TPG Community

Get online support

Steps I used to connect Ubiquiti EdgeRouterX to TPG NBN FTTC

S-Davey
Level 3

This is not a question, rather it's my attempt to record the steps that I took to use my preferred modem.

 

I am a new TPG NBN customer, previously using ADSL2+ with TPG.

 

My home has Fibre to the Curb (FTTC).

As part of the TPG plan, I was supplied with an NBN box that provides power to the NBN fibre adapter in the telecoms pit near my house and also with a pre-configured TP-Link Archer 1600 VDSL capable modem / router / wifi point.

 

In order to connect to the NBN box using FTTC it's necessary to have a PPPoE connection. This is different from some other NBN connections, some instead require a simple Ethernet connection to request a DHCP IP address.

 

Initially, I connected with the pre-configured TP-Link Archer 1600 gateway. That worked, but I prefer the functionality of the Ubiquity EdgeRouterX (https://www.ui.com/edgemax/edgerouter-x/). Unlike many devices, this device's 5 Ethernet ports are separate interfaces. It's not just a 4 port switch with a WAN port, it can support 5 separate subnets, more if used with other VLAN aware equipment.

 

I could have simply used the Archer TP-Link as a gateway, turned off the wireless radios, then configured the WAN port of the Unbiquiti EdgeRouterX to have a fixed IP address in the Subnet the TP-Link was providing. Indeed, that's what I did initially until I figured out how to make the EdgeX directly connect to the NBN box.

 

Now that I've got that working, it's a slightly cleaner configuration. I may decide to use the TP-Link later as a wireless access point, but for now I'm just leaving it turned off to save power. It seems to get VERY hot when both wireless bands are turned on, so I'm assuming it's quite power hungry.

 

In case anyone else wants to use a Ubiquity EdgeRouterX to connect to the NBN box with FTTC with TPG, here's the steps you need to go through. I can't promise this will work for everyone, but it's working for me for a few days now.

 

---------------------------------------------------------------------------------------------------------------------------

 

Assumptions Made

------------------------

 

I am assuming you are using ETH0 as the WAN interface on the EdgeX.

I assume you initially used one of the wizards to create a sensible default configuration for the EdgeX. I myself used "WAN + 2LAN", then I re-configured it to remove the switch and effectively set up what I'd call "WAN + 4 LAN"

I assume you previously had ETH0 connected to some subnet as a WAN, such as I was doing using the TP-Link Archer 1600.

I assume you have some familiarity with the GUI of the EdgeX. Luckily you don't need to use the command like to do this.

 

Steps:

--------

 

  1. Directly connect ETH0 on the EdgeX to the NBN box with a suitable Ethernet cable.

 

  1. On the "Dashboard" screen of the EdgeX GUI, change ETH0 away from any IP address assignment to have an address of "no address". I was previously assigning it a static IP of 192.168.1.240, so it could work behind the TP-Link Archer 1600, which defaulted to a 192.168.1.x /24 subnet. So I removed that fixed IP address from ETH0. Leave other settings alone - e.g. the MTU can stay on 1500.

 

  1. Again on the dashboard screen, choose the "Add Interface" Button and choose to add a VLAN. Normally when setting up VLANS, we add VLANs to the LAN ports (ETH1 through 4), but here we are adding a VLAN with ID 2 to ETH0.

 

This step was one I didn't figure out for myself - I learned about this step from this web page: https://forums.whirlpool.net.au/archive/3rpmnwp3. A posting by "Silent Dog", near the end of that page. So the key parameters in this dialogue box are:

 

(a)VLAN ID of 2

(b) that the parent interface be ETH0.

(c) That the "Address" be "Use DHCP".

Other settings are less strict, but I kept an MTU of 1500.

 

  1. Now we can add the PPPoE connection. The mistake I was making to start with was that I added the PPPoE connection under ETH0. Instead, now that we have created the VLAN with ID2 underneath ETH0, we can now add the PPPoE connection under ETH0.VLAN2. To do this, we again choose "Add Interface" under the Dashboard screen. Then use these parameters:

 

(a) PPPoE ID = 0. This IS NOT the VLAN ID. Previously I thought it was the same, it's not. Set it to Zero.

(b) Interface = "eth0.2", so NOT "eth0", that would be the ETH0 interface, but not on VLAN2. We MUST use "eth0.2" to use the right VLAN ID that we created in Step #3. With other providers (say Telstra, iiNet...) the VLAN ID is likely to be different.

(c) Account name = My TPG account name. To my surprise, I could use just the username, without @TPG.com.au on the end.

(d) Password…. but in fact it seems anything works, even a blank password !

