Changes

Trutzbox Manual

35,132 bytes added, 6 years ago

→‎Install VPN Client on Win10 PC=

Click on "Datei speichern" (1).

== TrutzBox® Certificates, Connectivity and Network ==

=== Certificates ===

If you do not disclose the certificate to browsers and the mail system, you will be prompted for security confirmation each time you open it.

Therefore it is recommended to download the TrutzBox® certificate from the TrutzBox® to your PC and import it into your browser and mail programs.

More background information see TrutzBox Compendium ''TrutzBox® Certificates''' p. 90ff. https://comidio.de/trutzbox-kompendium/

<

It is assumed that the setup has already been completed as described in chapter "3.2 TrutzBox Setup" and that a certificate has already been imported on the setting up PC..

In the event that certificates

*should be implemented on the PC, see following table,

*is to be implemented on the mobile device,

**for Apple iOS devices see chapter 6.1.2.4,

**for Google Android devices see chapter 6.1.2.5.

The following TrutzBox certificate table helps to import certificates into the respective browser of a PC.

#Determine in the upper row (initial situation) which certificate is already implemented on this PC.

#Specify in the left column which browser to use on this PC.

#Then find a brief description in the table and a reference to the detailed description of the recommended procedure.

<tr>

<td width="175">'''1. Initial situation ... (to the right) 2... I want to do that (down) ''' </td>

<td width="175">''On this PC or Mac the TrutzBox® certificate is not yet imported in any browser''</td>

<td width="175">”On this PC or Mac, the TrutzBox® certificate is only imported in FireFox ''

</td>

<td width="175">''On this PC or Mac, the TrutzBox® certificate is only imported in a non-FireFox* browser''

</td>

</tr></table>

<tr>

<td width="175">''Certificate should be imported for a browser other than FireFox (in Windows or Mac certificate management)''

</td>

<td width="350">'''either (if you have Firefox) (6.1.1)'''

*Download the certificate "trutzbox.cer" to your PC with FireFox

'''or (if you don't have Firefox) '''

*Copy "trutzbox.cer" certificate to PC or Mac

'''then (6.1.2.2) '''

*Open Internet Explorer or Safari

*Import certificate from download directory into certificate management

</td>

<td width="175">(no action, because certificate already imported)</td>

</tr></table>

<tr>

<td width="175">''The certificate is to be imported for FireFox (in FireFox certificate management)''

</td>

'''See 6.1.2.1'''

Use FireFox to import the "trutzbox.cer" certificate from a PC or Mac into FireFox certificate management

</td>

<td width="175">(no action, since certificate already imported)</td>

See 6.1.2.1''

Use FireFox to import the "trutzbox.cer" certificate from a PC or Mac into FireFox certificate management</td>

</tr>

</table>

<nowiki>*</nowiki> Non-FireFox browsers include Internet Explorer, Google Chrome, Safari

[[#top|-> Table of Contents (of this manual)]]

Structure and use of certificate management systems

<

First, the TrutzBox certificate ('''trutzbox.cer''') is downloaded from the TrutzBox to the PC intended for use. Unless set otherwise by the user, the download takes place in the "Download" directory of the PC.

In principle there are ''2 certificate management systems'''' on one PC, one in the '''operating system''', here Windows 10 for example, and - if Firefox is used - a second one of '''Firefox'''.

<tr>

<td>'''A Import certificate (trutzbox.cer) into certificate management system ''' </td>

</tr></table>

[[File:Zertifikatsverwaltung11.png|700px|link=]]

<tr>

<td width="180"> In the Firefox certificate management system, the TrutzBox certificate is imported via the Firefox browser.</td>

<td width="470"> In the operating system certificate management system, the TrutzBox certificate ''one-time''' is imported directly from the operating system or via any other browser, except the Firefox browser.

