU on eth0 and eth0.10 to 1508, and MTU on pppoe0 to 1500
 4) You now have two places you could enter the following. Either in the CLI, using the button up the top right of the web interface, or over an ssh connection. I choose the later for better responsiveness.
 5) Start by running the following commands to hardware offload some processing:

 ```
 configure
 set system offload hwnat enable
 set system offload ipsec enable
 commit
 save
 ```

 6) Configure IPv6:

 ```
 set interfaces ethernet eth0 vif 10 pppoe 0 ipv6 enable
 edit interfaces ethernet eth0 vif 10 pppoe 0 dhcpv6-pd pd 0
 set prefix-length /56
 set interface switch0 host-address ::1
 set interface switch0 prefix-id :0
 set interface switch0 service slaac
 top
 set interfaces ethernet eth0 vif 10 pppoe 0 dhcpv6-pd prefix-only
 set protocols static interface-route6 ::/0 next-hop-interface pppoe0
 commit
 save
 ```

 7) Create IPv6 firewall rules by entering the following:

 ```
 edit firewall ipv6-name WAN6_IN
 set default-action drop
 set rule 10 action accept
 set rule 10 description "allow established"
 set rule 10 protocol all
 set rule 10 state established enable
 set rule 10 state related enable
 set rule 20 action drop
 set rule 20 description "drop invalid packets"
 set rule 20 protocol all
 set rule 20 state invalid enable
 set rule 30 action accept
 set rule 30 description "allow ICMPv6"
 set rule 30 protocol icmpv6
 top
 edit firewall ipv6-name WAN6_LOCAL
 set default-action drop
 set rule 10 action accept
 set rule 10 description "allow established"
 set rule 10 protocol all
 set rule 10 state established enable
 set rule 10 state related enable
 set rule 20 action drop
 set rule 20 description "drop invalid packets"
 set rule 20 protocol all
 set rule 20 state invalid enable
 set rule 30 action accept
 set rule 30 description "allow ICMPv6"
 set rule 30 protocol icmpv6
 set rule 40 action accept
 set rule 40 description "allow DHCPv6 client/server"
 set rule 40 destination port 546
 set rule 40 source port 547
 set rule 40 protocol udp
 top
 set interfaces ethernet eth0 vif 10 pppoe 0 firewall in ipv6-name WAN6_IN
 set interfaces ethernet eth0 vif 10 pppoe 0 firewall local ipv6-name WAN6_LOCAL
 commit
 save

 ```

 8) Reboot and you should be good to go. Don't forget any static IP allocation or port forwarding you may need to set up!
	Edgerouter X 2Degrees PPPoE WAN IPv4 + IPv6 Setup Steps:


	Chapter 1 - The Basics:
	1) Connect computer to eth0
	2) Set computer to have a static/manual IP connection over this ethernet connection with the following settings:
	- IP addr: 192.168.1.2
	- Subnet: 255.255.255.0
	- Router/gateway: 192.168.1.1
	3) Navigate to 192.168.1.1 in a browser
	4) Login with the details ubnt/ubnt
	5) Do not start default wizard when prompted, instead go to the wizards tab at the top right
	6) Choose WAN+2LAN2
	7) Fill out the details accoring to your network, some things to keep in mind for this specific setup are:
	- Choose PPPoE and enter your connection details from 2Degrees
	- Connection is on VLAN with an ID of 10
	- Do NOT enable default IPv6 firewall or DHCPv6 PD, we will do this later, they cause issues early on.
	- Create a new admin user with a solid password as per best security practices, do not use default user
	8) Apply changes and reboot
	9) Re-plug the ONT/modem into eth0, and your computer into it's normal place
	10) Go back to your computer's connection settings and change your IPv4 configuration back to using DHCP
	11) You should now have internet access over IPv4


	Chapter 2 - IPv6:
	1) Navigate to your gateway IP address, in my case, I configured this in setup to 10.0.0.1
	2) Login with new details
	3) Using the action buttons on the right of the dashboard tab, change MTU on eth0 and eth0.10 to 1508, and MTU on pppoe0 to 1500
	4) You now have two places you could enter the following. Either in the CLI, using the button up the top right of the web interface, or over an ssh connection. I choose the later for better responsiveness.
	5) Start by running the following commands to hardware offload some processing:

	```
	configure
	set system offload hwnat enable
	set system offload ipsec enable
	commit
	save
	```

	6) Configure IPv6:

	```
	set interfaces ethernet eth0 vif 10 pppoe 0 ipv6 enable
	edit interfaces ethernet eth0 vif 10 pppoe 0 dhcpv6-pd pd 0
	set prefix-length /56
	set interface switch0 host-address ::1
	set interface switch0 prefix-id :0
	set interface switch0 service slaac
	top
	set interfaces ethernet eth0 vif 10 pppoe 0 dhcpv6-pd prefix-only
	set protocols static interface-route6 ::/0 next-hop-interface pppoe0
	commit
	save
	```

	7) Create IPv6 firewall rules by entering the following:

	```
	edit firewall ipv6-name WAN6_IN
	set default-action drop
	set rule 10 action accept
	set rule 10 description "allow established"
	set rule 10 protocol all
	set rule 10 state established enable
	set rule 10 state related enable
	set rule 20 action drop
	set rule 20 description "drop invalid packets"
	set rule 20 protocol all
	set rule 20 state invalid enable
	set rule 30 action accept
	set rule 30 description "allow ICMPv6"
	set rule 30 protocol icmpv6
	top
	edit firewall ipv6-name WAN6_LOCAL
	set default-action drop
	set rule 10 action accept
	set rule 10 description "allow established"
	set rule 10 protocol all
	set rule 10 state established enable
	set rule 10 state related enable
	set rule 20 action drop
	set rule 20 description "drop invalid packets"
	set rule 20 protocol all
	set rule 20 state invalid enable
	set rule 30 action accept
	set rule 30 description "allow ICMPv6"
	set rule 30 protocol icmpv6
	set rule 40 action accept
	set rule 40 description "allow DHCPv6 client/server"
	set rule 40 destination port 546
	set rule 40 source port 547
	set rule 40 protocol udp
	top
	set interfaces ethernet eth0 vif 10 pppoe 0 firewall in ipv6-name WAN6_IN
	set interfaces ethernet eth0 vif 10 pppoe 0 firewall local ipv6-name WAN6_LOCAL
	commit
	save

	```

	8) Reboot and you should be good to go. Don't forget any static IP allocation or port forwarding you may need to set up!