III. Tutorial DS: Get your cloud into the Internet using Fritzbox as a router
-
Steffi -
June 13, 2017 at 6:22 PM -
4,559 Views -
0 Comments -
11 Minutes
Your disc station is now pretty secure if you have followed tutorial one and two. In this tutorial I will show you how to access your disc station from the Internet using Fritzbox as a router for your own cloud.
Surely, there are several ways to accomplish this connection for instance using a DNS provider. But why would you do this if you can use your Fritzbox?
Before 01 August 2016 there was a constraint of using your own router in Germany. Mostly all providers used their own routers and it was not really possible to use your own as some important information needed to install it properly. Especially, for current customers it was a pain but with the judgement dated on 23 September 2016 of the district court of Essen, it is now possible for new and current customers to use their own routers and your provider needs to make sure to give all relevant information to use it.
Just in case you like to view the judgement here is the link to it (AZ 45 O 56/16).
Usually, you will get an Internet package from your provider for the first start but you do not have to use their router anymore. Some of these providers offer also third-party routers for lease or free. Therefore, it is good to ask them for a third party router if you do not like to use their router.
if that is not possible - thought it is worth to try it - you can also get an Fritzbox of AVM from Amazon for instance.
Which is the best Fritzbox?
Well, it really depends on your needs and which speed you prefer and of course it depends how much you like to spend on it. Sometimes, it really fits a Fritzbox for around EUR 80 and for a big family I would recommend to get something with two WLAN and more speed.
There are also Fritzbox’ for cable-based Internet available. Here in Germany the biggest provider of cable-based Internet is UnityMedia.
Why a Fritzbox?
There are several routers at the market especially for private customers around and you can choose from several options. Personally, I like to get something if I am going to spend money.
Some routers got port redirection, others have DDNS available and some of them provide you with an USB NAS to put some data on it.
Most important features of a router
A router should have the following at least:
- Send you an email if something is wrong
- port redirection
- VPN
- DDNS over the manufacture and/or using a third-party provider
- Good quality of hardware as it will run almost 24/7
- Install updates automatically
- Functions which can be operated by phone too, so you do not have to login using a the website. This can be useful just to turn on or off your broadband.
All this function and much more can be accomplished using a Fritzbox. This little red box has everything you would need and some features which you might need in the future.
Most importantly it is easy to install and configure also for non-technical person who will buy their very first Fritzbox. Also the connection with your own cloud is a piece of cake.
Settings for your own cloud
I will show you how to configure the settings of the Fritzbox needed to connect your disc station 716 II to the Internet as well as getting access from the Internet using WebDav.
By the way, all these settings can be applied to most of the disc stations of Synology without any issues.
VPN
Back in time, I used VPN a lot because I have felt it was just great to connect to your home and use your network structure to find and access files and information.
Today, I use rather WebDav than VPN because it is then accessible from any browser and with loads of apps using WebDav in a secure manner using HTTPS.
A further advantage of WebDav is, that you do not have to switch off the connection which you would need to do using VPN. Sometimes, it happens that I just forgot to switch off the VPN connection and wondering why the „local“ network does not work at all.
Nevertheless, I use VPN mostly for:
- if the „local“ Internet connection is too slow as you can use your own connection from home
- huge file downloads.
Having said that, the latter I need to admit that I really like to use DS Get under IOS now. After several updates of this app it is just great and will not slow down your Internet connection at all. I have not had any issues with the latest version of this app.
All settings described in this tutorial will apply to the version 6.83 of the FritzBox OS.
The VPN you will find under Settings —> Sharing —> VPN.
Here you get displayed the current VPN users and actually you do not have to do in this screen anything. All settings will be applied directly once you have created a new user - how cool is that?
User
I use a separated new user for my VPN connections from the Internet to the Fritzbox and later to my own cloud.
[Blocked Image: https://www.steffiscloud.com/steffisInhaltz/uploads/2017/06/001_-1.jpg]
This user will not get any other rights but VPN and will not be used elsewhere - Just in case
I always make sure to give my brand new user a very long password with all sorts of nice symbols, figures and special characters.
To create your VPN user go to System - Fritz!Box-User and press on create/add.
The access rights should be:
- Access from the Internet allowed
- VPN-Connection to the Fritz!Box are allowed.
That’s it and no more access is needed for this user.
[Blocked Image: https://www.steffiscloud.com/steffisInhaltz/uploads/2017/06/002_-1.jpg]
After creating your VPN user all settings for your mobile devices are displayed and can be entered on iPhone, iPad, iPod and Android.
Settings of your VPN connection
As the above image show, you will get all needed information directly from the Fritzbox. Just enter them into your device and you are ready to go.
This VPN connection contains the following elements:
- Server (your DDNS URL)
- User name and password
- A secrete (API Key
Only with these information it will be possible to connect to your disc station.
Please note: Use always a strong user name and password!
Well, having said that I like also to mention that a VPN has it flows too. For instance it will listening to a specific code.
Once a connection gets routed to this port the VPN will connect to the services from the Internet.
The Fritzbox uses another port than standard and is secure; however a possible attacker could get this special port by trail and error and will then try to use this connection in order to login.
Therefore, it is most important to have strong passwords and user names which cannot be guessed easily.
AVM Account DDNS
In order to get connected to your disc station from the Internet, there is loads to do in background.
