Differences

This shows you the differences between two versions of the page.

--- app-notes:ipsec-fritzbox [2021/11/24 12:38] – klueppel
+++ app-notes:ipsec-fritzbox [2021/11/25 09:00] (current) – klueppel
@@ Line 2: / Line 2: @@
 This has been tested with Netmodule SW 4.5.0.106 and Fritz!OS: 07.28.
-At first, we configure the Fritzbox to accept VPN LAN2LAN connection.
+At first, we configure the Fritzbox to accept VPN LAN2LAN connection. Make sure your FritzBox has a static IP or set up DnynamicDNS. In Our example we use DynamiDNS with the hostname: netbox.ddns.net
+Instructions can be found at AVM https://avm.de/service/wissensdatenbank/dok/FRITZ-Box-7590/30_Dynamic-DNS-in-FRITZ-Box-einrichten/
 Internet -> Permit Access -> VPN: Add VPN Connection
 "Connect your home network with another FRITZ!Box network (LAN-LAN linkup)"
-  - Please choose a VPN Preshared key, in our example we use "admin01admin0"
-  - Name der VPN-Verbindung: We choose LAN2LAN (this is only for internal use for the fritzbox)
-  - Internet-Addresse der Gegenstelle: 1.2.3.4 (This is used as Local-ID in NM-Router and must not be reachble)
-  - Internet-Addresse dieser Fritz!Box: Please insert your DynamicDNS name of you fritzbox. For example netmodule.ddns.net
-  - Entferntes Netzwerk: This is the Subnet shared by Netmodule Router. In our case we use: 192.168.1.0/ 255.255.255.0
-  - Check "VPN-Verbindung dauerthaft halten"
 {{tablelayout?rowsHeaderSource=Auto}}
-^   ^   ^
+^ VPN Connection                   ^                     ^
-| VPN password (pre-shared key) |  admin01admin01 |
+| VPN password (pre-shared key)    | admin01admin01      |
-| Name of the VPN connection |  LAN2LAN |
+| Name of the VPN connection       | LAN2LAN             |
-| Web address of the remote site |  1.2.3.4 |
+| Web address of the remote site*  | 1.2.3.4            |
-| Web address of this FRITZ!Box |  netmodule.ddns.net |
+| Web address of this FRITZ!Box*2  | netmodule.ddns.net  |
-| Remote network |  192.168.1.0 |
+| Remote network                   | 192.168.1.0         |
-| Subnet mask |  255.255.255.0 |
+| Subnet mask                      | 255.255.255.0       |
-| Hold VPN connection permanently | checked |
+| Hold VPN connection permanently  | checked             |
+*This value needs to be set on Netmodule Router as LocalID, Local ID Type IP-Address
 Click OK to save the changes.
+*2 Please use your configured hostname.
 Now we can configure the netmodule router:
@@ Line 35: / Line 32: @@
 |            Config mode |                                     standard |
 |          Local address |                                      0.0.0.0 |
-|    Remote peer address |  netmodule.ddns.net (This has been set in 4) |
+|    Remote peer address |                           netmodule.ddns.net |
@@ Line 95: / Line 92: @@
 Apply new settings. Now the netmodule router should connect to Fritzbox and both should share there networks.
+You also can use a config and update your values:
+<konsole>
+ipsec.status=1
+ipsec.0.remote.serverIp=netmodule.ddns.net
+ipsec.0.ike.psk=[enc]sTs/CogAt7bpw4I76mok6w==
+ipsec.0.ike.mode=aggressive
+ipsec.0.ike.hash=sha1
+ipsec.0.ike.dh=modp1024
+ipsec.0.ike.localId=1.2.3.4
+ipsec.0.ike.remoteId=netmdoule.ddns.net
+ipsec.0.ike.remoteIdType=FQDN
+ipsec.0.esp.hash=sha1
+ipsec.0.esp.pfs=1
+ipsec.0.dpd.status=0
+ipsec.0.local.0.lanAddress=192.168.1.0
+ipsec.0.local.0.lanMask=255.255.255.0
+ipsec.0.local.0.natAddress=-
+ipsec.0.remote.0.lanAddress=192.168.178.0
+ipsec.0.remote.0.lanMask=255.255.255.0
+</konsole>

User Tools

Site Tools

Differences

Page Tools