- Controller running on a Cloud Key
- Fritz!Box provided & provisioned by Provider (Wilhelm.Tel) connected to Media Converter (Fiber to the home)
- USG connected behind Fritz!Box
Resulted in Double NAT bringing some rare connection issues.
Use FB Tool to retrieve PPPoE Credentials from Fritz!Box. (https://www.mengelke.de/Projekte/FritzBox-Tools)
curl -o fb_tools.php.gz 'http://www.mengelke.de'`curl -s http://www.mengelke.de/Projekte/FritzBox-Tools.html | grep -a -o -E '/Projekte/FritzBox;fb_tools.php.gz\?[a-f0-9]+'`
gzip -d fb_tools.php.gz
chmod +x fb_tools.php
./fb_tools.php <USERNAME>:<PASSWORD>@<IP> konfig export-decrypt -d
Error: Keine Konfig erhalten - Möglichlichweise ist noch die Sicherheits-Bestätigungsfunktion aktiviert?
You need to disable 2 step verification temporarily:
- Open Fritz!Box Webinterface
- Select System / Fritz!Box Users / Additional Confirmation
Link: https://www.wilhelm-tel.de/privatkunden/service/technikoffensive/schnittstellenbeschreibung/
b. Das Internet-Interface benötigt ein VLAN 1002 mit der ID nach RFC 3069 (https://tools.ietf.org/html/rfc3069)
Die Einwahl erfolgt per PPPoE nach RFC 2516 (https://tools.ietf.org/html/rfc2516)
Die Zugangsart ist IPv6 dual-stack lite nach RFC 6333 (https://tools.ietf.org/html/rfc6333)
- Double check the following file for possible conflicts in the configuration (Using SSH to Controller) ;)
/usr/lib/unifi/data/site
(Otherwise this might result in your new settings being overwritten by the Controller.)
-
Open Controller Webinterface
-
Settings / Internet / WAN
-
Set the following settings:
Setting | Value | Description |
---|---|---|
VLAN ID | selected / true | |
ID | 1002 | As described in the documentation from Wilhelm.Tel |
IPv4 Connection | PPPoE | |
Username | From export in (1) | |
Password | From export in (1) | |
IPv6 Connection | DHCPv6 | As described in the documentation from Wilhelm.Tel |
Prefix Delegation Size | 56 | Taken from IPv6 Address provided in Freitz!Box UI |
USG Port | Target |
---|---|
WAN | Media Converter |
LAN | Switch / Local Network |
You can still proceed to use the Fritz!Box from the provider for VoIP. You need to change the setting Home Network / Network / Network Settings / IP-Client and change the cable connection to a local network port.
Common commands for SSH in Firewall:
show log
show interfaces
configure
set <Setting Path>
show <Setting Path>
commit
save
reboot