Thanks, well, that just alternates between “Idle” and “Problem with connection”.
I tried adapting all the settings from [Tipps&Tricks] Fritzbox VPN unter SailfishOS einrichten. – Sailfishmods but that did not make a difference.
Did you edit anything in “Advanced”?
No, I just entered the data from what the FRITZ!Box “VPN Settings” dialog gave me.
Thanks for your support, but that just does not work here.
“Connecting… → Problem with connection → Idle → Connecting…”
Allright, well, I just wanted to confirm it can work. Maybe it depends on the FRITZ!Box model or something.
Confirmed. It should be as easy as configuring the VPN (IPSec) in the fritz.box and adding a VPNC connection in sailfish settings → VPN → VPNC. No openvpn, wireguard, replacing binaries or (if I recall) advanced options required.
I do remember the German site helping me with what to put where, it took me a few tries.
There was an modified VPNC Package, which could work with FritzBox. I forgot, who was the Autor,
maybe @Nokius ?
I know the modified package and have tried it. The binary is now quite old, which could be the reason why it does not work.
Anyway, so far I could only try with IPv6. I think I need to get a public IPv4 address to try that.
I will come back with the result. Thanks.
added latest target to the build setup in obs 
sources of the build setup and the repo for later look ups by other ppl
in obs → Show home:Nokius:sfos-playground / vpnc - SailfishOS Open Build Service
in repos → Index of /obs/home:/Nokius:/sfos-playground
@dschwert share logs everything else will not work to see why it fails.
Seems that there are actually several causes to the problem: IPv4 change at the provider and lack of IPv6 capability of Sailfish’s VPN.
The provider has recently changed from public IPv4 addresses to CGNAT, so the IPv4 address is not reachable from publich internet any more.
It turned out that Selfhost’s DynDNS always returns the IPv4 address, even in IPv6 only mode.
Then, why does Sailfish’s Wireguard VPN display ‘connected’? Really great. Probably it displays “Connected” as soon as it gets an address from the DNS.
It’s also possible to create a MyFritz account, which includes DynDNS under the myfritz.net domain. No idea why AVM is not advertising this on the DynDNS config tab. You need to activate the checkbox that the FritzBox should be reachable from internet.
I have checked Wireguard from an Android device to verify that the connection using this name is working.
Also, from Sailfish I can ping the FritzBox using the myfritz.net subdomain name.
With IPv6 Sailfish Wireguard connects to the Fritz Box, but reports “Problem with connection”. Really great…
(I can see from the FritzBox admin page that the connection was made.)
So, continue with IPSEC and IPv6:
With the standard settings, there is still “Idle → Connecting → Problem with connection”.
With Gateway vendor “Cisco”, Mode for IKE “PSK”, NAT traversal mode “Enforce NAT-T” as noted on the mentioned page: still the same failure.
With the vpnc rpm from Nokius and after a re-boot still the same.
After creating a .conf file and running vpnc from the command line, I get ‘vpnc: unknown host …myfritz.net’
I get the same result if I enter the IPv6 address instead of the myfritz subdomain name.
Double check: I can still ping the FritBox from the internet.
While IPSEC/VPNC and IPv4 “just work”, I found it impossible to connect using the FritzBox IPv6 address, on both Sailfish and android.
Copying the IPv6 address to firefox between http://[], both devices show the FritzBox login.
Brackets [] in the VPN config make no difference.
Changing the IPv6 address to IPv4, both devices set up a vpn connection.
I only found “Setting up an IPSec VPN to the FRITZ!Box in Windows” hinting this behaviour: for IPv6 you should use wireguard.
But… I am not sure the Wireguard client is compatible with IPv6 yet.
My only advice right now is: focus on Wireguard. Since you got it to connect and get some logging in the FritzBox that means someting. (I never saw my IPv6 connection attempts logged.) You might end up having “just a routing issue”.
I might experiment with it once I get the C2 but I don’t feel like messing with my “production device”.
I only have basic networking knowledge - but I remembered of this post which sounds related .
My understanding of it is that vpn is mostly not working with ipv6: Mobile VPN usage, ipv6 not routed and DNS leaks - #17 by jlaakkonen
I would wait for the next sailfish release. It seems it will get wireguard support. See
Sailfish OS Forum Sailfish Community News, 10th October 2024 - Factory Visit
Thanks. I have commented/asked on OpenRepos. Hopefully one of the Wireguard implementations will finally work with IPv6. I would have expected that IPv6 is state of the art by now…
As of now, Sailfis OS 5 does not yet support Wireguard. The C2 does not have an option when adding a VPN.
I can confirm that VPN IPsec is working with FritzBox 7590ax and SF 4.6.0.15
No other packages are needed.
Is this with IPv6 or IPv4?
After updating Sailfish OS to 5.0.0.55 Wireguard is now working for me via IPv6.
I had to edit my config file. As exported from the Fritz Box, it had comma separated entries for IPv4 and IPv6 and multiple DNS entries. As in the local network I’m using IPv4 addresses only, that’s fine for me.
With today’s update to 5.0.0.61 the config file could be imported, with multiple IP addresses.
It’s probably related to this PR linked from the February 20th Community News: Cycle WireGuard Address and AllowedIPs via list. by LaakkonenJussi · Pull Request #16 · sailfishos/nemo-qml-plugin-connectivity · GitHub
I did not check whether this is now supported out of the box or via any plugin that I did install before.
P.S.: As of now, Wireguard support needs to be installed manually.
See [Release notes] Tampella 5.0.0.55 - #25 by jlaakkonen
