|
AVM FritzBox 7390 and AYIYA possible?
![[de]](/s/countries/de.gif) Shadow Hawkins on Tuesday, 03 July 2012 21:27:39
This weekend I replaced my old Soekris net4801 running OpenBSD by a FritzBox 7390 (running the latest FritzOS 05.22). With the OpenBSD Box and my SixXS Tunnel worked fine for 18 Months or so (well, sort of - it did have problems with the daily forced disconnect most german ISPs do). I was using aiccu and AYIYA under OpenBSD.
Now with the FritzBox I cannot get the tunnel to work. I searched here and elsewhere for a solution but only got more confused.
- some people say, you need a subnet to get it to work (I have one /48, but cannot find a way to tell it to the FritzBox)
- some people say you need to add /<tunnelid> to the username and use TIC password (does not make a difference for me)
- some people say, AYIYA works, as does "heartbeat", the most recent posting in this forum says only heartbeat works.
The error message in the Fritzbox says
"Internetverbindung IPv6 (SixXS Tunnel) ist fehlgeschlagen: Heartbeat-Untersttzung erforderlich (2.13718e-307)."
which suggests I need heartbeat as the tunnel type. Is this really true? It seems I need 15 ISK for changing the tunnel type and I only got 6 left.
I know I could use freetz+aiccu, but I am reluctant to patch a beta firmware (freetz stable release does not seem to support my box) to the box, when I still have not decided whether I keep it. To make the kernel small enough to fit I also would need to drop some included features which I do not really want.
Can anyone confirm AYIYA does (or does not) work with my 7390 + OS 05.22? Any suggestions as to make my tunnel work?
AVM FritzBox 7390 and AYIYA possible?
Shadow Hawkins on Wednesday, 04 July 2012 09:33:22
I have done some more googling (AVM support was not helpful at all, they did not even care to read my email before sending some unrelated links) and now I am even more confused. It seems that I need a heartbeat tunnel indeed. But there also seems to be a compulsory firewall builtin that denies access to the ipv6 subnet from the outside - so the tunnel would be useless.
Is this really true even with current firmware? Does anyone use a fritzbox for connecting to ipv6 network via sixxs and is able to connect to his network from the outside?
AVM FritzBox 7390 and AYIYA possible?
Shadow Hawkins on Wednesday, 04 July 2012 10:10:26
I am using a Sixxs.net tunnel on a Fritz!box 7390 for almost 2 years.
Tunnel type has to heartbeat.
You only need to configure "Immer ein Tunnelprotokoll fr die IPv6-Anbindung nutzen", "SixXS" and then enter username, password and tunnel-id.
The FB learns automatically the required subnet. If you have a /48 and a /64 subnet you probably should disable the /64 just to make sure the FB gets the correct one. I have not tested if the FB works with a /64 but I have some doubts because the FB already needs 2 subnets for the LAN and GUEST network.
AVM FritzBox 7390 and AYIYA possible?
Shadow Hawkins on Wednesday, 04 July 2012 10:18:12
Regarding the IPv6 firewall in the FB:
at "Internet" -> "Freigaben -> "IPv6" you can either open specific TCP or UDP ports for a machine in the LAN or you can make it an "exposed host" by allowing all traffic.
AVM FritzBox 7390 and AYIYA possible?
Only exposed host would then make sense and only if the box then actually passes proto-41 and one then uses a proto-41 based tunnel.
AYIYA will just punch through the NAT and it would not care about it.
AVM FritzBox 7390 and AYIYA possible?
- some people say, you need a subnet to get it to work (I have one /48, but cannot find a way to tell it to the FritzBox)
The Fritz!Box can only use 1 single /64, as such the default routed /64 is fine and you don't need a separate full /48.
A lot of text you find about this on the Internet is old and outdated as then then the default routed. subnet did not exist yet.
- some people say you need to add /<tunnelid> to the username and use TIC password (does not make a difference for me)
Should not matter. The only reason why this might need to be done is when one has multiple tunnels as the Fritz!Box does not allow selection of a specific tunnel id. By passing it as the username TIC only exposes that tunnel and thus even if you have multiple tunnels it will work without selecting a specific tunnel.
- some people say, AYIYA works, as does "heartbeat", the most recent posting in this forum says only heartbeat works.
AYIYA does not work on the AVM versions of Fritz!Box this as they only implemented heartbeat support.
AYIYA does (apparently) work on freetz but this is as that uses AICCU.
"Internetverbindung IPv6 (SixXS Tunnel) ist fehlgeschlagen: Heartbeat-Untersttzung erforderlich (2.13718e-307)."
You are running an AVM version of the Fritz!Box and thus have to use heartbeat.
Is this really true?
Yes, that is the full truth, the heartbeat is not a lie ;)
It seems I need 15 ISK for changing the tunnel type and I only got 6 left.
That only means you will go into the minus, but it will work.
Just switch the tunnel type to heartbeat and all should be fine.
AVM FritzBox 7390 and AYIYA possible?
Shadow Hawkins on Thursday, 05 July 2012 14:41:50
Thanks to you and Juergen also, your answers were very helpful. As I understand Heartbeat doesnt go through NAT so if I change the tunnel type and it still does not work as I intend I am lost. So maybe I keep my current setup where my synology nas does the tunnel setup and routing or try freetz some time.
Now I just need to find documentation for ipsec.cfg syntax, but that's no case for this forum.
AVM FritzBox 7390 and AYIYA possible?
Carmen Sandiego on Tuesday, 24 July 2012 00:52:44 |
![[ch]](/s/countries/ch.gif)
on Wednesday, 04 July 2012 14:00:29
Posting is only allowed when you are