This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

FritzBox IPsec VPN with XG

Hello Community.

Is someone of you did make vpn between XG and FritzBox ? If so, can you give some example configuration ? Ive got working IPsec on FritxBox but i have no idea how to config XG to make it work, which option to choose etc. Im at SFOS 18.5 mr1 - Home Usage ;)

I'll be greatfull for your help ;)



This thread was automatically locked due to age.
Parents Reply Children
  • I did try it but im getting errors "cant parse IKE"  Im not sure if proposal are correct. I cant find any manual for  fritz box.

    CONFIG ON FRITZ BOX:

    vpncfg {
    connections {
    {
    enabled = yes;
    editable = yes;
    conn_type = conntype_lan;
    name = "212.xx.xx.xx";
    boxuser_id = 0;
    always_renew = no;
    reject_not_encrypted = no;
    dont_filter_netbios = yes;
    localip = 0.0.0.0;
    local_virtualip = 0.0.0.0;
    remoteip = 212.xx.xx.xx;
    remote_virtualip = 0.0.0.0;
    keepalive_ip = 192.168.179.2;
    localid {
    fqdn = "This was some encoded thing";
    }
    remoteid {
    ipaddr = 212.xx.xx.xx;
    }
    mode = phase1_mode_aggressive;
    phase1ss = "all/all/all";
    keytype = connkeytype_pre_shared;
    key = "MY_PSK";
    cert_do_server_auth = no;
    use_nat_t = yes;
    use_xauth = no;
    use_cfgmode = no;
    phase2localid {
    ipnet {
    ipaddr = 192.168.178.0;
    mask = 255.255.255.0;
    }
    }
    phase2remoteid {
    ipnet {
    ipaddr = 192.168.179.1;
    mask = 255.255.255.0;
    }
    }
    phase2ss = "esp-all-all/ah-none/comp-all/pfs";
    accesslist = "permit ip any 192.168.179.1 255.255.255.0";
    app_id = 0;
    }
    ike_forward_rules = "udp 0.0.0.0:500 0.0.0.0:500",
    "udp 0.0.0.0:4500 0.0.0.0:4500";

    Errors from log on Sophos:

    Couldn't parse IKE header from XXX.XXX.XXX.XXX[55443]. Check the debug logs.

    FritzBox_IPsecS2S - Remote gateway didn't respond to the initial message 0. Check if the remote gateway is reachable. (Remote: XX.XX.XX.XX)

    FritzBox_IPsecS2S_Egid-1 - IKE message (AC004800) retransmission to XX.XX.XX.XX timed out. Check if the remote gateway is reachable. (Remote: XX.XX.XX.XX

    Below what i have chosen on FritzBox - connection type

    SOPHOS SITE:

    __________SETUP___________

    HP Small Form Factor:  i5 4Cores, 8Gb of RAM.
    Intel Network Card 5x Eth
    SSD: 256Gb