I have the same ISP and a Fritz!Box 7490.  I'm trying to get the full speed of my Fibre connection now, but I find I have double NATing going on with it and thus am experiencing up/downloads of only 358/385Mb rather then 900/500Mb when connected directly to the 7490 LAN port.  I placed my firewall in the Shared Port portion of the router to allow all ports to go to it and this keeps UPnP happy, but I still have double NAT.  Can anybody tell me what I have to do in the firewall (OPNSense) or Fritz!box to stop the double NAT?

Thanks

You need to change fritzbox to get IP address from pfsence box

Internet > Acct Information > Operating mode > Share existing Internet connection in the network (IP client mode

Also in 

Internet > Acct Info > Connection Settings have downstream & upstream at 99999999..

If you do use Pfsense.. you may need to set WAN MTU & MSS at 1492

My apologies:

Thank you for your response.

My setup is like this:

2Degrees Internet Fibre <---> (PublicIP - LAN1 NIC) Fritz!Box7490 (Private *.1.* subnet) <---->NIC(WAN) -OPNSense Firewall -NIC(LAN with Private *.30.*  subnet)<---> Managed Switch <---> LAN Devices

I use the Fritz!box for VOIP and wireless support.  It has FIREWALL,NAT, and DHCP enabled.  The OPNSense Firewall is connected to Fritz!box using dedicated Shared Port to its WAN Static IP, thus enabling UPnP.

The OPNSense Firewall has FIREWALL, NAT, and DHCP enabled.  Gateway points to Fritz!Box Private IP.

Why don't you have OPNsense firewall connected direct to fibre? and then Fritzbox connected to OPNsense firewall..

Fibre

--> OPNSense firewall

-------> Switch

-------------> Fritz & other devices?

Fritz phone works ok if you open up right ports

Thank you!  I'll try this.  I did not know how to setup SIP support on OPNSense for the Fritz!box. 

BTW, OPNSense is an ESXi6.0 VM guest on a home built server consisting of a SuperMicro A1SAI-C2758 MB with 8GB RAM. 

To enable OPNSense to connect directly to 2D, is this what I would have to do:

1) Enable VLAN support on the vSwitch NIC named WAN which OPNSense is connected in ESXi6

2) Setup VLAN10 somewhere in OPNSense??

3) Provide PPPoe 2D login details for the vLAN10 device??

4) Connect OPNSense to ONT

5) Make Port Fwd connections you recommend for Fritz!Box SIP

6) Connect FritzBox to Managed Switch which is connected to OPNSense

Boardwatchr:

 

To enable OPNSense to connect directly to 2D, is this what I would have to do:

 

1) Enable VLAN support on the vSwitch NIC named WAN which OPNSense is connected in ESXi6

 

2) Setup VLAN10 somewhere in OPNSense??

 

3) Provide PPPoe 2D login details for the vLAN10 device??

 

4) Connect OPNSense to ONT

 

5) Make Port Fwd connections you recommend for Fritz!Box SIP

 

6) Connect FritzBox to Managed Switch which is connected to OPNSense

 

Looks ok to me.. you have not considered pfsense? I don't have any experience with OPNSense

I tried pfSense multiple times.  Never could get it to connect to the internet with the Fritz!box on 2D.  I got OPNSense working on my first installation.  It just worked with it's defaults.  OPNSense is just a fork of pfSense and has an easier (at least to me) interface to understand.

Do you have the same internet speeds using pfSense as you would using only the Fritz!box?  I'm trying to increase my network speed which is the reason for this discussion.  I'm hoping that my speeds are not being limited by my chosen hardware/firewall.

Well I took OPNSense off of the Esxi server and have it booting directly from hardware now.  I configured it (like pfSense) with a WAN connected to a vLAN10 configured NIC and LAN connected as 192.168.1.1.  I then configured through the web interface the PPPoE login details.  The WAN interface is UP and shows my static IP, when I connect to the ONT, but I still have no internet.  By default LAN interface allow everything and shows as up.

Any ideas?  

I'm an idiot.  I finally figured out that my laptop had the wrong DNS setting (originally set to the Fritz!box).  I'm responding to you via OPNSense Firewall.  All is good.

Thank you for your help!!