The problem
If you configure a VPN for Fritz!Box as described on the AVM website, and you try to connect to it using a mobile internet connection (at least using Swisscom as provider) it does not work.
You can connect but you are not able to access any machine on the remote network.
The solution
To gain access to the device on the remote network, “NAT Traversal” should be enabled.
Unlucky the utility provided by AVM to configure the VPN does not handle this option.
To activate NAT Traversal, first we create the configuration files using the ”Configure FRITZ!Box VPN Connection” software.
Then we have to edit this files using a text editor:
- On the file that configure the Fritz!Box device, we have to search the section regarding the user we want to modify, and then change
use_nat_t = no; in use_nat_t = yes; - On the user configuration file, we simply have to change use_nat_t = no; in use_nat_t = yes;
?
If you are not sure from wich kind of connection the user is going to connect to the VPN, just create two different users (one with NAT Traversal enabled, the other with NAT Traversal disabled) for each „real“ user that will connect to the VPN.