Changes

Trutzbox Manual

63,062 bytes added, 6 years ago

→‎Administrieren der TrutzBox® (für TrutzBox® Administrator)

== ~~Administrieren der~~ Administrating the TrutzBox® (~~für~~ for TrutzBox® Administrator) ==The TrutzBox® is delivered by Comidio with security settings suitable for everyday use, so that even inexperienced users can email and surf immediately protected and without a trace. Setting up additional e-mail addresses and administration of the TrutzBox ® is performed by the administrator, i.e. the person who also performed the initial setup of the TrutzBox ® during setup. The administrator can, but does not have to, adapt a variety of function parameters to his own requirements. You can open the TrutzBox® User interface on any connected computer.* Open an Internet browser.* Enter <nowiki>"http://trutzbox"</nowiki> in the address bar.The following input window appears. When logging on, the administrator is prompted for the corresponding password (specified by the administrator during setup). [[File:20150624 TrutzBox Aufruf.png|600x600px|link=]] Enter the password and click on „Anmelden“. After correct password entry the homepage of the TrutzBox® user interface with the title "TrutzBox® Übersicht " appears“. [[#top|-> Table of Contents (of this manual)]] === TrutzBox® overview === [[File:5 1 b ÜbersichtV01.png|700x700px|link=]] Here is an overview of the performance parameters of the TrutzBox® displayed. [[File:5 1 a TemperaturV01.png|400px|link=]] [[#top|-> Table of Contents (of this manual)]] === Accounts ===Here you can set up, manage and delete user accounts and change passwords. [[#top|-> Table of Contents (of this manual)]] ==== Managing Users ====[[File:20150629 Accounts 102 Benutzer verwalten V01.png|700x700px|link=]] When you call it up for the first time, the first e-mail address you created appears. Here you can create additional users with and without e-mail addresses. Users, e.g. young people, who are to receive personalized access rights for surfing but no mail permission, are set up without an e-mail address. New users can be added via "Benutzer hinzufügen". [[#top|-> Table of Contents (of this manual)]] [[File:20150629 Accounts 201 Benutzer verwalten V01.png|700x700px|link=]] Here you can also specify whether remote access (Fernzugriff) should be allowed for this user. If remote access is activated here, the TrutzBox generates a VPN certificate and an OpenVPN configuration file for this e-mail address, which is automatically sent to this e-mail address. Click on "Testen" to send a Test TrutzMail to the respective user.Click on a user name to open a detail window. Click on "Passwort ändern" to change the password. The user can be deleted by clicking on "Benutzer löschen". TrutzMail addresses that were once set up with a TrutzIdentifikation but then subsequently deleted are displayed here with a "Reactivate" button. < With another click on the user name the detail window is closed again [[#top|-> Table of Contents (of this manual)]] [[Main Page#Nutzung des Web-Mailer|-> Nutzung des Web-Mailer (in diesem Handbuch)]] [[Main Page#Nutzung eines Mail-Client (Bsp. MS Outlook)|-> Nutzung eines Mail-Client (in diesem Handbuch)]] ==== Add new user ==== [[File:20150705 Accounts 301 Benutzer neu schw.png|600x600px|link=]] Here you can create additional users with e-mail addresses. When entering the password, the password strength is displayed. Red = weak password (insecure) Green = strong password (secure) [[File:20150705 Accounts 302 Benutzer neu st.png|600x600px|link=]] To cancel the process, click on "Close". To accept the information, click on "Add new user". [[#top|-> Table of Contents (of this manual)]] [[File:20150705 Accounts 303 Benutzer neu st ohne M.png|600x600px|link=]] If, for example, you want users to receive personalized access rights for surfing but no mail permission, make sure that "Register as TrutzMail address" is unchecked or that the check mark is removed. [[#top|-> Table of Contents (of this manual)]] ==== Change Password ==== [[File:20150705 Accounts 401 PW ändern.png|600x600px|link=]] Here you can change the password for the registered user. ==== Delete user ===== [[File:20150705 Accounts 501 Ben löschen.png|600x600px|link=]] Here you can delete users. [[#top|-> Table of Contents (of this manual)]]=====Manage mail exchange (PGP) =====With this functionality, TrutzBox owners can '''additionally''' exchange PGP-encrypted e-mails with non-trutzBox owners in addition to TrutzMail (automatic exchange of content and metadata of encrypted e-mails between TrutzBoxes).*The first section describes the transmission options. *The second section describes the reception options. *The third section gives an overview of all transmission and reception options. *The fourth section explains how the signature and encryption are displayed. =====Sending and receiving options ===== The following graphic shows all transmission and reception options [[File:05_02_05 Austausch Emails 080.png|700x700px|link=]] *'''(Se1)''' Send on TrutzBox to TrutzBox (TrutzMail), encrypted meta and content data.*'''(Se2)''' Send on TrutzBox to "PGP receiver", content data PGP-encrypted.*'''(Em1)''' Received on TrutzBox from TrutzBox (TrutzMail), encrypted meta and content data.*'''(Em2)''' Received on TrutzBox from "PGP transmitter", content data PGP-encrypted.*'''(Em3)''' Received on TrutzBox from "open transmitter", all data unencrypted. [[#top|-> Table of Contents (of this manual)]] ===== send emails =====If an email is to be ''sent''' via the TrutzBox, the TrutzBox first checks whether the recipient is a TrutzBox …*'''(Se1)''' if yes, email content and metadata are automatically encrypted by the TrutzBox and sent to the recipient TrutzBox via TrutzMail,*if no (the recipient is not a TrutzBox and an external mail gateway has been configured in the (sender) TrutzBox), the TrutzBox checks whether it has a public key for the recipient's e-mail address...**''''(Se2)''' if yes, Email content is PGP-encrypted and sent to the recipient's public mail server via the sender's external mail gateway,**if no (the TrutzBox has no public key of the recipient), the e-mail is not sent and the TrutzBox returns an error message to the mail program. <table border="1" width= 100%><tr><td width="80">'''Emails are not sent open (unencrypted) by the TrutzBox: either''' '''fully encrypted to TrutzBox owner (Se1) or ''' '''Content encrypted to "PGP recipient" (Se2).'''