WIKIABOUT

FOR TIPS, gUIDES & TUTORIALS

subscribe to our Youtube

GO TO YOUTUBE

14455 questions

17168 answers

28195 comments

0 members

Most popular tags

rut955 rut240 rut950 rutx11 rms vpn to openvpn wifi not sms trb140 firmware connection - ipsec on rutx12 rutx09 modbus
We are migrating to our new platform at https://community.teltonika.lt. Moving forward, you can continue discussions on this new platform. This current platform will be temporarily maintained for reference purposes.

RUT950 Wireguard with FritzBox

0 votes
1,736 views 4 comments
by anonymous

Hello,

 I would like to connect my Rut 950 to my Fritzbox. Have a config file from the FritzBox. I would now like to enter this config file manually into the Rut 950 Wireguard configuration. Can someone tell me which parameters are used where? I've tried many things but it doesn't work.

here the config file of the fritz box:

[Interface] PrivateKey = KCdPaxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=

Address = 192.168.10.1/24

DNS = 192.168.178.1

DNS = fritz.box

[Peer]

PublicKey = jLkgxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=

PresharedKey = cyijxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=

AllowedIPs = 192.168.178.0/24

Endpoint = xxxxx.ddns.net:58991

PersistentKeepalive = 25

Thank you very much
in the appendix is a picture of the cli wg.

1 Answer

0 votes
by anonymous

Hello,

To establish a successful connection between your RUT950 and FritzBox using WireGuard, please ensure the following configurations:

  • The peer key on the FritzBox should match the public key of the RUT950, and vice versa (peer on RUT should match the public key of FritzBox). Double-check that these keys are correctly configured on both devices.
  • The IP address of the RUT950 WireGuard interface should be within the same network as the FritzBox. For example, if the FritzBox has an address of 192.168.10.1/24 for WireGuard, set the RUT950 WireGuard address to something like 192.168.10.2/24.
  • Configure the endpoints on both devices to point to each other. If one of the devices has a public IP address, you can set its IP address as the endpoint on the other device. For instance, if the FritzBox has a public IP address, specify its IP address as the endpoint on the RUT950. You can try pinging the public IP of the FritzBox to see if its reachable over the internet. The device should be reachable over internet for WireGuard to establish (unless RUT is the one with the public IP address, then check if FritzBox can reach it via ping).
  • Ensure that the "allowed IP" ranges are properly configured. The allowed IP range on the FritzBox should include the IP address of the LAN network of the RUT950, and vice versa (The allowed IPs on RUT should match LAN network of the FritzBox). This ensures that the necessary traffic is routed through the WireGuard tunnel.
Also, make sure to check the WireGuard configuration example on our wiki page here.

Kind Regards,

Andzej

by anonymous

Hello,

You write the following in your wiki: WireGuard is a simple, fast, lean and modern VPN that uses secure and trustworthy cryptography. I've been trying to connect to my Fritzbox for days now. Why don't you write easy-to-understand instructions that make it easier for you, fewer inquiries and free up time for other things. With almost every other device it is possible to import a wireguard config file and that's it. if you don't offer something like that, you have to at least write reasonable instructions. many instructions are written by users to which you then refer. your routers are great, but without sound network knowledge, if it goes beyond activating the network card, it's very special. Have now tried 3 different VPN'ns and get none to run.

I'm sorry I'm a little frustrated!

Best regards

by anonymous

Agree with Netpass. The time spent on the proposed "solution"  by Andzejj is wasted. Configuration is incredibly difficult as the is no clear instruction. The Fritzbox has -no- such thing as a "peer" key. How difficult could it be for teltonika the write down which fields from the Fritzbox generated conf file go where on the RUTX configuration page? I have no Idea even why I have to make a "wireguard configuration"  AND an " Instance", whatever "instance" means. 

On Android, Macbook, Windows I had Wireguard clients connecting to my Fritzbox in minutes. I've spent several evenings getting it to work on my RUTX11, including multiple factory resets. It does not work! 

As TS included a Fritz Conf file: the absence of a PeerKey in Fritz was clear from the very start of this topic: 

[Interface] PrivateKey = KCdPaxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
[Peer]
PublicKey = jLkgxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
PresharedKey = cyijxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=

by anonymous

@Netpass: I suppose the config you have shown in the question is a wg.conf file to connect to the Fritzbox from the RUT, right ?

If so, on the RUT wireguard -> General setup menu:

  1. set the Private key field to KCdPa.....
  2. let Public key empty
  3. keep the default value of 51820 for Listen port
  4. set IP addresses to 192.168.10.1/24

In wireguard->Advanced Settings:

  1. set MTU to 1420 at most (but check the MTU of your wan interface and substract 80)
  2. set DNS servers to fritz.box

Then create a new instance (a peer) if you haven't already done so and edit it with the pen.

In General setup:

  1. set Public key to jLkg ....
  2. set Allowed IPs to 192.168.178.0/24
  3. set "Route Allowed Ips" to On

and in Advanced settings:

  1. set Preshared key to cyij...
  2. set Enpoint host to xxxxx.ddns.net
  3. set Endpoint port to 58991
  4. Set Persistent keepalive to 25
  5. let Routing table empty.

Save&apply, and check via ssh or CLI that the tunnel using the "wg" command.

by anonymous
Hello flebourse,

my problem was set "Route Allowed Ips" to On

Thank you

Best regards

netpass