</td>

</tr></table>

[[#top|-> Table of Contents (of this manual)]]

<tr>

<td>'''B. Use of the certificate (from all browsers)''' </td>

</tr></table>

[[File:Zertifikatsverwaltung21.png|700px|link=]]

<tr>

<td width="180"> When using the Firefox browser, it accesses the TrutzBox certificate in its own certificate management during operation.</td>

<td width="470"> All other browsers access the TrutzBox certificate in the operating system certificate management system during operation.</td>

</tr></table>

[[#top|-> Table of Contents (of this manual)]]

<tr>

<td>'''C. Opening or deleting the TrutzBox certificate ''' </td>

</tr></table>

[[File:Zertifikatsverwaltung31.png|700px|link=]]

<tr>

<td width="180"> Accessing or deleting the TrutzBox certificate in Firefox certificate management systems is done via Firefox browser.</td>

<td width="470">The TrutzBox certificate can be opened or deleted in the operating system certificate management systems ''once only''' via the operating system or any other browser, except the Firefox browser.</td>

</tr></table>

[[#top|-> Table of Contents (of this manual)]]

==== Download certificate from TrutzBox® to PC ====

[[File:20150730 Zertifikate 010.png|500px|link=]]

Open the TrutzBox user interface in your browser with "trutzbox". Enter the administrator password (1.) and click on "Login " (2.).

[[File:20150730 Zertifikate 021.png|400px|link=]]

Click on "TrutzBox Filter" (1.) -> "Configure filter" (2.) and right-click on the button "Download root certificate" (3.).

[[#top|-> Table of Contents (of this manual)]]

[[File:20150730 Zertifikate 031.png|400px|link=]]

Start the download of the certificate by clicking on "Save target as".

[[File:20150730 Zertifikate 041.png|700px|link=]]

The certificate is saved in the download area of the PC (1.).

[[File:20150730 Zertifikate 051.png|700px|link=]]

Log out by clicking on "Logout“ (1.)

[[#top|-> Table of Contents (of this manual)]]

'''In step 1, the certificate was saved to the device.'''

==== TrutzBox® Certificate activate in ... ====

In step 2, the certificate is imported from the PC into the respective browser. <

Import the TrutzBox® root certificate into any browser on any PC. With every browser call the TrutzBox® generates a new certificate, which is then accepted by the browser.

[[#top|-> Table of Contents (of this manual)]]

===== {{anchor|Zertifikat Importieren Mozilla Firefox}} Mozilla Firefox (Microsoft Windows + Apple OS X; Zertifikat in Firefox) =====

[[File:20150730 Zertifikate 110.png|300px|link=]]

Open the browser (in the example Mozilla Firefox) and click on "Extras" (1.).

[[File:20150730 Zertifikate 120.png|600px|link=]]

Click on „Erweitert“ (2.) -> Zertifikate“ (3.) und „Zertifikate anzeigen“ (4.).

[[File:20150730 Zertifikate 130.png|500px|link=]]

Click on „Zertifizierungsstellen“ (5.) and on „Importieren …“ (6.).

[[#top|-> Table of Contents (of this manual)]]

[[File:20150730 Zertifikate 140.png|500px|link=]]

Now go to the directory where the certificate was downloaded. In the standard case this is the "Download" directory.

Click on the certificate (7.) and confirm with "Open“ (8.).

[[File:20150730 Zertifikate 150.png|500px|link=]]

Mark the two upper boxes (9. + 10.) by clicking and confirm „OK“ (11.).

This loads the root certificate into the browser and all certificates generated temporarily by the TrutzBox® are automatically recognized by the browser (without constant single query).

This "download-certificate-to-browser" must be done once for each browser (Mozilla Firefox, Google Chrome, Internet Explorer, Safari, Opera) on each connected device (e.g. laptops, PCs).

[[#top|-> Table of Contents (of this manual)]]

===== {{anchor|Zertifikat Importieren Microsoft Windows}} Internet Explorer / Google Chrome (Microsoft Windows) =====

The certificate does not have to be imported into the browsers "Internet Explorer" and "Google Chrome":

by importing the TrutzBox® certificate from the download directory to the Windows certificate management, the TrutzBox® certificate is automatically available to Internet Explorer and Google Chrome browsers.

