So I have KPN Fiber at home (not "zakelijk") 1 Gbps up/down and wanted to get rid of the KPN standard modem and use my OPNSense firewall for this. For reference I did this on March 9th, 2025 - just in case OPNSense looks different or KPN made changes to things.

For the hardware I used a N100 (CPU) based mini PC, which also runs the OPNSense Wireguard-server for accessing my home network when I'm on the road. Obviously, performance was a concern since I am running OPNSense with Wireguard, PPPoE for the Fiber connection, and a full fledge Home Assistant setup, but with this hardware (N100 CPU, 4x 2.5Gbps Ethernet, 16Gb RAM, 128Gb SSD) things run butter smooth. Running a wireguard connection playing a 4K movie made it not even dit 20% load.

Tip: if you decide to get a switch, then pick a switch with 2.5Gbps ports. My old 1Gbps switch gave me less than a 950Mbs up/down throughput with SpeedTest, where my newer switch with 2.5Gbps ports gave me a 1100Mbps download speed and at rare times even a 1400Mbps upload speed (1150 was the lowest speed I had observed).

Note: These are the Quick an dirty settings for Internet Only, mostly for own references, but it could be useful to others as well.
I did not setup the TV part since I do not use KPN (IP)TV. For those who do care: it is said to work anyway (possible slightly slower channel zapping) without all the extras.

Note: I assume you have a working OPNSense setup, possibly behing a KPN modem or an alternative (like a Fritz!box).

Step 1: Update OPNSense and make a Backup your OPNSense settings

Update your OPNSense setup and make sure it is working properly after the update.
After that, it's always good to be able to go back if things do not work out.

To make things easier on myself: I deleted the old "WAN" in the "Interfaces"->"Assignments" section before I started with the next step.

Step 2: Connect the hardware

To keep things simple, I simply connected my OPNSense directly to the ethernet cable that comes from the fiber-box installed by KPN into the existing WAN port of the OPNSense PC. I did hookup my laptop straight to the OPNSense box as I normally would to configure the settings.

Step 3: Create a VLAN for Internet traffic

Device: vlan06
Parent: the network connection of your WAN port
VLAN tag: 6
VLAN priority: Best Effort (0, default)
Description: KPN_INTERNET

(you can pick whatever you like for the "Description")

Click Save and click Apply where needed.

Step 4: Assign the interfaces

Again: I deleted the old WAN, just to avoid confusing when using the phrase "WAN" for my new connection.

Under "Interfaces" - "Assignments" we want to connect  a new WAN interface to the VLAN we just created.

Create a new interface with these settings:

Device: KPN_INTERNET (the VLAN we just created in step 3)
Description: WAN

Click Save and click Apply where needed.

Step 5: Configure the WAN settings

Still under "Interfaces" - "Assignments" we can now click [WAN] to edit the details.

Enable: check
Lock: check (optional)
Description: WAN

Block private networks: check
Block bogon networks: check
IPv4 Configuration Type:PPPoE
IPv6 Configuration Type: DHCPv6
MTU: (you can leave that blank, it will auto populate and result probably in 1492)

Username: internet
Password: internet

Use IPv4 connectivity: check
Configuration Mode: Basic
Prefix delegation size: 48
Request prefix only: check

Click Save and click Apply where needed.

Step 6: Optional - Verify you're running in Hybrid NAT

This may not be necessary but I have seen others mention it.
Mine was already running in Hybrid NAT mode.

Under "Firewall" - "NAT" - "Outbound" check the "Hybrid outbound NAT rule generation" option.

Click Save and click Apply where needed.

Final steps and test

To see what the status of your connect is, go to "Interfaces" - "Overview".
You'll find your new WAN connection there where you can see if everything works.

To the right you will see a magnification glass which will reveal the details.

Note: Mine showed an odd line rat of 64 Kbt/s, but speedtest showed me something very different so don't be alarmed. For reference: used the SpeedTest from the App Store on my Mac. My Mac used a 2.5Gbps ethernet port (USB dongle). As mentioned before: a 1Gbps ethernet port will produces speeds around 950 mbps.