At first you need your IP address to get to your Fritzbox which will change over the day several times depending on your Internet provider.
Here, you can use the Fritzbox account from AVM and you will get a pretty long string for your URL.
With this ULR you can connect from anywhere directly to your Fritzbox and it will redirect you to your disc station too.
[Blocked Image: https://www.steffiscloud.com/steffisInhaltz/uploads/2017/06/006_-1.jpg]
The settings you will find under Internet —> MyFritz!Account and you need just to activate it and enter your email address and a long password. Activate HTTS too to have a secure connection and improve your security.
After that you will be shown your URL string with a port number - for instance 40443. This port will connect you to your Fritzbox and you will be displayed the usual login screen.
Please write down the URL string as this is the one you would need later for your WebDav connection.
Personally, I use this AVM account and change the URL string from time to time just to make sure it did not „leak“ out to Google or the likes. You can do so by deactivating the account and hen reenable it.
Sometimes it is easy just to copy and past your „secrete“ URL string into Google and after that Google knows this string. Therefore, I just change it every now and when.
E-Mail at your service
Your Fritzbox allows you to email your current IP which you could just take and enter or copy-paste it into your apps and you will then be able to connect using WebDav.
All settings for all push services you will find under System —>Push Services.
[Blocked Image: https://www.steffiscloud.com/steffisInhaltz/uploads/2017/06/007_-1.jpg]
The sender name will be your usual email address with your password and the SMTP server and port of your email provider.
Under „Push-Services“ you will find all sorts of things of information and allows you to choose when the Fritzbox should notify you by email. At the very bottom you will find current IP address or missed calls.
Redirection of ports for your router
Imagine you are in the Internet and connect to your Firtzbox….
Well, that’s nice but your Fritzbox does not „know“ what to do next with such a connection.
In order to let your Fritzbox know what to do next you will assign a redirection of ports.
The settings you will find under Internet —> Redirections —> Ports.
After assigning ports your connection will include a special port and if that is correct your Fritzbox will redirect this connection to your disc station to it’s correct port.
Settings on your Fritzbox
These settings are easier to apply as you might think. Since the last updates especially this setting had improved a lot and is more user friendlier than before.
Just go to the above mentioned settings and click on ADD Device.
You will be shown your disc station with it’s local IP as well as MAC address.
I would always recommend to turn off the feature of „Allow Apps and devices their own port redirection“.
What does it mean?
It will allow apps and devices to open ports and / or change them and you will avoid any change to ports without doing it on your own.
I like to make sure that ports are not changed without knowing and only I will change them if it needed to be. Further to this, this function will apply UPNP (Universal Plug and Play) and this is not the securest method at all.
Of course you will allow access to and from the Internet. The warning after that means that it will only be accessible from one device.
Personally, I use the second option as it will give you more options:
- Connections to and from your own cloud
Here you can choose which protocol to be used for your connection. I will take here HTTPS for the WebDav. FTP, HTTP, Emile and others are possible for other usages. - Protocol
As Internet protocol you will take TCP which will be displayed automatically anyway. - Ports on devices
This is the port on your disc station for the WebDav - which is 5006 for the standard port of HTTPS. For Baikal for instance it would be 443 because the app will work only on port 443. - Port extern for your router
This is port on which you like to connect from the Internet to access your disc station.
Choose a port between 0 and 99999 which you need to write down for later use. This port should be a standard port and needs to be attached to your DDNS-URL-Address. - Access
Surely, this option need to be activated.
What have you accomplished until now on the router?
The way between the Internet and your disc station is now clear to your Fritzbox and will connect you to it.
[Blocked Image: https://www.steffiscloud.com/steffisInhaltz/uploads/2017/06/011_-1.jpg]
Just to picture the way your connection will go now:
Internet —> URL to Fritzbox —> with port to your Fritzbox´ —> Fritzbox will redirect to your disc station —> Access your own cloud.
Settings on your cloud
Go to System —> external access —> Advanced features
Here you will enter the very same DDNS URL to your Fritzbox. This has the advantage that your firewall will not start every time it will get a connection from this specific URL.
Further to this go to System —> external access —> Configuration router port. This will determine from which port the connection between Fritzbox and disc station is handled. For instance the WebDav port was 5006 so you will use here a user specific port from 5006 to 5006.
[Blocked Image: https://www.steffiscloud.com/steffisInhaltz/uploads/2017/06/012_-1.jpg]
Your disc stations knows now, that this URL connection will be a WebDav connection and allows you to enter user and password.
Please make sure, to enter the user and password of the WebDav user of your disc station and not for your Fritzbox.
Tip
- With some apps your need to apply the double opt-in function there you have to enter your generated code. For DTTG for instance you do not need this code therefore, I recommend to use the encryption method of your sync stores within DTTG.
- Do you have a cable-based Internet
There are Fritzbox’ for this case as well and all settings will be the same as for broadband connections.
How does it go with your setup of your WebDav connection? Let us know and write a comment.
Now, you got everything to just start connection between all your devices and your disc station with WebDav and / pr VPN.
Do you have questions or like to add something? Then just send a comment in.
I hope, I could give an insight how to setup a Fritzbox as a router using WebDav and your own cloud.
Comments
Newly created comments need to be manually approved before publication, other users cannot see this comment until it has been approved.
Newly created comments need to be manually approved before publication, other users cannot see this comment until it has been approved.