This chapter describes how to import the root certificate already downloaded from TrutzBox® into the Windows certificate management.

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 010.png|700px|link=]]

* Find out in which directory (usually "Downloads") the TrutzBox® certificate "trutzbox.cer" has been downloaded (1).

* Make a double click on the file "trutzbox.cer" (2).

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 020.png|300px|link=]]

Click on "Öffnen" der Datei.

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 030.png|300px|link=]]

Click on "Zertifikat installieren".

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 040.png|400px|link=]]

Click on "Weiter".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 050.png|400px|link=]]

Choose "Alle Zertifikate in folgenden Speicher speichern".

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 060.png|400px|link=]]

Click on "Durchsuchen ...".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 070.png|300px|link=]]

* Choose the second folder "Vertrauenswürdige Stammzertifizierungsstellen" (1).

* Click on "OK".

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 080.png|400px|link=]]

Click on "Weiter".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 090.png|400px|link=]]

Click on "Fertigstellen".

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 100.png|300px|link=]]

Click on "OK".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 110.png|400px|link=]]

Finally, click on "OK".

[[#top|-> Table of Contents (of this manual)]]

===== {{anchor|Zertifikat Importieren Apple OS X}} Safari/ Google Chrome (Apple OS X; Zertifikat in Schlüsselbund) =====

Open the "Finder" and go to the "Downloads" directory. There you will find the root certificate downloaded from TrutzBox.

[[File:Zertifikat aktivieren 040 Macintosh 010a.png|600px|link=]]

In your "Downloads" directory, double-click on the TrutzBox root certificate "trutzbox.cer". The program for keychain management opens.

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 040 Macintosh 012a.png|500px|link=]]

Click on "Hinzufügen".

[[File:Zertifikat aktivieren 040 Macintosh 020a.png|500px|link=]]

The "Keychain management" opens and shows the loaded certificate "TrutzBox Root CA". It is marked with a red symbol (1), as it is "not yet trustworthy.

Click on "TrutzBox Root CA" (2).

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 040 Macintosh 031a.png|400px|link=]]

The "TrutzBox Root CA" certificate (1) opens and shows the warning in red: "This root certificate is not trustworthy."

Click on "Vertrauen" (2).

[[File:Zertifikat aktivieren 040 Macintosh 040a.png|400px|link=]]

Click on "System Standards" to open a selection menu (2).

Click on "Immer vertrauen".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 040 Macintosh 050a.png|400px|link=]]

All applications are based on "Immer vertrauen".

After that you can close the window and have to confirm the change with your MAC system password if necessary. Then you can close the keychain.

[[#top|-> Table of Contents (of this manual)]]

===== iOS Smartphone/Tablet: Browser Safari with Apple iOS =====

Download certificate using the iPhone as an example.

Open the Smartphone Browser (Safari) and enter in the input field: <nowiki>http://trutzbox</nowiki>.

[[File:Zertifikat aktivieren 050 iPhone iPad 030.png|300px|link=]]

... click on "Öffnen".

[[File:Zertifikat aktivieren 050 iPhone iPad 040.png|300px|link=]]

Click on "Fortfahren".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 050 iPhone iPad 051.png|300px|link=]]

Click on "Vertrauen".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 050 iPhone iPad 070.png|300px|link=]]

Enter TrutzBox Administrator password ...

[[File:Zertifikat aktivieren 050 iPhone iPad 080.png|300px|link=]]

and click on "Anmelden".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 050 iPhone iPad 090.png|300px|link=]]

Click on the menu selection ...

[[File:Zertifikat aktivieren 050 iPhone iPad 100.png|300px|link=]]

... and click on 3. menu item (= TrutzBox Filter).