</td></tr></table> If the recipient list contains mixtures of e-mail addresses with TrutzBox and public e-mail addresses, the e-mail is only sent if the TrutzBox knows the public keys for all public e-mail addresses. Otherwise there is an error message and the e-mail is not sent. < Preconditions for sending from the TrutzBox to a "PGP receiver"''' '''(Se2)''' 1. Set up your own external mail gateway on the TrutzBox To be able to address normal standard mail accounts from the TrutzBox, an external mail gateway must first be set up on the TrutzBox. This mail gateway can be a normal SMTP server of a standard mail account with a public mail provider. Thus it is possible for the TrutzBox administrator to enter the e-mail account of his own public e-mail provider here. Under the menu item "Manage users" you can enter an external mail gateway for each TrutzBox user (e.g. his t-online mail account): [[File:05_02_05 Austausch Emails 060.png|700x700px|link=]] [[#top|-> Table of Contents (of this manual)]] 2. Importing the public key To exchange PGP-encrypted e-mails with someone who does not have a TrutzBox, the TrutzBox must know the public key of the recipient. To do this, this public key of the TrutzBox must first be made known on the TrutzBox under "TrutzMail" ->"Key management" Button "Add key: [[File:05_02_05 Austausch Emails 030.png|700x700px|link=]] [[#top|-> Table of Contents (of this manual)]] Here, the public key can be *uploaded from a file or*copied into the input field with " Copy " and " Paste ". [[File:05_02_05 Austausch Emails 040.png|400x400px|link=]] Then click on the "Add" button to start the upload. [[#top|-> Table of Contents (of this manual)]] If the TrutzBox knows a public key for a mail recipient whose mail address does not end with @comidio.email, this e-mail is encrypted with it. ====== Receive e-mails ======If an e-mail is to be ''received''' via the TrutzBox (i.e. the target address ends with @comidio.email), there are three differentiations:*span style="color: green">''''(Em1)'''' sent by a TrutzBox: fully encrypted (incl. metadata) directly to the receiver TrutzBox (see first case above Se1)*sent by a normal e-mail server (i.e. sender does not have a TrutzBox), this e-mail is always received via the central Comdio e-mail gateway and forwarded to the recipient TrutzBox:**''' (Em2)'''' E-mail was encrypted by the sender with the public key of the recipient @comidio.email: then the TrutzBox decrypts this e-mail automatically.**''''(Em3)'''' E-mail was encrypted by sender not: then the TrutzBox receives this unencrypted e-mail . <table border="1" width= 100%><tr><td width="80">'''This means that the TrutzBox can receive TrutzMails (Em1), PGP-encrypted e-mails (Em2) and unencrypted e-mails (Em3).'''</td></tr></table> Preconditions for receiving PGP-encrypted e-mails from "Non-TrutzBox owners“''''''(Em2)''' Export and, if necessary, email your own public key to the potential "PGP sender " You can give a "Non-TrutzBox owner" the possibility to send you an encrypted e-mail to the TrutzBox. To do this, give them your public key. The public key of each TrutzMail address can be downloaded here (TrutzBox user interface: "Manage User" click on the corresponding TrutzBox user) and sent to another mail sender: [[File:05_02_05 Austausch Emails 050.png|700x700px|link=]] Since the public key does not require any secrecy, it can be sent "openly" by e-mail. [[#top|-> Table of Contents (of this manual)]] ===== Identification of e-mails in the subject line ======='"Send e-mails''' All e-mails sent via the TrutzBox are automatically encrypted by the TrutzBox. If the recipient is a TrutzBox (and thus the mail address ends with @comidio.email), then the TrutzBox automatically obtains the required public key of the recipient. If the recipient does not have a TrutzBox (and therefore a normal e-mail address has been addressed), the TrutzBox administrator must first inform the TrutzBox of the public key of the recipient. For security reasons, it is not possible to send an e-mail to a recipient if the recipient's public key is unknown. Receiving emails''' All encrypted e-mails received by the TrutzBox are automatically decrypted by the TrutzBox and made available for retrieval of an e-mail program. The TrutzBox can also receive e-mails from normal e-mail servers. These can be either encrypted or unencrypted. To show the recipient of the e-mail whether the e-mail was encrypted or unencrypted and whether the TrutzBox was able to check the sender's signature, the TrutzBox adjusts the mail subject field in the e-mail. The TrutzBox places text in square brackets before the mail subject as first the letter *U - for unsigned (the TrutzBox could not confirm the sender), or *S - for signed (the TrutzBox was able to confirm the sender)and as second letter*U - for unencrypted (the mail content was readable on the way), or *E - for encrypted (the mail content was not readable on the way). '''Examples:''' An unencrypted e-mail sent to TrutzBox from a normal mail account has not been encrypted and shows [UU] in the subject line (unsigned, unencrypted). An encrypted TrutzMail sent by a TrutzBox to a TrutzBox has been encrypted and shows [SE] in the subject line (signed, encrypted).An encrypted email sent to TrutzBox from a normal mail account has been encrypted and shows [UE] in the subject line (unsigned, encrypted). [[#top|-> Table of Contents (of this manual)]] === TrutzBox® Filter ===[[File:20160114 TB UI 5101.png|700x700px|link=]] TrutzBox® Filter functions are called, e.g. by clicking on the menu item TrutzBox® Filter in the navigation menu on the left side of the "TrutzBox® Overview" page, and then selecting one of the submenu items*Status,*User Configuration,*User groups,*Filter lists,*TrutzBrowse. ==== Status ==== The TrutzBox offers the administrator extensive functions for controlling the Internet communication of browsers and other apps. The menu item TrutzBox Filter -> Status lists the communication for the device currently in use. The communication of the other devices can also be called up here via further tabs. [[File:05 03 01 Symbole erklären 030.png|700x700px|link=]] Clicking the blue function menu [[File:blaue Schieber.png|15x15px|link=]] next to the time activates a menu to change the security slider level of this link. This is especially useful for non-browser apps that cannot display a security slider. The colored digits show the slider position set for this call, thus the security level. The icons to the left of the slider position [[File:WAarV.png|15x15px|link=]] (1) , [[File:SAgD.png|15x15px|link=]] (2) , [[File:HDV.png|15x15px|link=]] und [[File:WArD.png|15x15px|link=]] (3) are showing the TrutzBox status: <table border="1" width="700"><tr><td width="30">(1) [[File:WAarV.png|20x20px|link=]]</td><td width="110">white exclamation point on red square</td><td width="560">Trackers were found and stopped in this call.</td></tr><tr><td>(2) [[File:SAgD.png|20x20px|link=]]</td><td>black exclamation point on yellow triangle</td><td>The TrutzBox was bypassed with this call. After clicking on the link to the right of the icon: "SecSlider at position 10, no https filtering performed".</td></tr><tr><td>[[File:HDV.png|20x20px|link=]]</td><td>half entry- prohibition- character</td><td>TrutzContent was used, i.e. a page should be called which was blocked by TrutzContent.