SpeedTouch ADSL PPTP over PPPoA Transparent Bridge


This is how to configure an Alcetel/Thomson? SpeedTouch ADSL modem/router as a transparent bridge using PPTP over a PPPoA xDSL service so that the public IP address given out by the ISP is on the wide area network (WAN) interface of the router/firewall, not on the ADSL modem/router.

PPTP over PPPoA transparent bridging

ADSL modem/router: Alcatel SpeedTouch 510 v3
Gateway/Router?: Linksys WRT54GL with Linux DD-WRT v24 firmware

  1. Take a note of the existing ISP ADSL log-in details (user-name and password), VPI/VCI (Virtual Path Identifier/Virtual? Circuit Identifier) and Encapsulation.
  2. Edit the SpeedTouch configuration file given here Download to match (at most three variables - DSL_ADDR, DSL_ENC, password - need adjusting) and save it.
  3. Connect to the web interface of the SpeedTouch router (often
  4. Upload the SpeedTouch configuration file to the SpeedTouch via the Upgrade > Configuration section.
  5. Restart the SpeedTouch and wait about a minute for it to finish.
  6. Connect to the web interface of the router/firewall (here, a Linksys WRT54GL running Linux DD-WRT).
  7. Change the Setup > Basic Setup > WAN Connection Type to PPTP, enter your ISP log-in user-name and password.
  8. Set the PPTP Server (aka Gateway) to the IP address of the SpeedTouch (
  9. Save and apply the settings.

On the DD-WRT router's Status > WAN page the status of the connection is shown. If using default PPTP settings the router should retry the connection every 30 seconds so if at first it reports being disconnected with the IP address give it a few seconds. If the public IP address and gateway don't show up try manually connecting using the Connect button. If that fails check the log-in details for the ISP account on the Setup > Basic Setup > WAN Connection Type page.

Make SpeedTouch management interfaces reachable

To ensure the management interface of the SpeedTouch modem/router is reachable from the LAN add a masquerading rule to DD-WRT's netfilters using iptables.

  1. Go to Administration > Commands and add this command:
    /usr/sbin/iptables -I POSTROUTING -t nat -o vlan1 -d -j MASQUERADE
    Ensure the vlan1 interface is the one that is connected to the WAN port (the one that connects to the SpeedTouch modem/router). From an ssh or telnet to the DD-WRT router, do:
    # ifconfig | grep -B 1 -A 5 'addr:10\.0\.0\.'
    vlan1     Link encap:Ethernet  HWaddr 00:16:B6:DA:68:13  
              inet addr:  Bcast:  Mask:
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:30407 errors:0 dropped:0 overruns:0 frame:0
              TX packets:26239 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0 
              RX bytes:13998224 (13.3 MiB)  TX bytes:5319742 (5.0 MiB)
  1. Press the "Run Commands" button.
  2. From a PC on the LAN try to reach the SpeedTouch:
    $ ping
    PING ( 56(84) bytes of data.
    64 bytes from icmp_seq=1 ttl=63 time=4.57 ms
    64 bytes from icmp_seq=2 ttl=63 time=3.43 ms
    64 bytes from icmp_seq=3 ttl=63 time=3.08 ms
    64 bytes from icmp_seq=4 ttl=63 time=3.99 ms
    64 bytes from icmp_seq=5 ttl=63 time=3.30 ms
    --- ping statistics ---
    5 packets transmitted, 5 received, 0% packet loss, time 4035ms
    rtt min/avg/max/mdev = 3.083/3.677/4.577/0.544 ms
  3. In DD-WRT press the Save Firewall button. This will write the command into non-volatile memory on the router and it will be executed each time the router restarts.

SpeedTouch configuration file for PPTP over PPPoA transparent bridging

[ env.ini ]
'Created by TJ <> for Speedtouch 510 v3 with ADSL PPPoA
'connected to router (Linksys WRT54GL + DD-wrt v24) with WAN Connection Type PPTP
'Enter ISP user-name and password in router's (not SpeedTouch's) PPTP settings.
'Gateway/PPTP Server = IP of Speedtouch LAN (e.g.
'Speedtouch issues a LAN IP to router's WAN interface (usually
'which then creates the PPTP connection
set var=CONF_REGION value="World"
set var=CONF_PROVIDER value="Generic ISP"
set var=CONF_DESCRIPTION value="DSLAM-> PPPoA <-xDSL Speedtouch [DHCP-server] LAN-> Ethernet <-WAN [DHCP+PPTP clients] Router LAN->"
set var=CONF_SERVICE value="PPTP over PPPoA on user-specified xDSL VP/VC"
set var=CONF_DATE value="29/05/2008"
set var=CONF_VERSION value value="1.01"
set var=HOST_SETUP value="auto shortcut"

'setting of env variables for use without wizard
'default for UK BT (see dsl group for other options)
set var=DSL_ADDR value="0*38"
set var=DSL_ENC value="vcmux"
'set your preferred SpeedTouch password here
set var=password value="xkUzJlxIcjg0Q5fP"

'Definition of groups
def var=dsl_service type=grp desc="Specify the details of the DSL service. Most values are correct by default." alias="DSL Service" 
def var=passwordgrp type=grp desc="Specify a user-name and password to protect the SpeedTouch." alias="SpeedTouch security"  

'DSL group 
def var=DSL_ADDR type=combo grp=dsl_service alias="VPI/VCI" data="0*35,0*36,0*37,0*38,8*35,8*36,8*37" default="0*38" req desc="Select the VPI/VCI value used and provided by your ISP."
def var=DSL_ENC type=combo grp=dsl_service alias="Encapsulation" data="vcmux,nlpid" default="vcmux" req desc="Select the DSL encapsulation method used and provided by your ISP."

'password group 
def var=userid type=string grp=passwordgrp alias="User Name" req desc="Enter a SpeedTouch user-name (required but ignored!)."
def var=password type=passw grp=passwordgrp alias="Password" req desc="Enter a SpeedTouch password."

[ phone.ini ]
add name=PPTP addr=$DSL_ADDR type=ppp

[ qos.ini ]
add name=default class=ubr tx_peakrate=0 tx_sustrate=0 tx_maxburst=0 rx_peakrate=0 rx_sustrate=0

[ bridge.ini ]

[ brfilter.ini ]

[ pptp.ini ]
profadd name=PPTP encaps=$DSL_ENC

[ dhcp.ini ]
config autodhcp=off
policy verifyfirst=off trustclient=on
pool add name=LAN
'only use up to 254 LAN IP addresses for connected devices
pool config name=LAN poolstart= poolend= netmask=24 leasetime=7200

[ mer.ini ]

[ ppp.ini ]

[ cip.ini ]

[ nat.ini ]

[ pfilter.ini ]

[ pfirewall.ini ]

[ ip.ini ]
config forwarding=off firewalling=off redirects=on sourcerouting=off netbroadcasts=off ttl=64 fraglimit=64 defragmode=nat addrcheck=static mssclamping=on
'only use up to 254 LAN IP addresses for connected devices
apadd addr= intf=eth0 addroute=no
ifconfig intf=loop mtu=1500 group=local
ifconfig intf=eth0 mtu=1500 group=lan
rtadd dst= intf=eth0
rtadd dst= gateway=
rtadd dst= gateway=

[ dnsd.ini ]
domain domain=lan
add hostname=SpeedTouch

[ dhcc.ini ]
config trace=off

[ adsl.ini ]
config opermode=multimode maxbitspertoneUS=13

[ system.ini ]
config upnp=off mdap=on
setpassword password=$password

[ endofarch ]