Basic Steps: VPN Connections with FRITZ!Box

With FRITZ!Box you can not only surf the Web and make phone calls, you can even connect physically separate networks and users securely and simply via the Internet. The following products can be used for this purpose:

  • FRITZ!Box Fon WLAN 7170
  • FRITZ!Box Fon WLAN 7270
  • "FRITZ!VPN": The free VPN software client for the Microsoft operating systems Windows Vista (32-bit) and XP (32-bit). The "FRITZ!VPN" program is available in the "Current Downloads" section on this Service Portal.

The configuration is created using the "Configure FRITZ!Box VPN Connection" administration software. See the Step-by-Step Guides for more instructions. The following section presents the basic and preparatory steps.


VPN Connection between Two Networks

Two physically separate networks can be connected via two FRITZ!Boxes. The following steps are necessary:

1. Adapt the IP Networks

The two devices you would like to connect via VPN must use different IP networks.
Neither of the devices participating in the connection may use the network preconfigured upon delivery, with the IP address 192.168.178.0 and the subnet mask 255.255.255.0.
The preset values can be changed in the user interface as follows:
When "Expert Mode" is enabled, click the "IP Address" button under "Settings / Advanced Settings / System / Network Settings".

2. Create Dynamic DNS Accounts

Create an account with a Dynamic DNS provider for each side of the connection. Free Dynamic DNS accounts are available on such web pages as www.dyndns.org or www.selfhost.de.
Note: A Dynamic DNS account must be set up for every device that is to be accessible via a VPN connection. Skip this step if the device has a fixed IP address in the Internet.

3. Enter the Dynamic DNS Accounts

Enter the Dynamic DNS accounts in the devices. To do this in the user interface:
On the "Dynamic DNS" page under "Settings / Advanced Settings / Internet / Permit Access" or "Remote Access".

4. Configure the VPN Connection Using the "Configure FRITZ!Box VPN Connection" Program

In this program select "New" and follow the steps as directed by the Wizard. A "fritzbox_‹name of the FRITZ!Box›.cfg" file is created for each side of the connection.

5. Import the Configuration in the FRITZ!Box

Import the corresponding file to each of the devices. To do this in the user interface:
Under "Settings / Advanced Settings / Internet / Permit Access" or "Remote Access / VPN".
Once the configuration was imported in both sides of the connection, the connection is established automatically upon request.

For detailed instructions on steps 4 and 5, see the Step-by-Step Guide on this Service Portal.

VPN Connection for One User

A remote user (perhaps field staff or an employee working from home) can use the "FRITZ!VPN" software client to connect with a FRITZ!Box in order to access the network. The following steps are necessary:

1. Create a Dynamic DNS Account

Create an account with a Dynamic DNS provider for the FRITZ!Box. Free Dynamic DNS accounts are available on such web pages as www.dyndns.org or www.selfhost.de. Skip this step if the device has a fixed IP address in the Internet.
Note: The user or the computer from which the connection is to be established does not require a Dynamic DNS account.

2. Enter the Dynamic DNS Account

Enter the Dynamic DNS account in the device. To do this in the user interface:
On the "Dynamic DNS" page under "Settings / Advanced Settings / Internet / Permit Access" or "Remote Access".

3. Configure the VPN Connection Using the "Configure FRITZ!Box VPN Connection" Program

In this program select "New" and follow the steps as directed by the Wizard. A "fritzbox_‹name of the FRITZ!Box›.cfg" file will be created for the FRITZ!Box; for the user a "vpnuser_‹name of the user›.cfg" file.

4. Import the Configuration in FRITZ!Box

Import each of the "fritzbox_‹name of the FRITZ!Box›.cfg" file. To do this in the user interface:
Under "Settings / Advanced Settings / Internet / Permit Access" or "Remote Access / VPN".

5. Import the Configuration in FRITZ!VPN

Import the "vpnuser_‹name of the user›.cfg" file in the "FRITZ!VPN" program installed on the computer from which the VPN connection is to be accessed. Do this by going to the "File" menu and selecting the "Import..." command. Afterward the connection appears in the overview and can be established or cleared at any time.

For detailed instructions on steps 4 and 6, see the Step-by-Step Guide on this Service Portal.