Ubiquiti EdgeRouter Lite Config
Just purchased an EdgeRouter Lite and have a config that works with FTTC and Plusnet - hopefully this config will get you up and running quickly if you buy the same router. In this script eth0 becomes the WAN port, eth1 and 2 are bridged and act like a switch. Router at 192.168.1.1, DHCP addresses at 192.168.1.100-200. I installed this immediately after upgrading the firmware and before adding users - edit to include your login details and cut and paste into your router's config(see "Tips For Rolling Your Own Config"). You can enter Plusnet's name servers if you want ... 
firewall {
all-ping enable
broadcast-ping disable
conntrack-expect-table-size 4096
conntrack-hash-size 4096
conntrack-table-size 32768
conntrack-tcp-loose enable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
modify pppoe-out {
description "TCP clamping"
rule 1 {
action modify
modify {
tcp-mss 1452
}
protocol tcp
tcp {
flags SYN
}
}
}
name pppoe-in {
default-action drop
description "Internet to internal networks"
rule 1 {
action accept
description "Allow established/related"
log disable
state {
established enable
related enable
}
}
rule 2 {
action drop
description "Drop invalid state"
log enable
state {
invalid enable
}
}
}
name pppoe-local {
default-action drop
description "Internet to router"
rule 1 {
action accept
description "Allow established/related"
log disable
state {
established enable
related enable
}
}
rule 2 {
action drop
description "Drop invalid state"
log enable
state {
invalid enable
}
}
rule 5 {
action accept
description "ICMP 50/m"
limit {
burst 1
rate 50/minute
}
log enable
protocol icmp
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
bridge br0 {
address 192.168.1.1/24
}
ethernet eth0 {
duplex auto
pppoe 0 {
default-route auto
firewall {
in {
name pppoe-in
}
local {
name pppoe-local
}
out {
modify pppoe-out
}
}
mtu 1492
name-server auto
password yourpassword
user-id userid@plusdsl.net
}
speed auto
}
ethernet eth1 {
bridge-group {
bridge br0
}
description LAN
}
ethernet eth2 {
bridge-group {
bridge br0
}
description LAN2
}
loopback lo {
}
}
service {
dhcp-server {
disabled false
shared-network-name LAN-Subnet {
authoritative disable
subnet 192.168.1.0/24 {
default-router 192.168.1.1
dns-server 192.168.1.1
lease 86400
start 192.168.1.100 {
stop 192.168.1.200
}
}
}
}
dns {
forwarding {
cache-size 150
listen-on br0
system
}
}
gui {
https-port 443
listen-address 192.168.1.1
}
nat {
rule 5010 {
log disable
outbound-interface pppoe0
protocol all
type masquerade
}
}
ssh {
listen-address 192.168.1.1
port 22
protocol-version v2
}
}
system {
host-name ubnt
ipv6 {
disable
}
login {
user ubnt {
authentication {
encrypted-password $1$zKNoUbAo$gomzUbYvgyUMcD436Wo66.
}
level admin
}
}
name-server 8.8.8.8
name-server 8.8.4.4
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
}