The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,499 other followers

Archive for the ‘Fritz!Box’ Category

Accessing storage (NAS) over the Internet via FTP | FRITZ!Box 7490 | AVM International

Posted by jpluimers on 2019/02/13

Of course you don’t want this. So by the time you read this, the connection has been closed.

For testing some Internet of Shit stuff from a client that cannot do SFTP, I needed a temporary FTP accessible connection.

These links helped:

TL;DR:

  1. Preparing the USB stick:
    1. Ensure the USB disk is FAT/FAT32/NTFS
    2. Create a directory in the root of the USB disk for the FTP user (for now: FtpDirectory)
    3. Insert the USB disk in the Fritz!Box
  2. Logon to the Fritz!Box web UI
    1. Configure a user for FTP:
      1. In the menu, go to System, then FRITZ!Box Users
      2. Click Add user
      3. Name the user (for now: MyFtpUser)
      4. Ensure that user *only* has a checkmark for `Access to NAS contents`
      5. Click the button Add directory
      6. In the popup click Select folder
      7. Choose the FtpDirectory you just made
      8. Click OK
      9. Ensure the read and write checkboxes are enabled
      10. Click OK
    2. Configure the USB stick for FPT access
      1. In the menu, go to Home Network, then USB Devices
      2. Observe if the device is visible and has the correct file system (if not: ask AVM)
      3. In the menu, go to Internet, then Permit Access
      4. Click on the FRITZ!Box Services
      5. Ensure there is a checkmark at Internet access to your storage media via FTP/FTPS enabled
      6. At TCP Port for FTP/FTPS, fill in 21 (many IoT devices cannot use a different port)
      7. Ensure there is *no* checkmark at Allow only secure FTP connections (FTPS)
      8. Make a note of the value after FTP address (something like ftp://example.org:21`)
      9. Click Apply
  3. Test

–jeroen

Posted in Communications Development, Development, Fritz!Box, FTP, Internet protocol suite, IoT Internet of Things, Network-and-equipment, Power User, Software Development, TCP | Leave a Comment »

Disable TR-069 on a Fritz!Box and check if that was succesful – translated from a post by Hartmut Goebel 

Posted by jpluimers on 2016/11/29

Just in case you got scared by the TR-064 hack and likely causality to the German Telekom ISP outage yesterday as some modems expose TR-064 via the TR-069 WAN access, here is how to disable TR-069 in your Fritz!Box: [WayBackTR-069 auf Fritzbox ausschalten und Ergebnis prüfen — Hartmut Goebel · CISSP, CSSLP · Berater für Information-Security-Management

Note that for Fritz!Box the TR-069 implementation is not as bad as some Speedport devices used by Telekom, but you might want to consider turning TR-069 off:

If you trust yourself to keep the Fritz!Box firmware *and* settings up-to-date better than your ISP does, below are the translated steps.

Steps to disable TR-069 on a Fritz!Box router

  1. Activate telnetd on your Fritz!Box via a connected phone by dialing #96*7*
  2. Connect to your Fritz!Box over telnet at using telnet fritz.box or instead of fritz.box., use the IP-address of your Fritz!Box device
    • the password is the same as the password in the Fritz!Box web interface
  3. Disable TR-069 by typing this command: ctlmgr_ctl w tr069 settings/enabled 0
  4. Verify the TR-069 is off by looking at configuration file with this command: cat /var/flash/tr069.cfg
    • Check that at the start there is a line with enabled = no
  5. Disable telnetd on your Fritz!Box via a connected by by dialing  #96*8*
Note that even without a phone you can enable/disable telnetd as described by [WayBack] FRITZ!Box VoIP password extraction 

–jeroen

References:

Posted in Fritz!Box, Network-and-equipment, Power User | 2 Comments »

Some cURL links with tips I used doing some Fritz!Box scripting research

Posted by jpluimers on 2016/09/29

I needed to script a few things on my Fritz!Box. Here are the cURL links that I used to research some Fritz!Box scripting.

My first try was wget, but that didn’t do everything I need, so cURL came to the rescue.

In the end, I didn’t need cookies (a post request with an MD5 based handshake sufficed to get a session SID which is not stored in a Cookie), but that surely will come in useful another time.

Curl man page entries:

The script is and docs are here: jpluimers/bash-fritzclient.

–jeroen

Posted in *nix, bash, cURL, Development, Fritz!Box, Network-and-equipment, Power User, Scripting, Software Development, wget | Leave a Comment »

difference between ADSLfiber and fiberfiber when both are @xs4all.