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 050 iPhone iPad 110.png|300px|link=]]

Click on "Filter-Konfigurieren".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 050 iPhone iPad 120.png|300px|link=]]

Click on "Download Root Certificate".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 050 iPhone iPad 130.png|300px|link=]]

Click on "Installieren".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 050 iPhone iPad 140.png|300px|link=]]

If asked, enter personal code.

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 050 iPhone iPad 150.png|300px|link=]]

Click on "Installieren".

[[File:Zertifikat aktivieren 050 iPhone iPad 160.png|300px|link=]]

Click on "Installieren".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 050 iPhone iPad 170.png|300px|link=]]

Click on "Fertig".

[[File:Zertifikat aktivieren 050 iPhone iPad 180.png|300px|link=]]

If necessary, click "User Logout" to log out.

[[#top|-> Table of Contents (of this manual)]]

'''If the certificate is not accepted, please check whether the "TrutzBox Root CA" is switched on.'''

[[File:6 1 2 4 Zertifikat importieren 200.PNG|300px|link=]]

If necessary, switch on the "TrutzBox Root CA" via:

"Einstellungen" -> "Allgemein" -> "Info" -> "Zertifikatsvertrauenseinstellungen"

[[#top|-> Table of Contents (of this manual)]]

===== Android Smartphone/Tablet: Standard Browser unter Google Android =====

Load certificate in Android browser; depending on the Android device the screens may differ slightly.

Download the certificate to your PC (https://comidio.de/wiki/index.php/TrutzBox_Handbuch#Zertifikat_von_TrutzBox.C2.AE_auf_PC_herunterladen) und kopieren oder mailen Sie es vom PC auf das Android-Gerät.

In the Android device change to "Einstellungen" and select "Sicherheit" ...

[[File:Zertifikat aktivieren 080 Smartphone Android 090.png|300px|link=]]

... scroll down and ...

[[File:Zertifikat aktivieren 080 Smartphone Android 100.png|300px|link=]]

... select „von Speicher installieren“.

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 080 Smartphone Android 121.png|300px|link=]]

Assign the name "TrutzBox" for the certificate, and finally select "OK”.

[[#top|-> Table of Contents (of this manual)]]

===== {{anchor|Zertifikat Importieren Microsoft Windows10}} Microsoft Windows 10 Zertifikatsverwaltung =====

In the TrutzBox user interface in the navigation menu go to:

TrutzBox Filter -> Filter-Konfigurieren

There click on "Root Zertifikat herunterladen".

[[File:060 Zertifikat importieren 010.png|700px|link=]]

Click on "Öffnen".

[[#top|-> Table of Contents (of this manual)]]

[[File:060 Zertifikat importieren 020.png|400px|link=]]

Click on "Zertifikat installieren ...".

[[#top|-> Table of Contents (of this manual)]]

[[File:060 Zertifikat importieren 030.png|600px|link=]]

Select „Alle Zertifikate in folgendem Speicher speichern“ and click on „Durchsuchen ...".

[[#top|-> Table of Contents (of this manual)]]

[[File:060 Zertifikat importieren 040.png|400px|link=]]

Select "Vertrauenswürdige Stammzertifizierungsstellen“ and click on „OK“.

[[#top|-> Table of Contents (of this manual)]]

[[File:060 Zertifikat importieren 050.png|700px|link=]]

Click on "Weiter".

[[#top|-> Table of Contents (of this manual)]]

[[File:060 Zertifikat importieren 060.png|700px|link=]]

Click on "Fertig stellen".

[[#top|-> Table of Contents (of this manual)]]

[[File:060 Zertifikat importieren 070.png|600px|link=]]

Click on "Ja".

[[#top|-> Table of Contents (of this manual)]]

[[File:060 Zertifikat importieren 080.png|400px|link=]]

Click on "OK".

[[#top|-> Table of Contents (of this manual)]]

==== Import certificate from PC into mail system (e.g. Microsoft Outlook under Windows) ====

If an "Internet Security Warning" is displayed, install the TrutzBox® certificate.

