{"id":2126,"date":"2020-07-21T15:05:10","date_gmt":"2020-07-21T13:05:10","guid":{"rendered":"https:\/\/asenger.de\/blog\/?p=2126"},"modified":"2022-10-13T15:57:26","modified_gmt":"2022-10-13T13:57:26","slug":"firewall-und-fritzbox-7390-vpn-netz-zu-netz","status":"publish","type":"post","link":"https:\/\/asenger.de\/blog\/firewall-und-fritzbox-7390-vpn-netz-zu-netz\/","title":{"rendered":"$Firewall und Fritz!Box 7390 VPN Netz zu Netz"},"content":{"rendered":"<div class='__iawmlf-post-loop-links' style='display:none;' data-iawmlf-post-links='[{&quot;id&quot;:113,&quot;href&quot;:&quot;http:\\\/\\\/forum.collax.com\\\/viewtopic.php?f=41&amp;t=6126#p27340&quot;,&quot;archived_href&quot;:&quot;&quot;,&quot;redirect_href&quot;:&quot;https:\\\/\\\/forum.collax.com\\\/viewtopic.php?f=41&quot;,&quot;checks&quot;:[],&quot;broken&quot;:false,&quot;last_checked&quot;:null,&quot;process&quot;:&quot;done&quot;},{&quot;id&quot;:114,&quot;href&quot;:&quot;http:\\\/\\\/forum.collax.com\\\/memberlist.php?mode=viewprofile&amp;u=5285&amp;sid=870d9cf1c626652a76042df01c39fec4&quot;,&quot;archived_href&quot;:&quot;&quot;,&quot;redirect_href&quot;:&quot;https:\\\/\\\/forum.collax.com\\\/memberlist.php?mode=viewprofile&quot;,&quot;checks&quot;:[],&quot;broken&quot;:false,&quot;last_checked&quot;:null,&quot;process&quot;:&quot;done&quot;},{&quot;id&quot;:115,&quot;href&quot;:&quot;https:\\\/\\\/www.google.com\\\/webhp?sourceid=chrome-instant&amp;ion=1&amp;espv=2&amp;ie=UTF-8#q=vpncfg+fritzbox+phase1_mode_idp&quot;,&quot;archived_href&quot;:&quot;http:\\\/\\\/web-wp.archive.org\\\/web\\\/20260204143620\\\/https:\\\/\\\/www.google.com\\\/webhp?sourceid=chrome-instant&quot;,&quot;redirect_href&quot;:&quot;&quot;,&quot;checks&quot;:[{&quot;date&quot;:&quot;2026-02-06 15:22:46&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-02-11 04:11:32&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-02-16 04:04:53&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-02-25 15:59:43&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-03-04 10:51:32&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-04-13 17:45:43&quot;,&quot;http_code&quot;:200}],&quot;broken&quot;:false,&quot;last_checked&quot;:{&quot;date&quot;:&quot;2026-04-13 17:45:43&quot;,&quot;http_code&quot;:200},&quot;process&quot;:&quot;done&quot;},{&quot;id&quot;:116,&quot;href&quot;:&quot;http:\\\/\\\/wiki.securepoint.de\\\/index.php\\\/IPSec_-_Fritzbox#VPN_Konfiguration_erstellen&quot;,&quot;archived_href&quot;:&quot;&quot;,&quot;redirect_href&quot;:&quot;https:\\\/\\\/wiki.securepoint.de\\\/index.php\\\/IPSec_-_Fritzbox&quot;,&quot;checks&quot;:[],&quot;broken&quot;:false,&quot;last_checked&quot;:null,&quot;process&quot;:&quot;done&quot;},{&quot;id&quot;:117,&quot;href&quot;:&quot;http:\\\/\\\/www.nwlab.net\\\/tutorials\\\/VPN-FritzBox&quot;,&quot;archived_href&quot;:&quot;http:\\\/\\\/web-wp.archive.org\\\/web\\\/20250622114809\\\/https:\\\/\\\/www.nwlab.net\\\/tutorials\\\/VPN-FritzBox\\\/&quot;,&quot;redirect_href&quot;:&quot;&quot;,&quot;checks&quot;:[{&quot;date&quot;:&quot;2026-02-06 