FRITZ!Box 7490 Serwis - Baza wiedzy

FRITZ!Box 7490 Serwis
Not your product?

Connecting a FRITZ!Box set up as a VPN client to another FRITZ!Box

When you set up a VPN connection between two FRITZ!Boxes, normally both networks are connected to each other (LAN-LAN linkup). This allows direct IP access to all of the devices in the other network and all IP-based services such as e-mail servers, data banks, and file servers are available without restriction in both of the networks.

However, you can also configure the VPN connection between the FRITZ!Boxes so that one of the FRITZ!Boxes acts as a VPN client. In this case (with a client-LAN linkup), only devices in the network of the FRITZ!Box set up as a VPN client can access devices in the network of the FRITZ!Box set up as a VPN server. It is not possible for devices in the network of the VPN server to access devices in the VPN client's network.

Example values used in this guide

In this guide we show you how to connect a FRITZ!Box as a VPN client to a FRITZ!Box as a VPN server. When you set up your connection, replace the values used in this example with actual ones.

  • MyFRITZ! domain name of the VPN server FRITZ!Box:
    pi80ewgfi72d2os42.myfritz.net
  • IP network of the VPN server FRITZ!Box:
    192.168.10.0 (subnet mask: 255.255.255.0)
  • User name of the FRITZ!Box user in the VPN server FRITZ!Box:
    John Smith
  • Password of the FRITZ!Box user in the VPN server FRITZ!Box:
    secret
  • Shared secret of the FRITZ!Box user in the VPN server FRITZ!Box:
    Zj7hPCouK65IrPU4

Requirements / Restrictions

  • The FRITZ!Box being used as the VPN server must obtain a public IPv4 address from the Internet service provider.

    Important:The FRITZ!Box is not accessible from the Internet over IPv4 when used on a DS-Lite ("Dual-Stack Lite") connection. When DS-Lite is active, the status "IPv4 over DS Lite" is displayed under "Connections" on the "Overview" page of the FRITZ!Box user interface.

  • FRITZ!OS 6 or later must be installed on the FRITZ!Box being used as the VPN server.

Important:Some of the settings described here are only displayed if the advanced view is enabled in the user interface. The configuration procedure and notes on functions given in this guide refer to the latest FRITZ!OS.

1 Preparations

Setting up MyFRITZ!

With MyFRITZ! you can even access your FRITZ!Box over the Internet at all times if its public IP address changes on a regular basis, for example after being automatically disconnected by your Internet service provider:

Note:If you already use a different dynamic DNS service, you can also use this service instead of MyFRITZ!.

Adjusting the IP networks

VPN communication cannot occur if both FRITZ!Boxes use the same IP network. Since all FRITZ!Boxes use the IP network 192.168.178.0 in the factory settings, adjust the IP network of the FRITZ!Box used as the VPN server:

Example:
In this guide, the FRITZ!Box used as the VPN server uses the IP address 192.168.10.1 (subnet mask 255.255.255.0).

  1. Click "Home Network" in the FRITZ!Box user interface.
  2. Click "Home Network Overview" in the "Home Network" menu.
  3. Click on the "Network Settings" tab.
  4. Click the "IPv4 Addresses" button.
  5. Enter the desired IP address and subnet mask.
  6. Click "OK" to save the settings.

2 Setting up a VPN server

In the FRITZ!Box to be used as the VPN server, set up a user for the VPN client:

  1. Click "System" in the FRITZ!Box user interface.
  2. Click "FRITZ!Box Users" in the "System" menu.
  3. Click the (Edit) button for the user who intends to connect to the FRITZ!Box via VPN,
    • or, if you have not configured any users yet:
      • Click the "Add User" button and enter a name and password of your choice for the user in the corresponding fields.
  4. Enable the option "VPN".
  5. Click "OK" to save the settings.

Now the FRITZ!Box sets up the VPN rights for this FRITZ!Box user.
A window displaying the VPN settings for the FRITZ!Box user will then open automatically.

Note:You can call up the window any time by clicking "Show VPN Settings" in the settings for the FRITZ!Box user.

3 Setting up a VPN client

In the FRITZ!Box to be used as the VPN client, set up a user for the VPN connection to the remote FRITZ!Box:

  1. Click "Internet" in the FRITZ!Box user interface.
  2. Click "Permit Access" in the "Internet" menu.
  3. Click on the "VPN" tab.
  4. Click the "Add VPN Connection" button.
  5. Click "Connect this FRITZ!Box with a company's VPN" and then "Next".
  6. Enter the user name of the FRITZ!Box user (John Smith) in the field "VPN user name (Key ID)".
  7. Enter the "shared secret" of the FRITZ!Box user (Zj7hPCouK65IrPU4) in the field "VPN password (pre-shared key)". The "shared secret" is displayed in the VPN settings of the FRITZ!Box user in the section "iPhone, iPad or iPod touch".
  8. Enable the option "Use XAUTH".
  9. Enter the user name of the FRITZ!Box user (John Smith) in the field "XAUTH user name".
  10. Enter the password for the FRITZ!Box user (secret) in the "XAUTH password" field.
  11. Enter the MyFRITZ! domain name of the FRITZ!Box being used as the VPN server (pi80ewgfi72d2os42.myfritz.net) in the "Web address" field.
  12. Enter the IP network of the FRITZ!Box being used as a VPN server (192.168.10.0) in the "Remote network" field.
  13. Enter the subnet mask that corresponds to the IP network of the FRITZ!Box being used as the VPN server (255.255.255.0) in the "Subnet mask" field.
  14. Enable the option "Hold VPN connection permanently" if you would like the VPN connection to the remote FRITZ!Box to remain established.
  15. Click "OK" to save the settings.

4 Establishing a VPN connection

If you enabled the option "Hold VPN connection permanently" in the FRITZ!Box that is set up as the VPN client, then the VPN connection will remain established.

If the option "Hold VPN connection permanently" is not enabled, then the VPN connection will be automatically established whenever a query is sent from the network of the FRITZ!Box set up as the VPN client to a network device in the network of the other FRITZ!Box. The connection is cleared again whenever it has been inactive for one hour.

Note:Active VPN connections are displayed in the user interface of both FRITZ!Boxes under "Internet > Permit Access > VPN".