</td></tr><tr><td>(3) [[File:WArD.png|20x20px|link=]]</td><td>white exclamation point< on red triangle</td><td>The TrutzBox has detected an internal problem when analyzing the connection to the client (end device) or to a server. Click on the link to the right of the icon to see why the connection was not established. </td></tr></table> Here are two exemplary causes for [[File:WArD.png|15x15px|link=]]: Fall 3a - „CONNECT“: the following or similar explanation is displayed "CONNECT request without any subsequent Requests. This might indicate that the client application refused to connect through proxy“.Such an error message is caused by an http-Connect command. With an http-Connect command, a client wants to tunnel past the TrutzBox to connect to the server.(https://en.wikipedia.org/wiki/HTTP_tunnel#HTTP_CONNECT_tunneling). However, since no further http requests follow for this server, this message is generated. Usually the client just wanted to check if there is a proxy (in this case the TrutzBox) between it and the server. Fall 3b - „ERROR": the following or similar explanation is displayed: "Error: 3074291456:error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:../deps/openssl/openssl/ssl/s3_pkt.c:1472:SSL alert number 48 3074291456:error:140940E5:SSL routines:ssl3_read_bytes:ssl handshake failure:../deps/openssl/openssl/ssl/s3_pkt.c:1210:“Such an error message is generated if the TrutzBox has an internal connection problem (in this case a problem in the SSL library). Further cases may occur. Usually such an error message is generated by a client application (app) and not by a browser. Such an error message may affect the correct functioning of the client application. If you want to allow the application to contact this server, please set this server to L10 by clicking the blue function menu [[File:blaue Schieber.png|15x15px|link=]], there under "Change slider setting". [[#top|-> Table of Contents (of this manual)]] ==== Filter configuration ====Here you configure devices, manage user rights and set up the security slider. [[File:20170307 TB UI 53212.png|600px|link=]] If necessary, the root certificate (for browser or e-mail use) is downloaded to the physically used device (here: Elitebook) by clicking on "Download root certificate". If you check the box "If SSL errors occur, automatically disable filtering for your domain", a slider will be automatically set to L10 (bypassing the proxy) for applications that want to establish an encrypted connection to their server.If you do not check the box and an app (likation) cannot establish a connection, you can set the security slider to L10 under TrutzBox Filter/Status for the relevant connections for this special case. In this view, the active device (here: Elitebook) is automatically opened and user groups and exceptions can be assigned to it. The use of the Tor network is also switched on or off here for the activated device (highlighted in blue). The pseudonymization of the IP address can be activated via the "Use Tor network" menu item. However, it should be noted that some web servers can cause additional problems when using Tor. To configure further displayed devices, please click on the respective device (name or IP address) and proceed as described above. If the "Block unknown users" button is not checked, the settings for the device apply and a user logon is not required. If the "Block unknown users" button is checked, the settings apply to the individual user and he must log on to this device with his TrutzMail address and the corresponding password (see Managing Accounts/Users). [[#top|-> Table of Contents (of this manual)]] The administrator is able to block browser access to certain web content for connected devices or individual users, which was previously adopted or defined as a blacklist (what should be prohibited) or whitelist (what should be allowed as an exception) under "Configure user groups". This allows parents to block unsuitable content for children or young people. It is also possible to restrict access to predefined web addresses (domains or URLs) for smart devices that do not have an Internet browser (household appliances, watches, fitness wristbands...).Special access rights can also be set for "Smart Home" devices. The "Use Tor network" menu item can be used to activate IP address pseudonymization by using the Tor network with TrutzBrowse.However, it should be noted that some web servers can cause additional problems when using Tor. [[#top|-> Table of Contents (of this manual)]] [[File:20160114 TB UI 53220.png|600px|link=]] The user group relevant to the individual user is assigned here. [[#top|-> Table of Contents (of this manual)]] [[File:20160114 TB UI 53231.png|600px|link=]] Default values of the Security Slider are set here, which the administrator can adjust as required.Host names that cannot be called via the browser (e.g. TV set) can also be managed here. Comidio delivers standard slider positions for some frequently used web servers, which are marked with the symbol (white "i" on black circle area) [Who: "default"]. These cannot be deleted, but the TrutzBox administrator can adapt the security level specified by Comidio to his needs. With "Add" you can enter your own slider positions for hosts and delete them with "X" again [Who: "admin add"]. By entering an "*" in the host name, all URLs ending with the name to the right of the "*" can be addressed. If the proxy finds a URL that is entered several times in this list, the security level of the longest entry is used.If the option "If SSL errors occur, automatically disable filtering for selected domain" is activated in the "Configure Filter" menu, the TrutzBox Proxy automatically enters an activation of servers that a client application wanted to build encrypted to this server[Who: "auto"].There are thus four possibilities, how a Security-Slider entry gets into this central database. All users and devices use this database:#Default setting of Comidio, these can be changed by the user, but not completely deleted[Who: "default" or "admin change"].#A slider setting of a user by the security slider in the browser has taken place[Who: "slider"].#New entry here in this mask. Here also unqualified entries "*.domain.com" can be made, but only on the left side of the domain name[Who: "admin add"].#The TrutzBox detects an SSL error and the flag "If SSL errors occur, automatically disable filtering for the selected domain" is activated. However, this entry only takes place if there is no entry by the user. So no entry of case 2 or case 3[Who: "auto"]. [[#top|-> Table of Contents (of this manual)]] ==== Configure user groups ====The administrator is able to block browser access to specific web content for connected devices or individual users.This allows parents to block unsuitable content for children or young people. It is also possible to restrict access to predefined web addresses (domains or URLs) for smart devices that do not have an Internet browser (household appliances, watches, fitness wristbands...). [[File:20160114 TB UI 53300.png|700px|link=]] In the "User Configuration" menu, existing user groups are managed, new ones are created and filter lists are assigned to the user groups. [[#top|-> Table of Contents (of this manual)]] ==== Filter lists ====Under the menu item TrutzBox® Filter lists -> Manage Trutz filters, the TrutzBox® Administrator can manage filter lists containing Internet domains or Internet URLs. Comidio delivers approx. 