(e) MTU must be at least 8 less than that for ETH0 and for ETH0.VLAN2, so I picked 1492. I'm not certain that's optimal, but it works.

 

At this point, you may notice that the PPPoE interface of your EdgeX has a public IP address (e.g. 220.x.x.x). If you don't have that, there might be a problem. However even if you do see your address, there's still a step or two to perform. Don't stop here.

 

  1. Now we must change the rules for WAN Masquerade. I didn't do this initially and I couldn't connect to any web pages. Eventually, with a fair bit of TRACERT work, I figured out what I was missing.

 

To change the WAN Masquerade settings, we must go away from the Dashboard Tab, over to the "Firewall/NAT" tab. Then on that tab, in to the sub-tab of "NAT". Under that tab, we see one existing NAT rule, named "masquerade for WAN". Choose from the "actions" button at the right side of the screen, Choose "Config", now in this dialogue box, you will see the WAN Masquerade interface is "eth0". Change this to be "pppoe0". If you don't perform this step, you will be connected to the internet, but no traffic you send out will ever be returned properly. So you will have an IP address, but you can't browse to any websites, or PING anything. Basically this allows replies coming back from the internet to be properly returned through NAT.

 

  1. If you want to do port forwarding (as I do), you need to now visit the "Port Forwarding" sub-tab, on he "Firewall/NAT" tab. Here there is an option to pick which WAN Interface is used. This needs to change from "eth0" to "pppoe0", because the WAN interface is now that, not ETH0 as it used to be for most configurations. If you don't do this, outgoing internet connections will be fine, but external connections in (e.g. a VPN) won't work. These incoming connections are critically important to me, that's why I am paying extra for a static IP address.

---------------------------------------------------------------------------------------------------------------------------

 

I hope that's helpful for someone else.

Kind regards.

S.Davey.

 

10 REPLIES 10
Anonymous
Not applicable

Hey @S-Davey ,

 

Thank you for sharing this awesome guide. This is very helpful for the community.

 

Cheers!

markemcd
Level 2

Thanks for your help.  Fantastic.

Big caution here!  The config posted will open your internal network to the internet unless you also reconfigure the firewall to us the ppoe0 interface.

You can test at the GRC site "Shields Up" which will attempt to probe your IP address to confirm it is blocking inbound connection attempts.

https://www.grc.com/x/ne.dll?bh0bkyd2

P-Drinan
Level 2

I had to sign up to give you a big thank you

kazakovdp
Level 2

Strangely enough, my TPG NBN FTTC connection works only with pppoe0 pointing to eth0, but doesnt work though created VLAN2 (eth0.2).
It was set up pppoe0 -> ETH0 from day one, on ER-X. I only tried your instruction in attempts to fix PPPOE0 interfase always shows status "disconnected" and not displaying external IP, but internet works fine. 
Any idea what could cause it?
Thanks, Dmitry

BasilDV
Moderator

Hi @kazakovdp

 

Do you know if you are under the Bundled NBN with VoIP service or the NBN Data only plan?

 

If bundled, then VLAN is required. If not, then the normal configuration with PPPoE connection type is sufficient for the service to work.

 

BasilDV

Maunder
Level 2

S, Davey,

 

Your documentation was golden. There was no way that I would have cracked this. I needed a VLAN of 2 & the pppoe0 to make this work.

 

I am now trying to get PPTP to work but am failing. If you have cracked this, would you mind outlining the steps to get this to work? I have an external static IP.

john

S-Davey
Level 3

Hi MarkemCD.

Thank you for raising that point. I did indeed have a firewall configured and I use shields up whenever making changes like this. Very good points though.

 

I'm glad the posting was helpful.

S-Davey
Level 3

HI kazakovdp, I'm sorry for the long delay replying.

I'm sorry, I never saw the type of issue you described. I hope you managed to get to the bottom of it.

S-Davey
Level 3

Hi John,

I'm really glad the post was helpful.

 

Regarding PPTP - do you mean you are trying to host a VPN server (e.g. OpenVPN) on a machine behind the router ? Or are you trying to set up the PPTP on the router itself ?

 

I did briefly try setting it up on the router, but I was unable to make it work. So since I have a server behind the router, I just run open VPN on that and open up UDP port 1194 in the routers firewall. On the computer hosting the open VPN, I only allow a specific whitelist of source IP addresses to connect, mainly those obtainable when I'm on a Telstra 5G network, as my primary use case for the VPN is when I've tethered my phone to my laptop.

 

If you ever managed to get PPTP on the router working, I'd be most interested to hear what you did and how well it works.

Kind regards.