Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




14491 posts

Uber Geek
+1 received by user: 2666

Trusted
Subscriber

Topic # 247955 4-Mar-2019 21:08
Send private message quote this post

Has anyone successfully connected their Android phone to their Fritzbox using a VPN? I'd like to have my phone on the home LAN when I'm using mobile data.

 

I've set up a Fritz user who has access, and I have dynamic DNS set up. I followed the instructions on the Fritzbox that it showed after setting up the Fritz user, but the Android VPN client only says "connection unsuccessful", without giving more information. I wonder if a VPN client app would give more diagnostics? 

 

I note that at the bottom of the system -> users screen it says "Login for access from the home network is currently disabled. The users displayed are valid only for access from the Internet." I changed the settings for "login to the home network" to "login with fritz username and password". That wasn't ideal, as I didn't have a username and password for an admin user, but luckily 2degrees help was able to remotely change that setting for me and log me back in. Very helpful support there :) But I won't change that setting again in a hurry.

 

Any tips appreciated.





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


Filter this topic showing only the reply marked as answer Create new topic
BDFL - Memuneh
62614 posts

Uber Geek
+1 received by user: 13273

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 2191013 4-Mar-2019 22:33
One person supports this post
Send private message quote this post

Yes, I use it all the time. Make sure the Android is set to IPSec Xauth PSK, and you enter the ISPEC Identifier (the username) and the IPSec preshare key (created by the Fritz!OS). Login with the username and password as defined on your userlist.





3057 posts

Uber Geek
+1 received by user: 381


  Reply # 2191023 4-Mar-2019 23:00
Send private message quote this post

As above. Mine works sweet.

 

You created a user, but did you create a VPN user... (its the last finer detail in the instructions) https://en.avm.de/service/vpn/tips-tricks/setting-up-a-vpn-connection-to-fritzbox-in-android/ 

 

Interrmet, Permit access, VPN. Create.

 

Basic details, but also add user into system-users, edit one you created and make sure VPN box ticked. Don't need to change other security based settings.

 

Click the 'show VPN settings' for the auto generated pre-shared key and exact settings.

You can access the VPN settings if you select "System > FRITZ!Box Users" in the user interface, call up the settings for the user, and click "Show VPN Settings".

 

Which also just reminded me where to find it to add to my new device..


 
 
 
 




14491 posts

Uber Geek
+1 received by user: 2666

Trusted
Subscriber

  Reply # 2191041 5-Mar-2019 07:40
Send private message quote this post

I didn't actually create a VPN under Internet -> Permit Access -> VPN, I just created a VPN user. That could be where I went wrong. That's not mentioned on the page you linked to @Oblivian ? I went into something like System -> Users to create the user.

 

I followed the instructions from the Fritzbox fairly precisely. I even tried both "zero" and "capital O" in the IPSec shared key. Yes, created a VPN user with no other rights. I guess I'll try again when I have time.

 

The username goes into the IPSec identifier and when you log into the VPN, right? Seems odd to enter it twice.

 

 





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


3057 posts

Uber Geek
+1 received by user: 381


  Reply # 2191044 5-Mar-2019 07:53
Send private message quote this post

Thats where you can have different details depending on the different input points.

The vpn user can be one thing (identifier name and automatic key) but you won't connect without..

The 2nd layer requires a username and password with authority to use VPN inbound set under its settings.



14491 posts

Uber Geek
+1 received by user: 2666

Trusted
Subscriber

  Reply # 2191045 5-Mar-2019 07:57
Send private message quote this post

Ok, so as well as a VPN user I need to set up a VPN. I assumed given there was a pre-shared key it was all done. I'll have a look in when I get home, I can't do remote web administration I don't think.

 

 





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


3057 posts

Uber Geek
+1 received by user: 381


  Reply # 2191046 5-Mar-2019 07:58
Send private message quote this post

From the 'show VPN details' under user..

On the home screen of your Android device, select "Settings / Additional Settings / VPN / Add VPN Network".
Enter the following information in the fields:
Name:
Type:IPSec Xauth PSK
Server address
IPSec identifier:VPN ident.. not access user
IPSec pre-shared key: biglongkeyitmakes
End the VPN configuration by clicking "Save".
Establishing a Connection
Enter the data below to establish the connection:
User name: fritzuseerwithvpnallowed
Password:Password of the FRITZ!Box user "asabove"



14491 posts

Uber Geek
+1 received by user: 2666

Trusted
Subscriber

  Reply # 2191048 5-Mar-2019 07:59
Send private message quote this post

Thanks, I'll double check those fields as well.