15:22:52&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-02-11 04:11:42&quot;,&quot;http_code&quot;:503},{&quot;date&quot;:&quot;2026-02-16 04:04:58&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-02-25 15:59:51&quot;,&quot;http_code&quot;:503},{&quot;date&quot;:&quot;2026-03-04 10:51:32&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-04-13 17:45:50&quot;,&quot;http_code&quot;:200}],&quot;broken&quot;:false,&quot;last_checked&quot;:{&quot;date&quot;:&quot;2026-04-13 17:45:50&quot;,&quot;http_code&quot;:200},&quot;process&quot;:&quot;done&quot;},{&quot;id&quot;:118,&quot;href&quot;:&quot;http:\\\/\\\/www.computersalat.de\\\/linux\\\/vpn\\\/ipsec-vpn-zwischen-fritzbox-und-linux&quot;,&quot;archived_href&quot;:&quot;http:\\\/\\\/web-wp.archive.org\\\/web\\\/20251014232229\\\/https:\\\/\\\/computersalat.de\\\/linux\\\/vpn\\\/ipsec-vpn-zwischen-fritzbox-und-linux\\\/&quot;,&quot;redirect_href&quot;:&quot;&quot;,&quot;checks&quot;:[{&quot;date&quot;:&quot;2026-02-06 15:22:57&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-02-11 04:11:37&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-02-16 21:50:40&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-02-25 15:59:49&quot;,&quot;http_code&quot;:503},{&quot;date&quot;:&quot;2026-03-04 10:51:33&quot;,&quot;http_code&quot;:200}],&quot;broken&quot;:false,&quot;last_checked&quot;:{&quot;date&quot;:&quot;2026-03-04 10:51:33&quot;,&quot;http_code&quot;:200},&quot;process&quot;:&quot;done&quot;},{&quot;id&quot;:119,&quot;href&quot;:&quot;http:\\\/\\\/brgmn.de\\\/blog\\\/ipsecfritzer-ein-tool-zur-generierung-von-mac-os-x-und-ios-kompatiblen-fritzbox-vpn-config-dateien&quot;,&quot;archived_href&quot;:&quot;http:\\\/\\\/web-wp.archive.org\\\/web\\\/20260206205813\\\/https:\\\/\\\/brgmn.de\\\/blog\\\/ipsecfritzer-ein-tool-zur-generierung-von-mac-os-x-und-ios-kompatiblen-fritzbox-vpn-config-dateien&quot;,&quot;redirect_href&quot;:&quot;https:\\\/\\\/brgmn.de\\\/blog\\\/ipsecfritzer-ein-tool-zur-generierung-von-mac-os-x-und-ios-kompatiblen-fritzbox-vpn-config-dateien&quot;,&quot;checks&quot;:[{&quot;date&quot;:&quot;2026-02-11 04:11:36&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-02-16 04:04:56&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-02-25 15:59:47&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-03-04 10:51:35&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-04-13 17:45:48&quot;,&quot;http_code&quot;:206}],&quot;broken&quot;:false,&quot;last_checked&quot;:{&quot;date&quot;:&quot;2026-04-13 17:45:48&quot;,&quot;http_code&quot;:206},&quot;process&quot;:&quot;done&quot;},{&quot;id&quot;:120,&quot;href&quot;:&quot;http:\\\/\\\/avm.de\\\/service\\\/vpn\\\/praxis-tipps\\\/anpassung-einer-vpn-verbindung-von-fritzbox-zu-fritzbox-lan-lan&quot;,&quot;archived_href&quot;:&quot;http:\\\/\\\/web-wp.archive.org\\\/web\\\/20160130174635\\\/http:\\\/\\\/avm.de:80\\\/service\\\/vpn\\\/praxis-tipps\\\/anpassung-einer-vpn-verbindung-von-fritzbox-zu-fritzbox-lan-lan\\\/&quot;,&quot;redirect_href&quot;:&quot;&quot;,&quot;checks&quot;:[{&quot;date&quot;:&quot;2026-02-06 