[[File:20150730 Zertifikate 210.png|500px|link=]]

Click on "Zertifikat anzeigen".

[[File:20150730 Zertifikate 220.png|400px|link=]]

Click on "Zertifikat installieren ..." (1.) und bestätigen Sie (2.).

[[#top|-> Table of Contents (of this manual)]]

[[File:20150730 Zertifikate 230.png|500px|link=]]

Click on "Weiter".

[[File:20150730 Zertifikate 240.png|500px|link=]]

Belassen Sie die Markierung auf "Zertifikatspeicher automatisch auswählen" (1.) und Click on "Weiter" (2.).

[[#top|-> Table of Contents (of this manual)]]

[[File:20150730 Zertifikate 250.png|500px|link=]]

Click on "Fertig stellen".

[[File:20150730 Zertifikate 260.png|500px|link=]]

To answer the question, click on "Ja".

[[File:20150730 Zertifikate 270.png|300px|link=]]

Click on "OK" to end the successful import.

[[#top|-> Table of Contents (of this manual)]]

==== Creating profiles in FireFox ====

If you want to surf protected from the same PC (e.g. a laptop) both at home (via your own TrutzBox) and on the move (via another TrutzBox), you need to have imported the certificate valid for the respective TrutzBox in your browser.

In this case FireFox offers the possibility to create and use different profiles, which can also use different certificates for each profile.

The following shows how to create another profile in addition to the standard profile.

[[File:20160525 FireFox Profil einrichten V01.png|900px|link=]]

# Click on Windows Start-Button

# Right click on FifreFox Logo

# Click on "Eigenschaften"

# Click into the line "Ziel"

Press #<ctrl> a to highlight the entire destination address

Press #<ctrl> c to copy the destination address

#Re-click Windows Start button

# Click on "Eingabeaufforderung"

# Right click in the middle of the prompt window

# Click on "Einfügen"

# Position the cursor to the right of the quotation mark and enter <space> and "-p

# Press return key

# Click on "Create Profile"

# Click on "Next >"

# Enter new profile name

# Click on "Finish"

# The first time FireFox is started, the profile to be used is selected. (Each profile can use a different certificate.)

Here you can download the manual: https://comidio.de/wiki/images/9/97/20160525_FireFox_Profil_einrichten_V01.png

=== Connect device with TrutzBox® ===

Assumption: the TrutzBox® was connected to the Internet router via network cable (red connection in the following figure).

[[File:20150810 Netzwerk Alternativen mit USB WLAN Adapter.png|700px|link=]]

There are basically two ways to connect devices to the TrutzBox®:

#PC 1 is connected to the Internet router via WLAN or network cable (dashed yellow).

# PC 2 is connected to the TrutzBox® via WLAN or network cable (green dashed).

<tr>

<td width="620">In order for Internet traffic (surfing) via the TrutzBox®, the TrutzBox® must be entered as proxy (= deputy, quasi "doorman") in the respective browser of the PC.The entry must be made separately for each browser. This mode is called '''"Proxy mode"'''.</td>

</tr>

<tr>

<td> All Internet traffic (surfing) automatically passes through the TrutzBox®.This mode is called '''"Transparent mode'''".</td>

</tr>

</table>

In both cases, TrutzBox® controls both incoming and outgoing Internet communication.

'''The aim is to connect as many or all devices as possible in the home network directly via the TrutzBox® (i.e. in "transparent mode").'''

It is advisable to reach this state step by step.

Therefore you should start "small" at the beginning and gain experience in "proxy mode".

You can also surf in a browser (e.g. Firefox) in proxy mode while surfing in a second browser (e.g. Chrome) without protection.

For example, you can track the influence the security slider has on unprotected access in various positions (e.g. effects on advertising offers shown).

Once you have gained sufficient experience in proxy mode, you can gradually connect devices in transparent mode by connecting the devices directly to the TrutzBox® via WLAN (or network cable).

