Recommend:
To the knowledge base

Using VPN software from another manufacturer in the FRITZ! home network

You can use the FRITZ!Box's internet connection to establish VPN connections to remote VPN servers (for example the VPN server of your company) as well as VPN connections to a VPN server in your home network (for example the VPN server of a NAS system).

Note:Refer to the manufacturer for information on the necessary settings in the VPN software being used.

Outgoing VPN connections

If you want to establish VPN connections to remote VPN servers, you do not have to configure any settings in the FRITZ!Box. By default, VPN passthrough is enabled for the VPN protocols IPsec and PPTP in the FRITZ!Box; no further settings are necessary.

If the VPN software uses the IPsec protocol without NAT traversal or the PPTP protocol, the following restrictions apply when using it behind a router like the FRITZ!Box:

  • It is not possible to establish several VPN connections to the same VPN server at the same time.
  • The IPsec operating mode "Authentication Header" (AH) cannot be used.
  • Normally VPN software does not receive notification when the internet connection is cleared and it usually cannot automatically renegotiate the VPN connection. It is necessary to renegotiate the VPN connection if the FRITZ!Box receives a new public IP address when the internet connection is re-established.

Incoming VPN connections

If you want to establish VPN connections to a VPN server in your home network, you must share the ports in the FRITZ!Box that are required by the VPN server.

If VPN connections are set up in the FRITZ!Box, the FRITZ!Box uses UDP ports 500 (ISAKMP) and 4500 (NAT traversal). If the VPN server uses the same ports, either configure the VPN server to use different ports, or disable the VPN connections in the FRITZ!Box under "Internet > Permit Access > VPN".

Note:You can find an overview of all of the ports opened by the FRITZ!Box under "Diagnostics > Security" in the FRITZ!Box user interface.