15:23:09&quot;,&quot;http_code&quot;:503},{&quot;date&quot;:&quot;2026-02-16 04:05:04&quot;,&quot;http_code&quot;:503},{&quot;date&quot;:&quot;2026-02-25 15:59:48&quot;,&quot;http_code&quot;:503},{&quot;date&quot;:&quot;2026-03-04 10:51:38&quot;,&quot;http_code&quot;:503},{&quot;date&quot;:&quot;2026-04-13 17:45:40&quot;,&quot;http_code&quot;:503}],&quot;broken&quot;:true,&quot;last_checked&quot;:{&quot;date&quot;:&quot;2026-04-13 17:45:40&quot;,&quot;http_code&quot;:503},&quot;process&quot;:&quot;done&quot;},{&quot;id&quot;:121,&quot;href&quot;:&quot;http:\\\/\\\/avm.de\\\/fileadmin\\\/user_upload\\\/DE\\\/Service\\\/VPN\\\/box_box.pdf&quot;,&quot;archived_href&quot;:&quot;http:\\\/\\\/web-wp.archive.org\\\/web\\\/20240411145557\\\/https:\\\/\\\/avm.de\\\/fileadmin\\\/user_upload\\\/DE\\\/Service\\\/VPN\\\/box_box.pdf&quot;,&quot;redirect_href&quot;:&quot;&quot;,&quot;checks&quot;:[{&quot;date&quot;:&quot;2026-02-06 15:25:22&quot;,&quot;http_code&quot;:503},{&quot;date&quot;:&quot;2026-02-11 04:11:45&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-02-16 04:05:01&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-02-25 15:59:45&quot;,&quot;http_code&quot;:503},{&quot;date&quot;:&quot;2026-03-04 10:51:36&quot;,&quot;http_code&quot;:200},{&quot;date&quot;:&quot;2026-04-13 17:45:49&quot;,&quot;http_code&quot;:503}],&quot;broken&quot;:false,&quot;last_checked&quot;:{&quot;date&quot;:&quot;2026-04-13 17:45:49&quot;,&quot;http_code&quot;:503},&quot;process&quot;:&quot;done&quot;},{&quot;id&quot;:122,&quot;href&quot;:&quot;http:\\\/\\\/forum.collax.com\\\/viewtopic.php?f=41&amp;t=6126&quot;,&quot;archived_href&quot;:&quot;&quot;,&quot;redirect_href&quot;:&quot;https:\\\/\\\/forum.collax.com\\\/viewtopic.php?f=41&quot;,&quot;checks&quot;:[],&quot;broken&quot;:false,&quot;last_checked&quot;:null,&quot;process&quot;:&quot;done&quot;}]'><\/div>\n<p>Grundlagen:<\/p>\n<p><a href=\"http:\/\/forum.collax.com\/viewtopic.php?f=41&amp;t=6126#p27340\">http:\/\/forum.collax.com\/viewtopic.php?f=41&amp;t=6126#p27340<\/a> von <a href=\"http:\/\/forum.collax.com\/memberlist.php?mode=viewprofile&amp;u=5285&amp;sid=870d9cf1c626652a76042df01c39fec4\"><strong>Bartsi<\/strong><\/a> \u00bb Mo 27. Sep 2010, 14:38<\/p>\n<p>es ist nun vollbracht. Wieso auch immer waren die Einstellungen in der Fritz!Box nicht Optimal. Nach N\u00e4chte langem Testen funktioniert es nun vollst\u00e4ndig. F\u00fcr die Leute die dasselbe bauen m\u00f6chten hier noch mal die Einstellungen im Detail:<\/p>\n<p><strong><em><u>Ganz wichtig!!!!<\/u><\/em><\/strong><br \/>\nRuhe bewahren. Die FritzBox \u00fcbernimmt nicht sofort die Einstellungen nach dem einspielen der Configdatei!! Man muss 3-5 Minuten warten bevor Sie Reaktion darauf bringt.<\/p>\n<p><strong><u>CBS\/CSG<\/u><\/strong><!