110 filter lists containing 55 different Internet topics. These filter lists are maintained by Comidio and the updates are transferred to the TrutzBoxes at short intervals. With this menu item, the administrator is able to view these standard lists delivered by Comidio, to search them and to create his own new blacklists and whitelists. The filter lists managed by the TrutzBox® are used by TrutzBrowse (pseudonymization and tracker blocking) as well as by TrutzContent (protection against unsuitable websites): [[File:20160114 TB UI 53400.png|700px|link=]] In this TrutzBox® menu new Black- and Whitelists can be created (click on "New Filters"), which can then be used with TrutzBrowse as well as with TrutzContent. For this purpose, however, a newly created black or white list must first be activated under TrutzContent or TrutzBrowse. With an automatic system update by Comidio, only standard TrutzBox blacklists and whitelists are adapted. The lists created and managed by the administrator are not changed by this.. [[#top|-> Table of Contents (of this manual)]] ==== TrutzBrowse ====With TrutzBox®, the TrutzBox® administrator can individually configure each Internet-enabled device or a single Internet user. Furthermore, under the TrutzBox® Filter menu (TrutzBox Filter/Filter configuration) you can also adjust the security slider setting for each position.All settings affect all devices and users of the TrutzBox®. It is not possible to configure TrutzBrowse settings differently for each user or device. It is only possible to vary the TrutzBrowse filters for a website by adjusting the security slider as desired. This setting for a web page is saved and affects all TrutzBox users.. For each position of the Security Slider, the "+" symbol, the description of the slider position, the HTTP requests and HTTP response headers, cookies and domain blocker lists can be adjusted by "expanding": [[#top|-> Table of Contents (of this manual)]] [[File:20160114 TB UI 53500.png|700px|link=]] After many tests, Comidio has defined a default setting, which can, however, be changed flexibly by the administrator of the TrutzBox® to meet his security requirements. In this default setting, the following 10 security levels apply: *L1: All filters active*L2: Fixed "Accept-Language" value*L3: "From" value allowed*L4: Unknown headers allowed*L5: 'Accept-Language' value allowed*L6: 'User-Agent' value allowed*L7: Data tracker allowed*L8: Third-party cookies allowed*L9: Reserved for future expansions*L10: no filters active With the slider position L10 the TrutzBox® Proxy is completely bypassed. The TrutzBox protection function is switched off. This slide creation makes sense e.g. for apps on Android or OSX, since they usually check against their own certificate. If the slider is set to L10 and the web page is reloaded, no TrutzBox® slider icon is displayed because the proxy is no longer active.. [[File:20160114 TB UI 53520.png|700px|link=]] If required, the corresponding criteria can be individually adapted in four categories by clicking on "+". [[#top|-> Table of Contents (of this manual)]] [[File:20160114 TB UI 53530.png|700px|link=]] In the menu item "TrutzBox Filter -> TrutzBrowse / Configure Filter" the administrator can adapt the security slider description for each level. [[#top|-> Table of Contents (of this manual)]] [[File:20160114 TB UI 53540.png|700px|link=]] This default setting determines which HTTP request header data is forwarded or blocked. [[#top|-> Table of Contents (of this manual)]] [[File:20160114 TB UI 53550.png|700px|link=]] This default setting determines which HTTP response header data is forwarded or blocked. [[#top|-> Table of Contents (of this manual)]] [[File:20160114 TB UI 53560.png|700px|link=]] Advanced settings can be made here for each security slider position. The default header filters are based on extensive Comidio tests. Depending on the position of the security slider, these filter values are a compromise between the least possible restriction of the functionality of typical websites on the one hand and the protection of privacy on the other. [[#top|-> Table of Contents (of this manual)]] [[File:20160114 TB UI 53570.png|700px|link=]] Under "Filter lists used" the filter lists are activated which should be active when browsing through the TrutzBox® (TrutzBrowse). By default, no filter lists for advertising companies are activated; i.e. TrutzBrowse does not filter out advertisements in the displayed web pages. The TrutzBox® Administrator can activate this at this point by activating "adv_domain" and "adv_url" with a tick. [[#top|-> Table of Contents (of this manual)]] ===== Statistics =====The two lists show the top 100 most used (and thus blocked!) trackers and the top 100 websites with the highest (and thus blocked!) number of trackers since the last reset. By pressing "Reset" the statistic is set to 0 and starts again. [[File:20160114 TB UI 53600.png|700px|link=]] By clicking on a blue arrow in the 1st list, the websites on which this tracker is represented or blocked by the TrutzBox are listed.Clicking a blue arrow in the 2nd list lists the trackers set on these web pages or blocked by the TrutzBox. [[#top|-> Table of Contents (of this manual)]] === TrutzMail ===[[File:20160114 TB UI 5101.png|border|600px|link=]] TrutzMail functions are called up, for example, by clicking on the menu item TrutzMail in the navigation menu on the left-hand side of the "TrutzBox® Overview" page, and then selecting one of the three submenu items*Status,*Logs,*Webmail. [[#top|-> Table of Contents (of this manual)]] ==== Status ====[[File:20160114 TB UI 54101.png|600x600px|link=]] Here you can see the TrutzMail status. This page is only required if the mail client displays an error message or if e-mails cannot be received or cannot be sent. An e-mail can "get stuck", i.e. it cannot be sent if, for example, there is no Internet connection, a process is not running or there is a problem with certificates. The "Renew mail key" button is located at the top right. Click on this if a communication partner has deleted an e-mail address on his TrutzBox and created it again under the same name. In this case, "my" TrutzBox® has an outdated certificate. Click on "Renew mail key" to delete all saved certificates. With the next communication request from another TrutzBox® the corresponding certificates on "my" TrutzBox® are automatically renewed by the Comidio server and the communication partners can exchange e-mails