Home > AVM, Fritz!box, KDE, Linux, OpenSUSE 12.1, Router, VPN > Opensuse 12.1 Fritz!box 7390 and VPN. How do you do it?

Opensuse 12.1 Fritz!box 7390 and VPN. How do you do it?

OK here is a challenge for some of you. This is an area (one of many) where I know nothing so bear with me. When running Windows on my laptop I can VPN into my Fritz!box 7390. A Friz!Box Windows app generates a configuration files that you load into the router through the in web interface and into the Fritz!Box VPN client. It sounds a little complicated but the configuration only has to be done once. From then on you just fire up the client when you are in a remote location and it connects. Simples.
So now to my question. How do I do this in OpenSUSE 12.1? I tell you what I have tried so far. I have installed KVPN – the KDE VPN client. This allows you to instal the file – which I have to generate under windows (is there a Opensuse 12.1 equivilent process for this too?). There is even a special profile just for Fritzboxes that allows KVPN to import the file. At this point I demonstrate my ignorance (again). KVPN wont work with just the Fritz!box file. It uses IPSEC (I think) so I have downloaded IPSEC files and the IPSEC tools file. This fixes some “racoon” of the errors but I still get a “bind” error. Since both the Fritz!box and OpenSUSE have strong German influences there is a lot of support in the German forums. But my German is weak and Google Translate has not been a friend to me in this matter. So if there are any kind souls out there who know what I need to be doing then please tell me what I need to do. Answers in German are fine. There is one condition however. If the solution involves excesive command line activity, file editing or log dumping then I probably won’t do it as it would defeat the point I was trying to prove in my earlier post. Point and click solutions will certainly given a try. Failing that I might explore the OpenVPN route so any neat solutions here are also welcome.

  1. January 30, 2012 at 5:48 am

    Try and get ShrewSoft VPN, and then use the Fritz>Shrew cfg file converter (it is a .NET application, so needs windows). I have to use Shrew for Win7 64bit since AVM don’t do a client that works. Some Cisco clients might work too, but the Shrew one does the job for me and it is free.

    • January 30, 2012 at 7:06 pm

      Now that is interesting. I haven’t actually had a problem with the Win 64 bit client – apart from the fact it is in German. But I will give ShrewSoft a go so thanks for the heads up. However I still need a solution for the Samsung NC 10 Net-book which runs solely on OpenSUSE 12.1.

      • January 30, 2012 at 10:08 pm

        You need to create the fritz config in windows, and use windows to make the shrew config. You then put the config file onto the linux netbook and install shrew there. That should let the linux only netbook access the vpn.

      • January 30, 2012 at 10:18 pm

        Ahh I see now. You are a star and apologies complete lack of intelligence. I will certainly give this a go and let you know how I get on. Many thanks for accepting (and persisting) with the challenge

  2. February 1, 2012 at 9:38 pm

    Dave Ingram (@dingram) :

    You need to create the fritz config in windows, and use windows to make the shrew config. You then put the config file onto the linux netbook and install shrew there. That should let the linux only netbook access the vpn.

    @Dave. I’ve followed the process as you suggested. It works in windows. It works sort of in Opensuse 12.1. I start the daemon ( /usr/sbin/iked ) manually. The Shrewsoft Client negotiates a tunnel and will connect over wifi – the gateway doesn’t always hold though. Over mobile usb it fails to negotiate a tunnel at all and times out. So close but not quite there yet. I would appreciate your thoughts

    • February 1, 2012 at 11:21 pm

      I’ve only tried the Windows version, and I’ve used it over 3G and Wifi at university — all with pretty good results. I do have Ubuntu Linux as dual boot, and I’ll have a go when I get some time.

      I tweak the VPN settings to have an IP range & netmask of / so all traffic goes over the VPN, not just things for my home LAN. If I want to access things at home I use an SSL tunnel into my home server, but the VPN is better for checking email and web browsing with public connections.

      Running AirCap on a linux laptop can be quite informative!

      I am having a few reboot/dropout problems with my 7390, and that’s only happened since I updated the firmware. Unfortunately I didn’t save the settings with the old f/w, and settings saved with newer f/w cannot be applied to an older version. It is a decision yet to be made whether I try and get the new one working, or rebuild the old one (VOIP, DHCP, VPN etc)

  3. February 2, 2012 at 7:19 pm

    Regarding the 7390, I’ve not had that problem with the update. Seems to run fine. The one thing I did do was add an additional microfilter a while back. There was a lot of noise on the landline and this cleared it up. I suspect the bespoke lead that comes with the router can be problematic and you might want to try this.

    As for Shrew – it works fine for windows. I don’t need VPN much – only when I travel really. It would be nice if I could get the netbook to work seamlessly. I am ploughing through this German forum http://www.ip-phone-forum.de/showthread.php?t=202906&page=1&s=0cf4e61d2bc9672f1bb8aec3c9e8ae5f which seems to have some good information.

  4. October 6, 2013 at 12:59 pm

    I’ve documented my success at using vpnc to connect to my Fritz!Box devices at http://blog.mithis.net/archives/useful-bits/1833-connecting-to-a-fritzbox-under-linux-using-vpnc

    Gives you an Open Source alternative to the Shrew software.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: