Jump to content
Not connected, Your IP: 3.230.1.126
k0ns0le

Prevent Leakage on Fritzbox 6490

Recommended Posts

Hi there, I use a Fritzbox 6490 with the current OS 6.63. My goal is to set-up the firewall of the Fritzbox in a way that only AirVPN internet traffic is allowed and everything else blocked. Can you please help and describe how to set-up the Fritzbox?

Share this post


Link to post

Hello!

 

Is this what you're looking for?


Moderators do not speak on behalf of AirVPN. Only the Official Staff account does. Please also do not run Tor Exit Servers behind AirVPN, thank you.
Did you make a guide or how-to for something? Then contact me to get it listed in my new user guide's Guides Section, so that the community can find it more easily.

Share this post


Link to post

Hello!

 

Is this what you're looking for?

 

​Thanks for your suggestion. But, unfortunately, no this How-To is not what I'm looking for. It's about flashing Fritzboxes with old OS's.

​I'm looking for a way to set-up the firewall of the Fritzbox running to latest official OS to only let AirVPN traffic through.

Share this post


Link to post

It's about flashing Fritzboxes with old OS's.

 

Not quite, it's about flashing postmarket firmwares. Only if you want to use iptables you need an OS version <5.0.

 

Since you use a cable modem where ~50% of an AVM reference (flagship) model's features are just not there (managed by ISP), I think it's not possible. But then again, I don't know what new features were implemented after 6.50 because this is the most recent OS version I have access to currently.

 

For me there's only the option to edit filtering lists for child safety profiles. There I can set the firewall to whitelist mode and enter all IPs I allow the devices belonging to a profile to view.

 

Freetz on the other hand would open the option to edit the AVM firewall but this is of course not an option for cable modems.


» I am not an AirVPN team member. All opinions are my own and are not to be considered official. Only the AirVPN Staff account should be viewed as such.

» The forums is a place where you can ask questions to the community. You are not entitled to guaranteed answer times. Answer quality may vary, too. If you need professional support, please create tickets.

» If you're new, take some time to read LZ1's New User Guide to AirVPN. On questions, use the search function first. On errors, search for the error message instead.

» If you choose to create a new thread, keep in mind that we don't know your setup. Give info about it. Never forget the OpenVPN logs or, for Eddie, the support file (Logs > lifebelt icon).

» The community kindly asks you to not set up Tor exit relays when connected to AirVPN. Their IP addresses are subject to restrictions and these are relayed to all users of the affected servers.

 

» Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, chances are you will be unique amond the mass again.

Share this post


Link to post

Speaking of the implemented internet filters of the FritzBox: It is possible to create rules that restrict certain protocols and ports.

 

Is it reasonable to restrict all protocols and ports, except the protocols and ports the AirVPN Client for Windows "Eddie" is using?

 

In my consideration this should do the trick that the Fritzbox allows only AirVPN internet traffic and everything else blocked. Is this thought correct?

Share this post


Link to post

Is it reasonable to restrict all protocols and ports, except the protocols and ports the AirVPN Client for Windows "Eddie" is using?

 

In my consideration this should do the trick that the Fritzbox allows only AirVPN internet traffic and everything else blocked. Is this thought correct?

 

Only if you also restrict connections to AirVPN IPs. If I globally allow tcp/443, every HTTPS website can be viewed, no matter if I'm connected or not.

A workaround would be to never connect using TCP. Opening all UDP ports should do the trick. Problem: You don't take care of DNS leaks because DNS operates on udp/53 - which is a port you can connect to here.

So the best you can do is still maintaining a list of allowed IPs in an otherwise blocking filter.


» I am not an AirVPN team member. All opinions are my own and are not to be considered official. Only the AirVPN Staff account should be viewed as such.

» The forums is a place where you can ask questions to the community. You are not entitled to guaranteed answer times. Answer quality may vary, too. If you need professional support, please create tickets.

» If you're new, take some time to read LZ1's New User Guide to AirVPN. On questions, use the search function first. On errors, search for the error message instead.

» If you choose to create a new thread, keep in mind that we don't know your setup. Give info about it. Never forget the OpenVPN logs or, for Eddie, the support file (Logs > lifebelt icon).

» The community kindly asks you to not set up Tor exit relays when connected to AirVPN. Their IP addresses are subject to restrictions and these are relayed to all users of the affected servers.

 

» Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, chances are you will be unique amond the mass again.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...