FRITZ!Box 4020 Service - Knowledge Base
Setting up a VPN connection to the FRITZ!Box in Apple macOS
VPN (Virtual Private Network) allows you to establish a secure connection over the internet from a computer with Apple macOS to your FRITZ!Box and then access all of the devices and services in the home network of your FRITZ!Box.
Example values used in this guide
In this guide we show you how to connect a computer with macOS 10.12 to the FRITZ!Box over VPN. When you set up your connection, replace the values used in this example with actual ones.
- MyFRITZ! domain name of the FRITZ!Box:
- User name of the FRITZ!Box user:
- Password of the FRITZ!Box user:
- Shared secret of the FRITZ!Box user:
Requirements / Restrictions
- macOS 10.6 or later is installed on the computer.
- The FRITZ!Box must establish its own connection to the internet using a modem (for example a DSL or cable modem).
- The FRITZ!Box must obtain a public IPv4 address from the internet service provider.
Important:The FRITZ!Box cannot be accessed from the internet over IPv4 when used on a DS-Lite internet connection. When DS-Lite is active, the status "IPv4 over DS Lite" is displayed under "Connections" on the "Overview" page of the FRITZ!Box user interface.
Note:The configuration procedure and notes on functions given in this guide refer to the latest FRITZ!OS for your FRITZ!Box.
Setting up MyFRITZ!
With MyFRITZ! you can even access the FRITZ!Box over the internet at all times if the FRITZ!Box receives a different public IP address from your internet service provider on a regular basis:
Note:If you already use a different dynamic DNS service, you can also use this service instead of MyFRITZ!.
Adjusting the FRITZ!Box's IP network
Both ends of a VPN connection must have IP addresses from different IP networks. VPN communication cannot occur if your computer is connected to a router (for example another FRITZ!Box) with the same IP network as your FRITZ!Box.
Note:All FRITZ!Boxes use the IP network 192.168.178.0 in the factory settings.
Assign an IP address to your FRITZ!Box that is not the same as the IP addresses of the routers you will use to connect to the FRITZ!Box, for example 192.168.10.1 (subnet mask 255.255.255.0):
- Click "Home Network" in the FRITZ!Box user interface.
- Click "Home Network Overview" in the "Home Network" menu.
- Click on the "Network Settings" tab.
- Click the "IPv4 Addresses" button.
- Enter the desired IP address and subnet mask.
- Click "OK" to save the settings.
2 Setting up a VPN connection in the FRITZ!Box
Set up a different user for each VPN connection in the FRITZ!Box:
- Click "System" in the FRITZ!Box user interface.
- Click "FRITZ!Box Users" in the "System" menu.
- Click the (Edit) button for the user who intends to connect to the FRITZ!Box via VPN. If you have not set up any users yet:
- Click the "Add User" button.
- Enter a name and password of your choice for the user in the corresponding fields.
- Enable the option "VPN".
- Click "OK" to save the settings.
Now the FRITZ!Box sets up the VPN rights for this FRITZ!Box user.
A window displaying the VPN settings for the FRITZ!Box user then opens automatically.
Note:You can open this window any time by clicking "Show VPN Settings" in the settings for the FRITZ!Box user.
3 Setting up and establishing a VPN connection on the computer
Set up the VPN connection on the computer using the VPN settings displayed in the FRITZ!Box user interface for the FRITZ!Box user:
Note:You can access the VPN settings if you select "System > FRITZ!Box Users" in the user interface, call up the settings for the user, and click "Show VPN Settings".
- Open the "System Settings" in the Apple menu.
- Click "Network" in the "System Preferences" menu.
- Select the desired location, then click the plus sign below the list with the existing connections.
- Select the entry "VPN" from the drop-down list "Interface".
- Select the entry "Cisco IPSec" from the drop-down list "VPN Type".
- Enter a name of your choice (FRITZ!Box VPN) for the "Service Name" and then click "Create".
- Enter the MyFRITZ! domain name of the FRITZ!Box (pi80ewgfi72d2os42.myfritz.net) for the "Server Address".
- For the "Account Name", enter the name of the FRITZ!Box user (John Smith) who intends to connect to the FRITZ!Box via VPN.
- Enter the password for the FRITZ!Box user (secret) in the "Password" field.
Important:If you enter the password here, a password will not be required to establish the VPN connection. Protect your computer with a password so that unauthorized persons cannot use the VPN connection.
- Click "Authentication Settings ...".
- In the "Shared Secret" field, enter the shared secret (Zj7hPCouK65IrPU) displayed in the VPN settings for the FRITZ!Box user.
- Enter the name of the FRITZ!Box user (John Smith) in the "Group Name" field.
- Click "OK" and then "Connect".