Community discussions

MUM Europe 2020
 
unterums
newbie
Topic Author
Posts: 32
Joined: Mon May 17, 2010 10:36 am

VPN ipsec between AVM FritzBox an Mikrotik

Sat Apr 20, 2013 12:30 pm

Hello,
i want to build a VPN IPSEC connection between Mikrotik Router with fix puplic IP-adress
and a AVM FritzBox with dynamic puplic IP-adress.

Have anyone an Idee

(I havn´t good vpn knowlege, but i will pay für Support)

Thank you, BR Thomas
 
redflag237
just joined
Posts: 21
Joined: Mon Aug 12, 2013 1:17 pm

Re: VPN ipsec between AVM FritzBox an Mikrotik

Mon Feb 17, 2014 6:06 pm

push
 
letter
just joined
Posts: 5
Joined: Sat Feb 15, 2014 1:22 pm

Re: VPN ipsec between AVM FritzBox an Mikrotik

Mon Mar 03, 2014 8:21 pm

Hi

Did you manage to get this scenario to work?

Thanks for a reply
 
redflag237
just joined
Posts: 21
Joined: Mon Aug 12, 2013 1:17 pm

Re: VPN ipsec between AVM FritzBox an Mikrotik

Mon Mar 03, 2014 8:25 pm

Hi

Did you manage to get this scenario to work?

Thanks for a reply
really frustrating topic, nothing's really working. I'm going to get in touch with the support team, maybe they've got an idea,

regards,

redflag237
 
evince
Member
Member
Posts: 311
Joined: Thu Jul 05, 2012 12:11 pm
Location: Weiswampach - Luxemburg
Contact:

Re: VPN ipsec between AVM FritzBox an Mikrotik

Tue Apr 01, 2014 6:28 pm

Hello everybody,

Any news regarding this issue? I'm trying to get my ipsec between RB & Fritzbox working.

Thank you in advance,
 
evince
Member
Member
Posts: 311
Joined: Thu Jul 05, 2012 12:11 pm
Location: Weiswampach - Luxemburg
Contact:

Re: VPN ipsec between AVM FritzBox an Mikrotik

Fri Apr 04, 2014 4:48 pm

Hi all,

Finaly i found the way to get it working, here is the fritzbox config :
vpncfg {
        connections {
                enabled = yes;
                editable = yes;
                conn_type = conntype_lan;
                name = "IPSec2Mkt";				// Name of the connection
                boxuser_id = 0;
                always_renew = yes;
                reject_not_encrypted = no;
                dont_filter_netbios = yes;
                localip = 0.0.0.0;
                local_virtualip = 0.0.0.0;
                remoteip = xxx.xxx.xxx.xxx;		// Remote IP
                remote_virtualip = 0.0.0.0;
                keepalive_ip = 0.0.0.0;
                localid {
                        fqdn = "$$$$D2GZVKMCVTYZFEPAH1FJ4JGTX6URTE1SVAHTUJ3GBHRJUZ251NFNDE3MCQYZ21RWWNJ1NWPIBYP6G32J";
                }
                remoteid {
                        ipaddr = xxx.xxx.xxx.xxx;	// Remote IP
                }
                mode = phase1_mode_idp;
                phase1ss = "alt/aes/sha";
                keytype = connkeytype_pre_shared;
                key = "PRESHAREDKEY";			// Presharedkey
                cert_do_server_auth = no;
                use_nat_t = yes;
                use_xauth = no;
                use_cfgmode = no;
                phase2localid {
                        ipnet {
                                ipaddr = 192.168.178.0;		// Local Subnet
                                mask = 255.255.255.0;
                        }
                }
                phase2remoteid {
                        ipnet {
                                ipaddr = 192.168.88.0;		// Remote Subnet
                                mask = 255.255.255.0;
                        }
                }
                phase2ss = "esp-3des-sha/ah-no/comp-no/pfs";
                accesslist = "permit ip any 192.168.88.0 255.255.255.0";
        }
        ike_forward_rules = "udp 0.0.0.0:500 0.0.0.0:500", 
                            "udp 0.0.0.0:4500 0.0.0.0:4500";
}