'''To change from transparent mode to proxy mode or vice versa, proceed as follows: '''

*Shut down PC or device

*If previously connected to TrutzBox, now connect to the Internet router or vice versa

*Switch on/restart the device (now the device automatically receives an IP address valid in this network area)

[[#top|-> Table of Contents (of this manual)]]

==== Set up TrutzBox® as proxy (proxy mode) in... ====

Comidio offers a so-called "proxy configuration URL" so that the user does not have to make name and port settings every time.

This is: <nowiki>"http://trutzbox/api/proxy/pac"</nowiki>

The following sections describe how to configure the proxy configuration URL in your browser. Once entered, the browser "remembers" it and the browser then accesses the Internet in a controlled manner through the TrutzBox. You can later simply switch on and off the TrutzBox by clicking on

"No proxy" and

Automatic proxy configuration URL" or "Use script for automatic configuration"<.br>

===== Windows PC: Browser Mozilla Firefox on Microsoft Windows 7 =====

Open the browser.

[[File:Proxy einrichten 010 Firefox auf PC 010.png|500px|link=]]

Click on "Extras" and "Einstellungen".

[[File:Proxy einrichten 010 Firefox auf PC 020.png|700px|link=]]

Click on "Erweitert".

[[#top|-> Table of Contents (of this manual)]]

[[File:Proxy einrichten 010 Firefox auf PC 030.png|700px|link=]]

Click on "Netzwerk" and "Einstellungen".

[[File:Proxy einrichten 010 Firefox auf PC 040.png|700px|link=]]

Click on "Automatische Proxy-Konfigurations-URL", enter <nowiki>"http://trutzbox/api/proxy/pac"</nowiki> and confirm with OK".

Now the TrutzBox® is configured as proxy and protects between Internet router and PC.

[[#top|-> Table of Contents (of this manual)]]

===== Windows PC: Browser Google Chrome on Microsoft Windows 7 =====

[[File:Proxy einrichten 020 Chrome auf PC 010.png|700px|link=]]

Select (1) and click on "Einstellungen" (2) in the Chrome browser called up..

[[File:Proxy einrichten 020 Chrome auf PC 020.png|700px|link=]]

Scroll to the very bottom.

[[#top|-> Table of Contents (of this manual)]]

[[File:Proxy einrichten 020 Chrome auf PC 030.png|700px|link=]]

Click on "Erweiterte Einstellungen anzeigen".

[[File:Proxy einrichten 020 Chrome auf PC 040.png|700px|link=]]

Scroll down until "Network" appears.

Click on "Proxy-Einstellungen ändern".

[[#top|-> Table of Contents (of this manual)]]

[[File:Proxy einrichten 020 Chrome auf PC 050.png|700px|link=]]

Click on "LAN-Einstellungen".

[[File:Proxy einrichten 020 Chrome auf PC 061.png|700px|link=]]

Check "Skript für automatische Konfiguration verwenden" and enter the address "<nowiki>http://trutzbox/api/proxy/pac</nowiki>". Click "OK" to confirm.

[[#top|-> Table of Contents (of this manual)]]

[[File:Proxy einrichten 020 Chrome auf PC 070.png|700px|link=]]

Confirm "OK".

[[File:Proxy einrichten 020 Chrome auf PC 080.png|700px|link=]]

Open a new tab for testing.

[[#top|-> Table of Contents (of this manual)]]

[[File:Proxy einrichten 020 Chrome auf PC 090.png|700px|link=]]

For example, open "Google“.

[[File:Proxy einrichten 020 Chrome auf PC 100.png|700px|link=]]

The TrutzBurg appears in the upper right corner.

This shows that the TrutzBox is active.

[[#top|-> Table of Contents (of this manual)]]

===== (Windows PC: Browser Internet Explorer on Microsoft Windows 7) =====

===== Apple Mac: Browser Safari on Apple iOS =====

[[File:Proxy einrichten 050 Safari auf Mac 010.png|700px|link=]]

* Under iOS, click on -> Systemeinstellungen –> Netzwerk and -> WLAN.