--more--><\/p>\n<p>Eigenes Proposals anlegen mit folgenden Werten:<\/p>\n<p>Name: FritzBox<br \/>\n<strong>IKE<\/strong><br \/>\n&#8211; Aggressive Mode = OFF\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \/\/Die Einstellung gibt\u2019s nicht mehr! Ist immer OFF<br \/>\n&#8211; Verschl\u00fcsselungsmethode = NUR 3DES<br \/>\n&#8211; Hash-Algo. = SHA1<br \/>\n&#8211; DH-Gruppen = dh gruppe 2, 1024 bit (modp1024)<br \/>\n&#8211; Lifetime = 60 (1 Stunde)<br \/>\n&#8211; Perfect Forwarding Secrecy = ON!<br \/>\n<strong>ESP<\/strong><br \/>\n&#8211; Kompression = OFF<br \/>\n&#8211; Verschl\u00fcsselungsmethode = NUR 3DES<br \/>\n&#8211; Hash-Algo. = SHA1<br \/>\n&#8211; Keylifetime = 60 (1 Stunde)<\/p>\n<p>Link Einstellungen:<br \/>\n&#8211; Name = Verbindung zur FritzBox<br \/>\n&#8211; Typ = VPN (IPSec\/L2TP)<br \/>\n&#8211; Verbindungsaufbau = Auf Einwahl warten (FB Baut die Verbindung auf)<br \/>\n&#8211; VPN-Gateway = host.dyndns.org<br \/>\n&#8211; Eigener Schl\u00fcssel = PSK<br \/>\n&#8211; Eigene ID = IP Adresse vom CSG\/CBS<br \/>\n&#8211; Passphrase = MEGASECRETPASSWORT<br \/>\n&#8211; ID der Gegenstelle = @host.dyndns.org (das @ ist wichtig!)<\/p>\n<p>Bitte Entsprechend erreichbare Netzwerke anklicken!<\/p>\n<p>&#8211; Absenderadresse: Lokale IP vom CSG\/CBS<\/p>\n<p><strong><u>Fritz!Box VPN<\/u><\/strong><br \/>\nHier poste ich einfach die CFG Datei:<\/p>\n<p>vpncfg {<br \/>\nconnections {<br \/>\nenabled = yes;<br \/>\nconn_type = conntype_lan;<br \/>\nname = &#8222;VPN zum CSG\/CBS&#8220;;<br \/>\nalways_renew = yes;<br \/>\nreject_not_encrypted = no;<br \/>\ndont_filter_netbios = yes;<br \/>\nlocalip = 0.0.0.0;<br \/>\nlocal_virtualip = 0.0.0.0;<br \/>\nremoteip = xx.xx.44.99;<br \/>\nremote_virtualip = 0.0.0.0;<br \/>\nlocalid {<br \/>\nfqdn = &#8222;host.dyndns.org&#8220;;<br \/>\n}<br \/>\nremoteid {<br \/>\nipaddr = xx.xx.44.99;<br \/>\n}<br \/>\nmode = phase1_mode_idp;<br \/>\nphase1ss = &#8222;alt\/all-no-aes\/all&#8220;;<br \/>\nkeytype = connkeytype_pre_shared;<br \/>\nkey = &#8222;MEGASECRETPASSWORT&#8220;;<br \/>\ncert_do_server_auth = no;<br \/>\nuse_nat_t = yes;<br \/>\nuse_xauth = no;<br \/>\nuse_cfgmode = no;<br \/>\nphase2localid {<br \/>\nipnet {<br \/>\nipaddr = 192.168.1.128;<br \/>\nmask = 255.255.255.192;<br \/>\n}<br \/>\n}<br \/>\nphase2remoteid {<br \/>\nipnet {<br \/>\nipaddr = 192.168.1.0;<br \/>\nmask = 255.255.255.192;<br \/>\n}<br \/>\n}<br \/>\nphase2ss = &#8222;esp-3des-sha\/ah-no\/comp-no\/pfs&#8220;;<br \/>\naccesslist = &#8222;permit ip any 192.168.1.0 255.255.255.192&#8220;,<br \/>\n&#8222;permit ip any 192.168.1.128 255.255.255.192&#8220;;<br \/>\n}<br \/>\nike_forward_rules = &#8222;udp 0.0.0.0:500 0.0.0.0:500&#8220;,<br \/>\n&#8222;udp 0.0.0.0:4500 0.0.0.0:4500&#8220;;<br \/>\n}<br \/>\n\/\/ EOF<\/p>\n<p>Hierbei ist bitte zu beachten:<br \/>\n&#8211; Subnet auf 4 Standorte verteilt \/26<br \/>\n&#8211; xx.xx.44.99 ist die feste IP Adresse des CSG\/CBS nat\u00fcrlich auch dynamisch m\u00f6glich<\/p>\n<p>Hier kommen noch ein paar Links zur Weiterbildung:<\/p>\n<p><a