// EOF
Mikrotik Configuration :
Phase1 : 

-	Authentication : SHA1
-	Encryption : AES-256
-	DH Group 2
-	Nat-t : disabled

Phase2 :

-	Authentication : SHA1
-	Encryption : 3DES
-	DH Group 2
 
hansmeier61
just joined
Posts: 3
Joined: Fri May 09, 2014 4:38 am

Re: VPN ipsec between AVM FritzBox an Mikrotik

Fri May 09, 2014 5:00 am

Hi evince,

thank you very much for your information!! I'm working at the same topic but I can't establish a working VPN Connection between FritzBox an Mikrotik.

I have been trying for weeks.

Could you post your Mikrotik config or send some screenshots of the WinBox configuration windows?


You are my home! :D


Thanks!!

Because FritzBox is very popular router in Germany: Do you speak german?
 
User avatar
NetVicious
Member Candidate
Member Candidate
Posts: 116
Joined: Fri Nov 13, 2009 3:30 pm
Location: Spain

Re: VPN ipsec between AVM FritzBox an Mikrotik

Wed May 14, 2014 4:10 pm

hansmeier61. Did you enabled the logging for ipsec ?
/system logging add topics=ipsec
. . //\/ e t . \/ i c i o u s ..
 
hansmeier61
just joined
Posts: 3
Joined: Fri May 09, 2014 4:38 am

Re: VPN ipsec between AVM FritzBox an Mikrotik

Fri May 16, 2014 1:59 am

hansmeier61. Did you enabled the logging for ipsec ?
/system logging add topics=ipsec
No. I will try this and look into the log. But it would be much easy with a correct configuration on the Mikrotik side.

So if you can offer a working configuration, please, please, post it!
 
User avatar
NetVicious
Member Candidate
Member Candidate
Posts: 116
Joined: Fri Nov 13, 2009 3:30 pm
Location: Spain

Re: VPN ipsec between AVM FritzBox an Mikrotik

Mon May 19, 2014 9:46 am

I didn't read nothing about AVM FritzBox until I saw it on your post. So I cannot help you.

Try reading tutos of how to config Mikrotik against IPSEC Cisco.

http://gregsowell.com/?p=787
. . //\/ e t . \/ i c i o u s ..
 
evince
Member
Member
Posts: 311
Joined: Thu Jul 05, 2012 12:11 pm
Location: Weiswampach - Luxemburg
Contact:

Re: VPN ipsec between AVM FritzBox an Mikrotik

Tue May 20, 2014 5:16 pm

Hi hansmeier61,

Can you tell me what kind of fritzbox do you use? And which firmware?

With the new one, you just need to run the Wizard and all is working.

Let me know if you need further assistance.

Bests Regards,
 
hansmeier61
just joined
Posts: 3
Joined: Fri May 09, 2014 4:38 am

Re: VPN ipsec between AVM FritzBox an Mikrotik

Thu May 22, 2014 3:47 am

Hi hansmeier61,

Can you tell me what kind of fritzbox do you use? And which firmware?

With the new one, you just need to run the Wizard and all is working.

Let me know if you need further assistance.

Bests Regards,
Hi evince,

I am currently using a AVM Fritz Box 7390 with Firmware FRITZ!OS 06.03.


I am not sure what you want to tell me. You posted the config for the FritzBox. But what are the configuration settings for the Mikrotik router? Or do you want to tell me that there is also a Wizard in Mikrotik? I do not know any wizard in Mikrotik for VPN! What I know is the winbox.exe configuration tool. The I go to IP, then to IPsec. Then I have to make settings there for policies, Peers, remote Peers, proposals ...
I did this in a way it shoud match to your FritzBox VPN config file but I do not get a connection. So I want to know what you have configured on policies, Peers, remote Peers, proposals ...