Posted by jpluimers on 2016/03/28

20150412 ping statistics from WiFi -> ADSL -> VPN -> fiber (where ADSL and fiber both are Fritz!Box machines having LAN-LAN VPN to each other):

PING 192.168.71.1 (192.168.71.1): 56 data bytes
64 bytes from 192.168.71.1: icmp_seq=0 ttl=63 time=19.190 ms
...64 bytes from 192.168.71.1: icmp_seq=1 ttl=63 time=18.905 ms
64 bytes from 192.168.71.1: icmp_seq=2 ttl=63 time=19.261 ms
64 bytes from 192.168.71.1: icmp_seq=3 ttl=63 time=19.982 ms
64 bytes from 192.168.71.1: icmp_seq=4 ttl=63 time=19.332 ms
64 bytes from 192.168.71.1: icmp_seq=5 ttl=63 time=26.800 ms
64 bytes from 192.168.71.1: icmp_seq=6 ttl=63 time=20.139 ms
64 bytes from 192.168.71.1: icmp_seq=7 ttl=63 time=19.498 ms
64 bytes from 192.168.71.1: icmp_seq=8 ttl=63 time=18.915 ms
64 bytes from 192.168.71.1: icmp_seq=9 ttl=63 time=19.200 ms
64 bytes from 192.168.71.1: icmp_seq=10 ttl=63 time=18.948 ms
64 bytes from 192.168.71.1: icmp_seq=11 ttl=63 time=19.524 ms
64 bytes from 192.168.71.1: icmp_seq=12 ttl=63 time=19.511 ms
64 bytes from 192.168.71.1: icmp_seq=13 ttl=63 time=20.417 ms
64 bytes from 192.168.71.1: icmp_seq=14 ttl=63 time=19.350 ms
64 bytes from 192.168.71.1: icmp_seq=15 ttl=63 time=18.690 ms
64 bytes from 192.168.71.1: icmp_seq=16 ttl=63 time=18.632 ms
64 bytes from 192.168.71.1: icmp_seq=17 ttl=63 time=18.912 ms
64 bytes from 192.168.71.1: icmp_seq=18 ttl=63 time=19.397 ms
64 bytes from 192.168.71.1: icmp_seq=19 ttl=63 time=19.257 ms
64 bytes from 192.168.71.1: icmp_seq=20 ttl=63 time=18.147 ms
64 bytes from 192.168.71.1: icmp_seq=21 ttl=63 time=18.601 ms
^C
--- 192.168.71.1 ping statistics ---
22 packets transmitted, 22 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 18.147/19.573/26.800/1.657 ms

same but LAN –> fiber -> VPN -> ADSL

Pinging 192.168.24.1 with 32 bytes of data:
Reply from 192.168.24.1: bytes=32 time=19ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=18ms TTL=63
Reply from 192.168.24.1: bytes=32 time=18ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=18ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=18ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63
Reply from 192.168.24.1: bytes=32 time=17ms TTL=63

Ping statistics for 192.168.24.1:
    Packets: Sent = 24, Received = 24, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 17ms, Maximum = 19ms, Average = 17ms

–jeroen

Posted in ADSL, fiber, Fritz!Box, Internet, Network-and-equipment, Power User, Routers, VPN | Leave a Comment »

Getting Fritz!Box LAN-LAN VPN to work for @xs4all connections despite lack of @AVM_DE support

Posted by jpluimers on 2016/01/22

This is a follow-up of my post Fritz!Box VPN error messages.

I had been failing to get a LAN-LAN connection between two xs4all Fritz!Box internet connections working, despite the description in [WayBackAdapting a VPN connection from FRITZ!Box to FRITZ!Box (LAN-LAN) | AVM International.

I was keeping the 0x1C error, and eventually contacted the customer support. At first they redirected me again to the documentation, so I replied with detailed PDFs for both Fritz!Box devices containing detailed information about:

  • both their internet connectivity
  • both their internal network settings
  • both their error logs
  • both their VPN configuration (including LAN-LAN and personal entries)

I got a reply back that – paraphrased – went like “We cannot provide network-administration-support, but VPN support of Fritz!Box in general works fine, so please read these pages”:

Given that they knew both connections were xs4all (which out-of-the-box doesn’t firewall), the PDFs didn’t indicate any firewall configuration and support not asking if the individual VPN connections worked (they do) but just blaming me or the Firewall is blatant, especially since they did not explain what the error codes meant.

Besides I already had read those pages and tried all the suggested solutions (more than a day work, as there are many suggested steps, Fritz!Box devices tend to reboot on many configuration change types and their DSL training is slow at best).

After the email, I went back to the drawing board based in this one twitter conversation that was partially useful (but failed to indicate more error codes and also pointed me to their email helpdesk which failed miserably).

The IKE-error 0x1C can mean that the remote IP doesn’t match the expected IP.

So I tried this:

Read the rest of this entry »

Posted in Fritz!Box, Network-and-equipment, Power User | 1 Comment »

 
%d bloggers like this: