Essentially what that does is creates a new IPv6 tunnel interface (tun0), configures its local and remote endpoints, sets the local IPv6 address of your end of that tunnel, and issues an IPv6 default route that points to the other end of the tunnel.
One critical note: This block of configuration does not filter any traffic passing over that tunnel. If you hit Commit at the end of the given block, you've opened the outside interface of your router to any and all IPv6 traffic from anywhere.
For a very long time, everyone has been very accustomed to using NAT to hide their internally addressed networks (courtesy of RFC1918 address blocks such as 10.0.0.0/8, 172.16.0.0/12, or 192.168.0.0/16, for example). The real reason for this: It'd be impractical to use external addressing for every network -- we would have been out of address space years ago. However, as a side effect, you can't directly reach internal hosts from the outside unless you specifically poke a hole in your firewall by implementing an external-to-internal NAT translation.
That's one of the first basic lessons to learn about IPv6. There is no NAT in the IPv6 standard because there's no need for it -- the address space consumption issues present in IPv4 simply don't exist in IPv6. As a consequence, any internal IPv6 hosts you have are directly accessible by their "real" addresses unless you put in rules to block the traffic.
That's the next job. First, a rule to control access to the tun0 interface on the router itself (again, allowing ICMP so that we can ping it from the outside):
set firewall ipv6-name tun-local default-action 'drop'
set firewall ipv6-name tun-local description 'IPv6 Traffic To Router'
set firewall ipv6-name tun-local rule 10 action 'accept'
set firewall ipv6-name tun-local rule 10 description 'Accept Established-Related'
set firewall ipv6-name tun-local rule 10 state established 'enable'
set firewall ipv6-name tun-local rule 10 state related 'enable'
set firewall ipv6-name tun-local rule 15 action 'accept'
set firewall ipv6-name tun-local rule 15 description 'Accept ICMP Echo'
set firewall ipv6-name tun-local rule 15 icmpv6 type 'echo-request'
set firewall ipv6-name tun-local rule 15 protocol 'ipv6-icmp'
And another to allow answers to flow back to the inside from the outside:
set firewall ipv6-name tun-in description 'IPv6 Traffic To Internal'
set firewall ipv6-name tun-in rule 10 action 'accept'
set firewall ipv6-name tun-in rule 10 description 'Accept Established-Related'
set firewall ipv6-name tun-in rule 10 state established 'enable'
set firewall ipv6-name tun-in rule 10 state related 'enable'