Jed Laundry

I've just spent a few hours getting this going, and so I thought I'd write up a quick howto.

1. Install VirtualBox. Windows Virtual PC doesn't support starting machines as services, and I never really liked VMWare Server due to it's high overhead.

2. Created a virtual machine and install pfSense 1.2.3. Accept VirtualBox's default FreeBSD settings, except create 2 network cards (pfSense won't work without at least 2), both bridged to the physical network interface. Remember that the modem will run on a different IP address range (10.0.0.138), and so while using VLANs and actually separating the networks is an option, having everything on the same network won't do anything bad.

3. Now that pfSense is running, setup the Thomson ST536v6 to act as a PPTP server. This is so that pfSense will get the real, public internet connection with real-world IP address. Much nicer than having to use NAT or DMZ, and the Thomson does a nice job of this. Telnet into the modem (remember the default username is Administrator and password is blank) and run the following commands (which WILL destroy your current config).

Note: this forum post is mostly correct, but I kept getting an "Invalid phonebook destination name, phonebook is in use." error when trying to flush the ATM interface without first detaching it.

:system reset
:ppp relay flush
:eth flush
:atm ifdetach intf=atm_0_100
:atm flush
:ppp flush
:atm phonebook flush
:saveall
:atm phonebook add name=BrPPPoE_ph addr=0.100
:service system modify name=PPTP state=enabled
:saveall
:system reboot

1. After power cycling the modem, time to configure pfSense. Bind LAN to em0 and WAN to em1 (or vice-versa, doesn't matter). pfSense will take forever bringing up the WAN interface, because it's expecting a DHCP lease which isn't available. The LAN interface will start acting as a DHCP server, which is good, given you've just told your modem to stop doing that.

2. Login to the pfSense web UI. Under Interfaces, select WAN. Change the Type to PPTP. The Username and Password won't have any effect for Telecom ADSL connections ([email protected] and telecom work fine), but for UBS or LLU connections you'll need to use something specific. Set the Local IP address to 10.0.0.139/24 and the Remote IP address to 10.0.0.138 (which the modem should be listening on, as well as 192.168.1.254).

3. Not quite sure what causes the PPTP connection to stand up (I think I just waited and it came up automatically), but at this point you could probably power cycle the virtual pfSense and it should all liven up. If you've done it right, you should have an internet connection on your clients (you may need to refresh the DHCP lease). Step one complete!

4. Now for tunnelled IPv6, to go http://tunnelbroker.net and sign up for a tunnel. Don't forget to tick the IPv6 enable box (under Advanced in pfSense's System menu)

5. There's a great shell script here which takes care of creating the tunnel on pfSense. You'll need to run this on each restart, but each time you restart your public IP address is likely to change anyway. I may get bored and update the script to handle this automatically at some point...

6. Anyway, if you can get to http://ipv6.google.com, step two complete!