#### Sample CLI template for EdgeRouter UFB configuration (VID=10+PPPPoE)
#### EdgeRouter firmware rev 1.7 or above (requires hardware offloading for pppoe & vlan for full Gb circuits)
bove (requires hardware offloading for pppoe & vlan for full Gb circuits)
#### Please adjust the details for the PPPoE auth
#### PPPoE PASSWORD = set interfaces ethernet eth2 vif 10 pppoe 0 password some_password
#### PPPoE UserName = set interfaces ethernet eth2 vif 10 pppoe 0 user-id username@isp.something
configure top set firewall all-ping enable set firewall broadcast-ping disable set firewall conntrack-expect-table-size 4096 set firewall conntrack-hash-size 4096 set firewall conntrack-table-size 32768 set firewall conntrack-tcp-loose enable set firewall ipv6-receive-redirects disable set firewall ipv6-src-route disable set firewall ip-src-route disable set firewall log-martians enable set firewall modify pppoe-out rule 10 action modify set firewall modify pppoe-out rule 10 modify tcp-mss 1412 set firewall modify pppoe-out rule 10 protocol tcp set firewall modify pppoe-out rule 10 tcp flags SYN set firewall name WAN_IN default-action drop set firewall name WAN_IN description 'WAN to internal' set firewall name WAN_IN rule 10 action accept set firewall name WAN_IN rule 10 state established enable set firewall name WAN_IN rule 10 state related enable set firewall name WAN_IN rule 20 action drop set firewall name WAN_IN rule 20 state invalid enable set firewall name WAN_LOCAL default-action drop set firewall name WAN_LOCAL description 'WAN to router' set firewall name WAN_LOCAL rule 10 action accept set firewall name WAN_LOCAL rule 10 state established enable set firewall name WAN_LOCAL rule 10 state related enable set firewall name WAN_LOCAL rule 20 action drop set firewall name WAN_LOCAL rule 20 state invalid enable set firewall receive-redirects disable set firewall send-redirects enable set firewall source-validation disable set firewall syn-cookies enable set interfaces ethernet eth0 address 192.168.1.1/24 set interfaces ethernet eth0 description Local set interfaces ethernet eth0 duplex auto set interfaces ethernet eth0 speed auto set interfaces ethernet eth1 duplex auto set interfaces ethernet eth1 speed auto set interfaces ethernet eth2 duplex auto set interfaces ethernet eth2 firewall in name WAN_IN set interfaces ethernet eth2 firewall local name WAN_LOCAL set interfaces ethernet eth2 speed auto set interfaces ethernet eth2 vif 10 pppoe 0 default-route auto set interfaces ethernet eth2 vif 10 pppoe 0 firewall in name WAN_IN set interfaces ethernet eth2 vif 10 pppoe 0 firewall local name WAN_LOCAL set interfaces ethernet eth2 vif 10 pppoe 0 firewall out modify pppoe-out set interfaces ethernet eth2 vif 10 pppoe 0 mtu 1492 set interfaces ethernet eth2 vif 10 pppoe 0 name-server auto set interfaces ethernet eth2 vif 10 pppoe 0 password some_password set interfaces ethernet eth2 vif 10 pppoe 0 user-id username@isp.something set interfaces loopback lo set service dhcp-server disabled false set service dhcp-server shared-network-name LAN1 authoritative enable set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 default-router 192.168.1.1 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 dns-server 192.168.1.1 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 lease 86400 set service dhcp-server shared-network-name LAN1 subnet 192.168.1.0/24 start 192.168.1.21 stop 192.168.1.240 set service dns forwarding cache-size 150 set service dns forwarding listen-on eth0 set service dns forwarding listen-on eth1 set service gui https-port 443 set service nat rule 5010 log disable set service nat rule 5010 outbound-interface pppoe0 set service nat rule 5010 protocol all set service nat rule 5010 type masquerade set service ssh port 22 set service ssh protocol-version v2 set system host-name ubnt set system login user ubnt authentication encrypted-password '$1$zKNoUbAo$gomzUbYvgyUMcD436Wo66.' set system login user ubnt level admin set system ntp server nz.pool.ntp.org set system ntp server pool.ntp.org set system offload ipv4 pppoe enable set system offload ipv4 vlan enable set system syslog global facility all level notice set system syslog global facility protocols level debug set system time-zone Pacific/Auckland commit save exit