as usual. You can press this button at any time; the functionality of the TrutzBox ® is not affected. In the upper area the states of 2 processes are described, which can also be restarted here: *"SMTP": green indicates that sending e-mails from the mail client (e.g. Outlook) and mail server TrutzMail works, and*"IMAP": green indicates that receiving e-mails from the TrutzMail mail server to the mail client (e.g. Outlook) works. In the case of a red display, the circle arrow symbol for "Restart service" must be pressed. Below this a possibly existing queue (mail queue) with individual e-mails and their statuses is displayed.. For each displayed e-mail 3 buttons can be used:* "Send now": this e-mail is sent again;* "Display": shows parameters and content of the e-mail in detail:[[File:TrutzMail 30 Status queud mail.png|600px|link=]] [[#top|-> Table of Contents (of this manual)]] * "Delete mail": offers the possibility to remove this e-mail from the queue: [[File:TrutzMail 40 Status mail status.png|600px|link=]] TrutzMail Status indicates whether, and if so, which secure e-mails have not yet been sent; click "Send now" if necessary or ask the addressee whether he has his TrutzBox® in operation. [[#top|-> Table of Contents (of this manual)]] ==== Logs ====[[File:20160114 TB UI 54201.png|600px|link=]] If necessary, Comidio Support will ask you to download Mail log to your PC by clicking on "Download" and then email the files to support@comidio.de. [[#top|-> Table of Contents (of this manual)]] ==== Webmail ====[[File:TrutzMail 70 Webmail.png|600px|link=]] Here you can access TrutzMail directly via webmail. For general information on TrutzMail, see chapter "Using the TrutzBox -> Encrypted Mailing - TrutzMail". Users can access TrutzMail directly via <nowiki>https://trutzbox/mail</nowiki. [[#top|-> Table of Contents (of this manual)]] === Network === ==== Status ====[[File:20160114 TB UI 55100.png|600px|link=]] This displays the devices connected to the TrutzBox and the status of the individual network interfaces.[[#top|-> Table of Contents (of this manual)]] ==== remote access ==== [[File:20160114 TB UI 55200.png|600px|link=]] After creating a DynDNS domain (for details on setting up remote access, see "Remote access / VPN"), the corresponding domain name is entered here and the check mark for "Enable remote access" is set. Afterwards, a TrutzMail with certificate and further instructions is automatically sent to the TrutzMail address. The entire process is described under "Remote access / VPN“: https://comidio.de/wiki/index.php/TrutzBox_Handbuch#Fernzugriff_.2F_VPN [[#top|-> Table of Contents (of this manual)]] ==== WLAN ====[[File:20160114 TB UI 55300.png|600px|link=]] Here the WLAN settings are listed and can be adjusted if necessary (e.g. password change). [[#top|-> Table of Contents (of this manual)]] === System === ==== System-Updates und -Reset ====Under this menu item *update-logs can be downloaded,*backup copies can be made,*It can be reset to factory settings and*source packages can be deleted.===== Download update log ===== [[File:20160114 TB UI 56110.png|600px|link=]] If necessary, Comidio Support will ask you to download the update log to your PC by clicking on "Download update log" and then email the file to support@comidio.de. [[#top|-> Table of Contents (of this manual)]] ===== Make a backup copy ===== '''Attention, there is an error when creating a backup copy; currently (06.03.2018) we ask you to move the TrutzBurg symbol, which is in the upper right corner by default, to another corner (and, if necessary, back again). Afterwards a backup copy can be made.''' As soon as the corresponding update is available, this section will be removed again. [[File:20160114 TB UI 56120.png|600px|link=]] Here you can create a backup copy of the filter configuration and reactivate it if necessary. [[#top|-> Table of Contents (of this manual)]] ===== Reset to factory settings (factory reset) =====[[File:20160114 TB UI 56130.png|600px|link=]] Here the TrutzBox can be reset to factory settings. < Since the factory reset deletes all settings and e-mails on the TrutzBox, it is advisable to save the data before starting the factory reset:*Emails by transfer into an e-mail client software (e.g. Outlook, Thunderbird, Apple-Mail) *Settings (see previous chapter 5.6.1.2 Creating a backup copy):**Save to backup file before factory reset and**Restore after factory reset from backup file. '''ATTENTION: the following steps 1 & 2 must be carried out BEFORE restarting (8.)!''' The reset is done chronologically as follows: #Delete any certificate already downloaded with the name "trutzbox.cer" in the "Downloads" folder.#Delete any certificate already imported with the name "TrutzBox" in the browser.#'''Click on "Reset to factory default"'''' Data will be deleted and restarted; please wait until the 3 LEDs on the front of the TrutzBox® have all gone out (this can take up to 1 hour).#Remove power supply (DC 12V) from TrutzBox® (back side).#Check that TrutzBox® is connected to the Internet Router (e.g. FRITZ!Box) via network cable.#Check that the USB Wireless LAN adapter is connected to TrutzBox® via USB cable.#Wait approx. 1 minute (without power).#Reconnect power supply (DC 12V) to TrutzBox® (back side).#Wait approx. 10 minutes (TrutzBox® starts up).#Access http://trutzbox via browser and perform setup according to setup instructions.#At the end of setup, updates are loaded onto the TrutzBox. This process can take more than 60 minutes. Please do not switch off the TrutzBox or start any other process during this time. As soon as the "Finish setup" window appears, all updates are complete. Then press "Done".#Download TrutzBox® certificate from TrutzBox® according to the Wiki manual (6.1.1).#Import and confirm TrutzBox® certificate from PC into browser according to Wiki manual (6.1.2).Download and confirm TrutzBox® certificate upon request by e-mail client. [[#top|-> Table of Contents (of this manual)]] ===== Delete source packages =====[[File:20160114 TB UI 56140.png|600px|link=]] If the source packages were retained during setup, they can be subsequently deleted here.. [[#top|-> Table of Contents (of this manual)]] ==== Debug ====[[File:20160114 TB UI 56200.png|600px|link=]] If necessary, Comidio Support will ask you to set the appropriate debug parameters. This function must only be executed on request, as in case of improper use large amounts of data accumulate which can disturb the normal operation of the TrutzBox®. [[#top|-> Table of Contents (of this manual)]] ===== Log proxy activities with debug ===== There may still be network accesses that are not displayed in status. We are currently working on a new version of the proxy, which also improves this point. The only way to really analyze all activities of the proxy at the moment is the TrutzBox debugger. You can activate this by setting the position proxy to Debug under "System" -> "Debug". The proxy then