Raspberry PI as a VPN Client to FRITZBOX with IPSEC

Setup of VPN at the Fritzbox

First, a new user is created under System-> FRITZ! Box user.

Here, the access from the Internet must be granted and VPN (of course, be unlocked, everything else is deselected.

we remember the information from the iphone settings:

  • Description:
  • Server: arpdggefuegr23723n.myfritz.net
  • Account: vpn_user
  • Password: Password of the FRITZ! Box user “vpn_user”
  • Use certificate is disabled
  • Group name: vpn_user
  • Shared Secret: TANrpS1y34hHHJGIS4
 Now it goes on the Raspi ….

Installation:

sudo apt-get install vpnc

Create and customize config:

sudo nano /etc/vpnc/fritzbox.conf

IPSec gateway arpdggefuegr23723n.myfritz.net
IPSec ID vpn_user
IPSec secret TANrpS1y34hHHJGIS4
IKE Authmode psk
Xauth username vpn_user
Xauth password <passwort>
local port 0
DPD idle timeout (our side) 0

first test of the tunnel:

sudo vpnc fritzbox.conf

Ending the VPn connection:

sudo vpnc-disconnect

I have the start of the script in /etc/rc.local registered so that the VPN connection is established during boot.

vpnc fritzbox.conf

– Update –

Since the VPN connection breaks partially uncontrolled Abdelkader Wahb has made a script that monitors the connection and reboots when needed. I do not want to deprive you of this:

#! / Bin / bash

# here the log file is defined

LOGFILE = / data / log_vpnc / fritzbox.log

# here is the IP address of Fritzbox defined. if the VPN connection stands, then ping should work.

myHost = “192.168.178.1”

# Value -> how often should be pinged

value = 4

# Output value for “count” should be at successful ping 4, at unsuccessful ping 0.

count = $ (ping -c-value $ myHost | grep, received ‘| awk, {print $ 4}’)

if [$ count == 4]

then

# The upcoming echos are the info-issues in logfile

echo “$ (date +% Y-% m-% d:% T): Fritzbox with IP $ myHost is reachable and VPN connection is” | tee -a $ LOGFILE

else

echo “” | tee -a $ LOGFILE

echo “$ (date +% Y-% m-% d:% T): Fritzbox with the IP $ myHost is not reachable” | tee -a $ LOGFILE

echo “$ (date +% Y-% m-% d:% T): Disconnect VPN” | tee -a $ LOGFILE

# Here the VPNC-Demon is stopped, so it does not run more in the background

vpnc-disconnect

# Often the wireless connections are broken. Here all network connections are restarted.

echo “$ (date +% Y-% m-% d:% T): Restart network connections” | tee -a $ LOGFILE

/etc/init.d/networking restart

Wait for 10 seconds

sleep 10

# read out from the Wlan IP address

ipwlan = $ (ifconfig wlan0 | grep “inet address” | cut -b 24-38)

echo “$ (date +% Y-% m-% d:% T): Network connections have been restarted. WLAN IP address: $ ipwlan “| tee -a $ LOGFILE

echo “$ (date +% Y-% m-% d:% T): Rebuild VPN connection, start script vpnc_fritzbox” | tee -a $ LOGFILE

# start from VPNC-Demon. Read out PID and VPN-IP address

vpnc fritzbox.conf

pid = $ (pidof vpnc)

ipvpn = $ (ifconfig tun0 | grep “inet address” | cut -b 24-38)

echo “$ (date +% Y-% m-% d:% T): The VPN connection was successfully established. the VPN IP address is: $ ipvpn. VPNC-Demon is active under id: $ (pidof vpnc) “| tee -a $ LOGFILE

echo “” | tee -a $ LOGFILE

fi

 

Entry in / etc / crontab so that every 3 minutes is automatically executed on boot:

* / 3 * * * * root /etc/init.d/autovpncscript

Source: kuemmel.wtf