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer




14491 posts

Uber Geek
+1 received by user: 2666

Trusted
Subscriber

  Reply # 2191409 5-Mar-2019 16:01
Send private message quote this post

In Internet -> Permit Access -> VPN I can see options:

 

  • Configure VPN for one user
  • Configure LAN to LAN
  • Connect with company VPN
  • Import

I chose "one user", which just takes me to the Fritzbox users screen. Is that right?





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


3057 posts

Uber Geek
+1 received by user: 381


  Reply # 2191424 5-Mar-2019 16:30
Send private message quote this post

I have an older model so can't confirm immediately.

But the key here is the last bit. Your access users on the box have to have access to VPN/option enabled. And the button beside it gives you the details like I quoted above afterwards, or as soon as you enable it.

I suspect if any other vpn settings are missing, you won't get the same results or ability to click show my settings.



14491 posts

Uber Geek
+1 received by user: 2666

Trusted
Subscriber

  Reply # 2191632 5-Mar-2019 20:50
Send private message quote this post

Ok, so I worked it out... I had the wrong dynamic DNS name for my router. I'd set made up a name, but had to change it during registration as it was too long. As soon as I fixed that it worked fine. My connection now tunnels through my Fritzbox, and my phone public IP is my home internet IP.

 

The IPSec Identifier is the same as the username you set up in the Fritzbox.

 

Here's my overall steps:

 

     

  1. Fritzbox 7930: Internet -> Permit Access -> DynDNS. Set up dynamic DNS. I use no-ip.com. Create an account there, set up the domain name you use, the email address you used to register the account (seems to work better than username), password.
  2. Fritzbox 7930: System -> Fritz!Box Users : Create a new user, ensure only "VPN" and "access from the internet" are ticked (though that "access from the internet one" never stays ticked once I save it). When you hit save it will give you all the details to put into Android. Write them down. You can't copy and paste them because they decided to make it an image, annoying.
  3. Android: turn off WiFi, turn on data (this won't work from inside the LAN).
  4. Android: Settings -> More (in the comms section) -> VPN. Enter the details from the Fritzbox. The IPSec Identifier is the username. Make sure you enter the IPSec preshared key not the user's password. Hit save, then enter the username and password.

 

Thanks all for the help working this out :)





AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


Filter this topic showing only the reply marked as answer Create new topic


Donate via Givealittle


Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

A call from the companies providing internet access for the great majority of New Zealanders, to the companies with the greatest influence over social media content
Posted 19-Mar-2019 15:21


Two e-scooter companies selected for Wellington trial
Posted 15-Mar-2019 17:33


GeForce GTX 1660 available now
Posted 15-Mar-2019 08:47


Artificial Intelligence to double the rate of innovation in New Zealand by 2021
Posted 13-Mar-2019 14:47


LG demonstrates smart home concepts at LG InnoFest
Posted 13-Mar-2019 14:45


New Zealanders buying more expensive smartphones
Posted 11-Mar-2019 09:52


2degrees Offers Amazon Prime Video to Broadband Customers
Posted 8-Mar-2019 14:10


D-Link ANZ launches D-Fend AC2600 Wi-Fi Router Protected by McAfee
Posted 7-Mar-2019 11:09


Slingshot commissions celebrities to design new modems
Posted 5-Mar-2019 08:58


Symantec Annual Threat Report reveals more ambitious, destructive and stealthy attacks
Posted 28-Feb-2019 10:14


FUJIFILM launches high performing X-T30
Posted 28-Feb-2019 09:40


Netflix is killing content piracy says research
Posted 28-Feb-2019 09:33


Trend Micro finds shifting threats require kiwis to rethink security priorities
Posted 28-Feb-2019 09:27


Mainfreight uses Spark IoT Asset Tracking service
Posted 28-Feb-2019 09:25


Spark IoT network now covers 98% of New Zealand population
Posted 19-Feb-2019 09:28



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.