logs all activities in its log file. You can download it from the same menu or watch it in real time with "Open Log Window" (possibly activate the log files of interest in the Log.io window, e.g. "node_proxy"). After the test, please set the "proxy" position to "Information" again to prevent a memory overflow. If you want to evaluate the log file, we recommend deleting the log files with "Delete all log files" before the test.. [[#top|-> Table of Contents (of this manual)]] ==== Logs====[[File:20160114 TB UI 56300.png|600px|link=]] If necessary, Comidio Support will ask you to activate the corresponding filter data. This function must only be executed on request, as in case of improper use large amounts of data accumulate which can disturb the normal operation of the TrutzBox®. [[#top|-> Table of Contents (of this manual)]] ==== Switch on/off ====[File:20160114 TB UI 56400.png|600px|link=]]Situations may occur in which shutting down and then restarting the TrutzBox® makes sense. In such a case, it may take a few minutes for connected devices, e.g. PCs, to resolve the name "trutzbox".So it may take a few minutes until access to <nowiki>"http://trutzbox</nowiki>" works. The same delay may occur if a PC (Microsoft or Apple) connected to the TrutzBox® is rebooted instead of the TrutzBox®.. [[#top|-> Table of Contents (of this manual)]] ==== Advanced settings / Using Webmin ==== <table border=1 width="700"><tr><td width="80">'''ATTENTION: For Webmin experts only!!!'''Warning: If you make changes yourself, e.g. regarding IP addresses, these may be overwritten by the next TrutzBox update and thus become unusable.</td></tr></table> [[File:20160114 TB UI 56500.png|600px|link=]] Login with user name "admin" and the TrutzBox Administrator password assigned during setup. [[#top|-> Table of Contents (of this manual)]] [[File:565 Webmin TB neu starten herunterfahren 060.png|600px|link=]] If you receive a message (1) as shown here that a more recent version of Webmin is available, leave it at that and '''do not upgrade manually'''.The upgrade will be done automatically by Comidio in due course and the user does not have to worry about this. ===== Webmin: Shutdown TrutzBox =====[[File:565 Webmin TB neu starten herunterfahren 020.png|600px|link=]] Click on "System". [[#top|-> Table of Contents (of this manual)]] [[File:565 Webmin TB neu starten herunterfahren 040.png|600px|link=]] Scroll down on page (1). Click on "System start and stop" (2). Click on "Shut down system" (3). Please wait until all LEDs go out before disconnecting the power supply. < To restart the TrutzBox: Connect TrutzBox to power supply. [[#top|-> Table of Contents (of this manual)]] ===== Webmin: Restart TrutzBox =====[[File:565 Webmin TB neu starten herunterfahren 020.png|600px|link=]] Click on "System ". [[#top|-> Table of Contents (of this manual)]] [[File:565 Webmin TB neu starten herunterfahren 030.png|600px|link=]] Scroll down on page (1). Click on "System start and stop" (2). Click on "Restart system " (3). . [[#top|-> Table of Contents (of this manual)]] ===== Webmin: Reset TrutzBox to factory settings (factory reset) ===== Here the TrutzBox can be reset to factory settings. < '''CAUTION: the following steps 1 & 2 must be performed IN ADVANCE! ''' The reset is done chronologically as follows:#Delete any certificate already downloaded with the name "trutzbox.cer" in the "Downloads" folder.#Delete any certificate already imported with the name "TrutzBox" in the browser.#'''Now proceed as follows in Webmin (https://trutzbox:10000/)''':    '''[[File:565 Webmin TB neu starten herunterfahren 050.png|600px|link=]]  click on "System" (1),   click on "Kommandozeile" (2),   enter in the input line "Führe Befehl aus": "/usr/lib/comidio/trutzbox/prepareFactoryReset.sh" (3),   click on "Führe Befehl aus" (4).  # Wait approx. 12 minutes (Delete and prepare for restart; after 11 minutes the last LED on the front of the TrutzBox ® goes out).#Remove power supply (DC 12V) from TrutzBox® (back side).#Check that TrutzBox® is connected to the Internet Router (e.g. FRITZ!Box) via network cable.#Check that the USB Wireless LAN adapter is connected to TrutzBox® via USB cable.#Wait about one minute.#Reconnect power supply (DC 12V) to TrutzBox® (back side).#Wait approx. 10 minutes (TrutzBox® starts up).#Access http://trutzbox via browser and perform setup according to setup instructions.# At the end of the setup process, updates are loaded onto the TrutzBox. This process can take more than 60 minutes. Please do not switch off the TrutzBox or start any other process during this time. As soon as the "Finish setup" window appears, all updates are complete. Then press "Done".#Download TrutzBox® certificate from TrutzBox® according to the Wiki manual (6.1.1).#Import and confirm TrutzBox® certificate from PC into browser according to Wiki manual (6.1.2).#TrutzBox® Download and confirm certificate upon request by e-mail client. [[#top|-> Table of Contents (of this manual)]] ===== Webmin: WLAN night shutdown (time-controlled) =====If you want to switch off the WLAN temporarily, e.g. overnight, proceed as follows: < '''a. Set off switching time''' [[File:5654 Webmin WLAN Zeit 010.png|700px|link=]] Click on "System" (1). Click on "Geplante Aufträge (Cron)" (2). Click on "/sbin/ifdown wlan0" (3). [[#top|-> Table of Contents (of this manual)]] [[File:5654 Webmin WLAN Zeit 021.png|700px|link=]] The default switch-off time is 23:00.If you want to change this time, enter a different time under hours.(1). Click on "Save and execute now" (2). Click on "Back to Cron jobs" (3). [[#top|-> Table of Contents (of this manual)]] '''b. Set on switching time''' [[File:5654 Webmin WLAN Zeit 040.png|700px|link=]] Click on "/sbin/ifup wlan0" to set the switch-on time (1). [[#top|-> Table of Contents (of this manual)]] [[File:5654 Webmin WLAN Zeit 031.png|700px|link=]] The default setting is to start the WLAN at 06:00. Set the on-switching time (1). Click on "Save and execute now" (2). Click on "Back to Cron jobs" (3). [[#top|-> Table of Contents (of this manual)]] '''c. Activate switching times''' [[File:5654 Webmin WLAN Zeit 050.png|700px|link=]] Click on the two orders to be activated (1) + (2). Then click on "Activate selected jobs” (3). [[#top|-> Table of Contents (of this manual)]] '''d. De- Activate switching times''' [[File:5654 Webmin WLAN Zeit 060.png|700px|link=]] Click on the two orders to be activated (1) + (2). Then click on "De-Activate selected jobs” (3). [[#top|-> Table of Contents (of this manual)]] ===== Webmin: WLAN spontaneous switching off and on (possible at any time) =====You want to '''switch off''' the WLAN spontaneously, then proceed as follows:*on the Webmin: "System" -> "Command line"*enter in input field (without quotation marks): "'''sudo ifdown wlan0''''""*click on "Execute command“. You want to '''switch on''' the WLAN spontaneously, then proceed as follows:*on the Webmin: "System" -> "Command line"*enter