Do you understand me now, what I want from you. I would like some screenshots of These pages (policies, Peers, remote Peers, proposals ...).

Thanks!!
 
evince
Member
Member
Posts: 311
Joined: Thu Jul 05, 2012 12:11 pm
Location: Weiswampach - Luxemburg
Contact:

Re: VPN ipsec between AVM FritzBox an Mikrotik

Thu May 22, 2014 11:59 am

Hi hansmeier61,,

Here is the screenshot :http://www.hostingpics.net/viewer.php?i ... fritz2.png

Bests Regards,
 
UbR
just joined
Posts: 1
Joined: Sun Dec 31, 2017 4:54 pm

Re: VPN ipsec between AVM FritzBox an Mikrotik

Sun Dec 31, 2017 4:57 pm

Hi, have you fixed it ?

I also Need a IPSec Connection between a FritzBox (new Fritz OS)
and a MikroTik.

Maybe someone can help me ???
 
dommezatti
just joined
Posts: 1
Joined: Mon Jan 01, 2018 1:19 pm

Re: VPN ipsec between AVM FritzBox an Mikrotik

Mon Jan 01, 2018 1:21 pm

Hi all,

Finaly i found the way to get it working, here is the fritzbox config :
vpncfg {
        connections {
                enabled = yes;
                editable = yes;
                conn_type = conntype_lan;
                name = "IPSec2Mkt";				// Name of the connection
                boxuser_id = 0;
                always_renew = yes;
                reject_not_encrypted = no;
                dont_filter_netbios = yes;
                localip = 0.0.0.0;
                local_virtualip = 0.0.0.0;
                remoteip = xxx.xxx.xxx.xxx;		// Remote IP
                remote_virtualip = 0.0.0.0;
                keepalive_ip = 0.0.0.0;
                localid {
                        fqdn = "$$$$D2GZVKMCVTYZFEPAH1FJ4JGTX6URTE1SVAHTUJ3GBHRJUZ251NFNDE3MCQYZ21RWWNJ1NWPIBYP6G32J";
                }
                remoteid {
                        ipaddr = xxx.xxx.xxx.xxx;	// Remote IP
                }
                mode = phase1_mode_idp;
                phase1ss = "alt/aes/sha";
                keytype = connkeytype_pre_shared;
                key = "PRESHAREDKEY";			// Presharedkey
                cert_do_server_auth = no;
                use_nat_t = yes;
                use_xauth = no;
                use_cfgmode = no;
                phase2localid {
                        ipnet {
                                ipaddr = 192.168.178.0;		// Local Subnet
                                mask = 255.255.255.0;
                        }
                }
                phase2remoteid {
                        ipnet {
                                ipaddr = 192.168.88.0;		// Remote Subnet
                                mask = 255.255.255.0;
                        }
                }
                phase2ss = "esp-3des-sha/ah-no/comp-no/pfs";
                accesslist = "permit ip any 192.168.88.0 255.255.255.0";
        }
        ike_forward_rules = "udp 0.0.0.0:500 0.0.0.0:500", 
                            "udp 0.0.0.0:4500 0.0.0.0:4500";
}


// EOF
Mikrotik Configuration :
Phase1 : 

-	Authentication : SHA1
-	Encryption : AES-256
-	DH Group 2
-	Nat-t : disabled

Phase2 :

-	Authentication : SHA1
-	Encryption : 3DES
-	DH Group 2
I'm also working out on building connection between MikroTik and AVM FritzBox but couldn't get a way around. Thank you so much for the code and references.
Dom (Developer of Tutuapp)
 
evince
Member
Member
Posts: 311
Joined: Thu Jul 05, 2012 12:11 pm
Location: Weiswampach - Luxemburg
Contact:

Re: VPN ipsec between AVM FritzBox an Mikrotik

Wed Jan 10, 2018 12:00 pm

Hello, can you tell me if the connection is established or not?

I can tell you it is working, i just build a vpn and all is working

Who is online

Users browsing this forum: Baidu [Spider] and 121 guests