Prerequisite: vpnc, network-manager-vpnc, network-manager-vpnc-gnome

The packages vpnc, network-manager-vpnc and network-manager-vpnc-gnome must be installed on the computer.

Prerequisite: Public IPv4 Address

The FRITZ!Box must obtain a public IPv4 address from the internet service provider.

Check whether FRITZ!Box obtains a public IPv4 address: Determining the Public IPv4 Address of the FRITZ!Box.

Making FRITZ!Box Accessible with Changing Public IPv4 Address

For VPN connections, it must be possible to reach your FRITZ!Box from the internet at all times. If the FRITZ!Box obtains its public IPv4 address from the internet provider, then the IPv4 address will generally change with each assignment.

With the MyFRITZ! service or another dynamic DNS service, the FRITZ!Box can always be reached from the internet, even when the public IPv4 address changes.

Using a MyFRITZ! Account

If you want to use MyFRITZ!, then create a MyFRITZ! account or use an existing MyFRITZ! account. Register the FRITZ!Box with the MyFRITZ! account. Upon registration, the FRITZ!Box receives a MyFRITZ! domain name. Determine the MyFRITZ! domain name.

Note:You can register multiple FRITZ!Boxes with a single MyFRITZ! account. Each FRITZ!Box receives its own MyFRITZ! domain name.

Creating a MyFRITZ! Account and Registering a FRITZ!Box

Determining the MyFRITZ! Domain Name

Using Another Dynamic DNS Service

Set up another dynamic DNS service.

Setting Up Dynamic DNS

Determining the Dynamic DNS Domain Name

Adjusting the IPv4 Networks on the Ends of the VPN Connection

Both ends of a VPN connection must have IPv4 addresses in different IPv4 networks. Only then is VPN communication possible.

Note:Upon delivery, every FRITZ!Box uses the IPv4 network 192.168.178.0.

When both ends of the VPN network have a FRITZ!Box used for internet access, then at least one of the FRITZ!Boxes must have an IPv4 network different from the factory settings.

• When using mobile devices, it is not predictable which device will be used to connect the internet. Any public wireless network may have a FRITZ!Box behind it. Change the IPv4 network of the FRITZ!Box when you configure VPN connections for network devices.
• When you configure a VPN connection for two FRITZ!Box networks, then change the IPv4 network in each FRITZ!Box.

Changing the IPv4 Network in the FRITZ!Box

Configuring a VPN Connection in the FRITZ!Box

1. Click on "Internet" in the user interface of the FRITZ!Box.
2. Click on "Permit Access".
3. Select the "VPN" tab.
4. Click on the "Add VPN Connection" button.
5. Select "Configure VPN connection for one user" and click on "Next".

In the FRITZ!Box user interface you are now on the "System / FRITZ!Box Users / User" page.

Configuring VPN Rights for an Existing User

Proceed as follows to configure VPN rights for a user that is already configured:

1. Select the user and then click on the button.
2. Enable the setting "VPN" on the "User Account" page.
3. Click on "Apply".
4. If you are prompted to confirm the application of this setting, there are several ways you can do so:
   • with a telephone connected to the FRITZ!Box (DECT, ISDN, analog)
   • by pressing any button on the FRITZ!Box

Configuring a New User with VPN Rights

Proceed as follows to configure a new user with VPN rights:

1. Click on the "Add User" button.
2. Fill in the entry fields in the "User" area.
3. Enable the "VPN" setting in the "Rights" area.
   • The other settings in the "Rights" area specify what the user is allowed to do in the user interface. These settings are not relevant for the VPN connection. The "Access from the internet allowed" setting specifies whether the user is allowed to access the user interface of the FRITZ!Box from the internet via a dynamic DNS server. This setting does not apply to the VPN connection.
4. Click on "Apply".
5. If you are prompted to confirm the application of this setting, there are several ways you can do so:
   • with a telephone connected to the FRITZ!Box (DECT, ISDN, analog)
   • by pressing any button on the FRITZ!Box

Configuring a VPN Connection on the Linux Computer

These instructions tell you how to set up a VPN connection on a computer with Ubuntu 18.04 LTS.

Opening VPN Settings in the FRITZ!Box

1. Click on "System" in the FRITZ!Box user interface.
2. Click on "FRITZ!Box Users".
3. Select the FRITZ!Box user and click on the button.
4. Click on the "Show VPN Settings" link next to the "VPN" setting.

The VPN settings are displayed on a page in a separate browser window. You can print out this page.

Configuring a VPN Connection on the Computer

1. Call up the "Settings" menu.
2. Click on "Network" in the "Settings" menu.
3. Click on the plus sign in the "VPN" section.
4. In the "Add VPN" window, select "Cisco Compatible VPN (vpnc).
5. Enter any name for the VPN connection in the "Name" field.
6. Enter in the "Gateway" field the value displayed under "Server Address / Server" in the VPN settings.
7. In the "User Name" field, enter the user name of the FRITZ!Box user. This value is displayed under "User Name / Account" in the VPN settings.
8. Click on the symbol in the field "User password", select the entry "Store the password only for this user", and enter the password for the FRITZ!Box user. The password is displayed under "Password" in the VPN settings.
9. In the "Group Name" field, enter the user name of the FRITZ!Box user. This value is displayed under "User Name / Account" in the VPN settings.
10. Click on the symbol in the field "Group password", select the entry "Store the password only for this user", and enter the "shared secret" of the FRITZ!Box user. The "shared secret" is displayed under "IPSec key / Shared Secret" in the VPN settings.
11. Click on the "Add" button to complete the configuration.

Establishing a VPN Connection

1. Call up the "Settings" menu.
2. Click on "Network" in the "Settings" menu.
3. Select the VPN connection in the "VPN" section and click on the On/Off switch.