href=\"https:\/\/www.google.com\/webhp?sourceid=chrome-instant&amp;ion=1&amp;espv=2&amp;ie=UTF-8#q=vpncfg+fritzbox+phase1_mode_idp\">vpncfg fritzbox phase1_mode_idp &#8211; Google-Suche<\/a><\/p>\n<p><a href=\"http:\/\/wiki.securepoint.de\/index.php\/IPSec_-_Fritzbox#VPN_Konfiguration_erstellen\">IPSec &#8211; Fritzbox &amp;ndash; Securepoint Wiki<\/a><\/p>\n<p><a href=\"http:\/\/www.nwlab.net\/tutorials\/VPN-FritzBox\/\">VPN mit der FritzBox :: network lab<\/a><\/p>\n<p><a href=\"http:\/\/www.computersalat.de\/linux\/vpn\/ipsec-vpn-zwischen-fritzbox-und-linux\/\">IPSec VPN zwischen Fritz!Box und Linux &#8211; computersalatcomputersalat<\/a><\/p>\n<p><a href=\"http:\/\/brgmn.de\/blog\/ipsecfritzer-ein-tool-zur-generierung-von-mac-os-x-und-ios-kompatiblen-fritzbox-vpn-config-dateien\">ipsecFritzer &amp;ndash; ein Tool zur Generierung von Mac-OS-X und iOS-kompatiblen FritzBox!-VPN-Config-Dateien | Martin Br\u00fcggemann | Blog<\/a><\/p>\n<p><a href=\"http:\/\/avm.de\/service\/vpn\/praxis-tipps\/anpassung-einer-vpn-verbindung-von-fritzbox-zu-fritzbox-lan-lan\/\">Anpassung einer VPN-Verbindung von FRITZ!Box zu FRITZ!Box (LAN-LAN) | AVM Deutschland<\/a><\/p>\n<p><a href=\"http:\/\/avm.de\/fileadmin\/user_upload\/DE\/Service\/VPN\/box_box.pdf\">avm.de\/fileadmin\/user_upload\/DE\/Service\/VPN\/box_box.pdf<\/a><\/p>\n<p><a href=\"http:\/\/forum.collax.com\/viewtopic.php?f=41&amp;t=6126\">[Gel\u00f6st] CSG und Fritz!Box 7270 VPN Netz zu Netz &#8211; Collax User Forum<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Grundlagen: http:\/\/forum.collax.com\/viewtopic.php?f=41&amp;t=6126#p27340 von Bartsi \u00bb Mo 27. Sep 2010, 14:38 es ist nun vollbracht. Wieso auch immer waren die Einstellungen in der Fritz!Box nicht Optimal. Nach N\u00e4chte langem Testen funktioniert es nun vollst\u00e4ndig. F\u00fcr die Leute die dasselbe bauen m\u00f6chten hier noch mal die Einstellungen im Detail: Ganz wichtig!!!! Ruhe <a href=\"https:\/\/asenger.de\/blog\/firewall-und-fritzbox-7390-vpn-netz-zu-netz\/\" class=\"btn btn-link continue-link\">Continue Reading<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[],"class_list":["post-2126","post","type-post","status-publish","format-standard","hentry","category-it"],"_links":{"self":[{"href":"https:\/\/asenger.de\/blog\/wp-json\/wp\/v2\/posts\/2126","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/asenger.de\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/asenger.de\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/asenger.de\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/asenger.de\/blog\/wp-json\/wp\/v2\/comments?post=2126"}],"version-history":[{"count":0,"href":"https:\/\/asenger.de\/blog\/wp-json\/wp\/v2\/posts\/2126\/revisions"}],"wp:attachment":[{"href":"https:\/\/asenger.de\/blog\/wp-json\/wp\/v2\/media?parent=2126"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/asenger.de\/blog\/wp-json\/wp\/v2\/categories?post=2126"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/asenger.de\/blog\/wp-json\/wp\/v2\/tags?post=2126"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}