in input field (without quotation marks): "'''sudo ifup wlan0''''""*click on "Execute command“. [[#top|-> Table of Contents (of this manual)]] ===== Webmin: TrutzBox Checking software releases =====[[File:5655 Webmin Release Stand 010.png|700px|link=]] click on "System" (1).click on "Softwarepakete" (2).click on "Paketbaum" (3). [[#top|-> Table of Contents (of this manual)]] [[File:5655 Webmin Release Stand 020.png|700px|link=]] Search for software packages beginning with "comidio...". Click on "A-E" (1) in the table of contents. Search the list for "comidio-trutzbox-node" (2). Behind the name is the current release, in the above example: "0.1.180" (3). [[#top|-> Table of Contents (of this manual)]] [[File:5655 Webmin Release Stand 030.png|700px|link=]] Search for software packages beginning with "trutz...". Click on "P-T" (1) in the table of contents. Scroll down (2). [[#top|-> Table of Contents (of this manual)]] [[File:5655 Webmin Release Stand 040.png|700px|link=]] Search the list for "trutz..." (1). Behind the name is the current release, in the above example: "0.0.37" to "1.2.13" (2). Click on "log off" to unsubscribe (3). [[#top|-> Table of Contents (of this manual)]] ===== Webmin: Change User Password =====[[File:565 Webmin TB neu starten herunterfahren 020.png|700px|link=]] click on "System". [[#top|-> Table of Contents (of this manual)]] [[File:5656 Webmin PW ändern 021.png|700px|link=]] click on "Passwörter ändern" (1). Under (2) the admin password can be changed and under (3) the password of a TrutzMail user can be changed. Zum Ändern des admin-Passworts auf "admin" Klicken (4). [[#top|-> Table of Contents (of this manual)]] [[File:5656 Webmin PW ändern 030.png|700px|link=]] Under (1) the new (admin) password is entered. Under (2) the new (admin) password is entered again. Finally, click on "Change“ (3). [[#top|-> Table of Contents (of this manual)]] ===== Webmin: TrutzBox Triggering Updates Manually =====ou can also trigger updates manually in Webmin: * On the Webmin home page (if you are not already on the home page, please click on "System Information" in the selection menu on the left side) scroll down until "Package Updates" is displayed. * Click on the status of the "Paket-Updates", e.g. on "Alle installierten Pakete sind aktuell". * On the new menu page "Software Pakete Updates" please click on "Aktualisiere verfügbare Pakete". * If there are no updated packages, please click on „Update ausgewählte Pakete“.Updates can take a long time (over 30min).. [[#top|-> Table of Contents (of this manual)]] ===== Webmin: Find out image version =====[[File:5658 Webmin Image Version herausfinden 010.png|600px|link=]] Click on "System" (1). Click on "Kommandozeile" (2). Enter: "cat /etc/motd" (3) without quotes. Click on "Führe Befehl aus" (4). [[#top|-> Table of Contents (of this manual)]] [[File:5658 Webmin Image Version herausfinden 021.png|600px|link=]] Here the current image version (= TrutzBox software on S/SD) is displayed; in the example: 60 (1). Click on "Abmelden" (2). [[#top|-> Table of Contents (of this manual)]] ===== Webmin: Find large files =====If Comidio Support asks you to identify the large files, proceed as follows to query two tables of contents:*in Webmin: „System“ -> „Kommandozeile“* Enter in input field (without quotation marks): "'''sudo du -hs /tmp/*|sort -rh|head -20'''"* Click on "Führe Befehl aus"You will get a first listing.* Enter in input field (without quotation marks): "'''sudo du -hs /var/log/*|sort -rh|head -20'''"* Click on "Führe Befehl aus"You will get a second listing. Please mail a screenshot with both listings to support@comidio.de if necessary. [[#top|-> Table of Contents (of this manual)]] ==== Legal Notice====[[File:20160114 TB UI 56600.png|600px|link=]] [[#top|-> Table of Contents (of this manual)]] === Remote access / VPN ===Remote access allows you to access your TrutzBox from outside your home network and use TrutzMail and TrutzBrowse.To activate (only required once), proceed as follows: #Login to dynamic DNS service#Enter dynamic DNS data in Internet Router#Activate "Fernzugriff" in TrutzBox#Download VPN client to mobile device#Import email certificate attachment into VPN client#Activate/deactivate VPN connection in VPN Client ==== Register dynamic DNS service===== In order for your TrutzBox to be found on the Internet and to be accessed from outside via a domain name, the domain name must be connected to a changing IP address. This assignment is made by an external dynamic DNS service provider. You will need to set up a domain name that refers to the IP address of your TrutzBox. < There are several dynamic DNS service providers. “SECUREPOINT" is used in the following examplee. [[File:20160108-VPN-Einrichtung-30-020.png|600x600px|link=]] Open "spdns.de" and then start registration. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-030.png|600x600px|link=]] Follow (1-5) through all the steps required for registration. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-040.png|600x600px|link=]] After registration (1) has been completed, you will receive an e-mail to the e-mail address provided during registration.Leave this website open for later use (soon it will continue here -:)). [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-050.png|600x600px|link=]] Open this email first. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-060.png|600x600px|link=]] To activate the user account, click on the specified link (1).Now continue to the "spdns.de" website (which is still open :-). [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-070.png|600x600px|link=]] Click on "ANMELDEN". [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-080.png|600x600px|link=]] Log in with your registration data. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-090.png|600x600px|link=]] Click on "Add IPv4 Host" to specify a domain name. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-100.png|600x600px|link=]] Select a domain name of your choice from the list. In this case, "spdns.eu" has been selected. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-110.png|600x600px|link=]] Assign a host name of your choice (1). Click on " Host hinzufügen " (2) to create the host. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-120.png|600x600px|link=]] Hereby the host name is created (1).In the Internet router, a so-called "update URL" from the dynamic DNS provider is required.In the case of SECUREPOINT, you will find this URL on the next page under 1.If you have chosen another dynamic DNS provider, ask there for its update URL. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-130.png|600x600px|link=]] Call up the user interface of your Internet router. < See also:http://wiki.securepoint.de/index.php/SPDyn_FAQ [[#top|-> Table of Contents (of this manual)]] ====Enter dynamic DNS data and port sharing in Internet Router ====Here at the example: FRITZ!Box 7390 [[File:20160108-VPN-Einrichtung-30-140.png|600x600px|link=]] Click on Internet. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-150.png|600x600px|link=]] After clicking on "Freigaben" and "Dynamic DNS", enter the required data one after the other.Click on "Apply" to complete this process.Then click on "Portfreigabe" on the "Freigaben" screen. < In the case of SECUREPOINT, the update URL is: '''update.spdns.de/nic/update?hostname=<domain>&myip=<ipaddr>''' [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-300.png|600x600px|link=]] Click on "neue Portfreigabe". [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-310.png|600x600px|link=]] Create a " UTP " port sharing as indicated. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-320.png|600x600px|link=]] Click on "Übernehmen" to terminate port sharing. [[#top|-> Table of Contents (of this manual)]] ====Activate "Fernzugriff“ (Remote access) in TrutzBox=====Here, activat remote access and assign it to the respective user. < [File:20160108-VPN-Setup-30-170.png|600x600px|link=]] Call up the TrutzBox user interface by entering the administrator password. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-180.png|600x600px|link=]] Enter the previously determined host name in "DynDNS-Domain". Then activate remote access by checking the box. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-190.png|600x600px|link=]] Click on "Accounts" after approx. 30 minutes. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-200.png|600x600px|link=]] Click on the person for whom you want to set up remote access. Then click on "Fernzugriff" for this person. [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-210.png|600x600px|link=]] The selected person receives an e-mail with an attached VPN certificate on their TrutzMail address, which can then be loaded into the VPN client of the mobile device. [[#top|-> Table of Contents (of this manual)]] ==== Install VPN Client on iPhone ==== [[File:20160108-VPN-Einrichtung-30-220.png|600x600px|link=]] Open AppStore and enter "open vpn" in the search field and select "OpenPN Connect" in the list, load and install it. The "OpenVPN" logo will then appear on your iPhone as a newly installed app.The next step is to import the certificate from the e-mail attachment.Prerequisite:To email the certificate to your mobile device, TrutzMail must be set up as an account on your iPhone mail system. If not, set up TrutzMail on your iPhone mail; see settings under 4.2.2.Open the "Mail" inbox. [[#top|-> Table of Contents (of this manual)]] ==== Import email certificate attachment into VPN client ====[[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-260.png|600x600px|link=]] Open the email "Ihr Zertifikat wurde erstellt". [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-270.png|600x600px|link=]] Scroll down in the email and open the attachment (2nd click).From the drop-down menu, click on "Nach OpenVPN kopieren". [[#top|-> Table of Contents (of this manual)]] [[File:20160108-VPN-Einrichtung-30-280.png|600x600px|link=]] To import the profile, click on the green plus symbol.To open VPN, click the button (3.).Click on "Yes" to complete the setup. With the switch (3.) you can switch VPN on or off. [[#top|-> Table of Contents (of this manual)]] ==== Install VPN Client on Win10 PC===== Go to the website https://openvpn.net [[File:05-07-06-VPN-Client-Win10-010.png|600x600px|link=]] Click on "Community" (1). [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-020.png|600x600px|link=]] Click on "Downloads" (1). [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-030.png|600x600px|link=]] Click on "https://swupdate.openvpn.org/community/releases/openvpn-install-2.4.3-I602.exe" (1). [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-040.png|300x300px|link=]] Click on "Datei speichern" (1). [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-050.png|600x600px|link=]] Click on the (blue) download arrow and then on the file you just downloaded (1). [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-060.png|400x400px|link=]] Click on "Next" (1). [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-070.png|400x400px|link=]] Click on "I Agree" (1). [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-080.png|400x400px|link=]] Click on "Next" (1). [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-090.png|400x400px|link=]] Click on "Install" (1). [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-100.png|400x400px|link=]] The green bar shows the progress of the installation. [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-110.png|400x400px|link=]] Click on "Next" (1). [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-120.png|400x400px|link=]] Click on "Finish" (1). [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-130.png|600x600px|link=]] The opened "Readme file" explains that the configuration file must be loaded into the folder "C:\Program Files\OpenVPN\conig. [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-140.png|400x400px|link=]] Click on the app "OpenVPN" (1) and then on "OpenVPN configurationfile directory" (2) to open the configuration file folder. [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-150.png|600x600px|link=]] Copy the VPN configuration file received from your TrutzBox via TrutzMail (1) ... [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-160.png|600x600px|link=]] ... into the opened configuration file folder. [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-170.png|400x400px|link=]] Then click on the interface management "OpenVPN GUI" (1). [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-180.png|400x400px|link=]] This will display the OpenVPN GUI icon in the lower right corner. Double-click on it (1) ... [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-190.png|600x600px|link=]] ... establishes the VPN connection to your TrutzBox. Once the connection has been successfully established, the message "CONNECTED.SUCCESS" and... [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-200.png|400x400px|link=]] ... the successful connection establishment is briefly displayed (1). The previously colorless OpenVPN GUI icon changes to blue... [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-210.png|400x400px|link=]] ... and is displayed in blue during an existing VPN connection (1). [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-220.png|400x400px|link=]] Status information is displayed when the symbol is passed over with the mouse. [[#top|-> Table of Contents (of this manual)]] '''Disconnecting the link ...''' [[File:05-07-06-VPN-Client-Win10-230.png|400x400px|link=]] ... by double-clicking on the OpnVPN GUI icon (1) ... [[#top|-> Table of Contents (of this manual)]] [[File:05-07-06-VPN-Client-Win10-240.png|600x600px|link=]] ... and Click on "Trennen" (1). [[#top|-> Table of Contents (of this manual)]]

Fox

Bureaucrats, Administrators

5,561

edits

Comidio β

Changes

Trutzbox Manual

Comidio ^β