* Click on "Proxies" (1) and activate there under Protocol to be configured: "Autom. Proxy-Konfiguration" (2).

* Enter "<nowiki>http://trutzbox/api/proxy/pac</nowiki>" (3) in the URL field on the right.

* Check or tick the box for"Passiven FTP-Modus (PASV) verwenden" (4).

* Confirm by clicking on"OK" (5).

[[#top|-> Table of Contents (of this manual)]]

===== Apple Mac: Browser Firefox on Apple iOS =====

===== iOS Smartphone/Tablet: Browser Safari on Apple iOS =====

[[File:Proxy einrichten 100 iOS Smartphone Tablet 010.png|300px|link=]]

Click on "Einstellungen".

[[File:Proxy einrichten 100 iOS Smartphone Tablet 020.png|300px|link=]]

Click on "WLAN".

[[#top|-> Table of Contents (of this manual)]]

[[File:Proxy einrichten 100 iOS Smartphone Tablet 030.png|300px|link=]]

Click on "i" of the WLAN connection of the active Internet router.

[[File:Proxy einrichten 100 iOS Smartphone Tablet 040.png|300px|link=]]

Scroll down and click on "Auto" in the "HTTP-PROXY" area.

[[#top|-> Table of Contents (of this manual)]]

[[File:Proxy einrichten 100 iOS Smartphone Tablet 050.png|300px|link=]]

Enter the address"<nowiki>http://trutzbox/api/proxy/pac</nowiki>" in the "URL" input field (1.) and confirm your entry by clicking on "WLAN" (2.).

[[File:Proxy einrichten 100 iOS Smartphone Tablet 060.png|300px|link=]]

Exit "Einstellungen" by pressing the menu button.

[[#top|-> Table of Contents (of this manual)]]

===== Android Smartphone/Tablet: Standard Browser on Google Android =====

Setting up a proxy under Android. The screens may vary slightly depending on the Android device.

Switch to "Preferences" in Android ...

[[File:Proxy einrichten 080 Smartphone Android 010.png|300px|link=]]

... and select "WLAN“.

[[File:Proxy einrichten 080 Smartphone Android 020.png|300px|link=]]

Hold down the selected WLAN (here: "rhg_1") until a new menu appears.

"Press "Change network".

[[File:Proxy einrichten 080 Smartphone Android 030.png|300px|link=]]

Press „Erweiterte Optionen“ and then open „Proxy“.

[[File:Proxy einrichten 080 Smartphone Android 040.png|300px|link=]]

Select „Autom. Proxy-Konfig.“.

[[File:Proxy einrichten 080 Smartphone Android 050.png|300px|link=]]

On "PAC-URL" enter: <nowiki>http://trutzbox/api/proxy/pac</nowiki>

Then click on "SPEICHERN".

===== Microsoft Windows 10 =====

Configure Automatisches Proxy-Script for Microsoft Windows 10 in Edge:

In Edge, select "Einstellungen" and go all the way down.

[[File:080 Proxy einschalten 010.png|300px|link=]]

Click on „Erweiterte Einstellungen anzeigen".

[[#top|-> Table of Contents (of this manual)]]

[[File:080 Proxy einschalten 020.png|300px|link=]]

Click on "Proxyeinstellungen öffnen".

[[#top|-> Table of Contents (of this manual)]]

[[File:080 Proxy einschalten 030.png|700px|link=]]

Set the „Setupscript verwenden“ switch to „Ein“.

In the field „Scriptadresse" enter <nowiki>"http://trutzbox/api/proxy/pac"</nowiki> and click on „Save“.

[[#top|-> Table of Contents (of this manual)]]

==== Connect the device directly via WLAN (or LAN) with TrutzBox® (Transparent-Modus) ====

Now connect your PC and, if necessary, other Internet-enabled devices via wired network (LAN) or wireless network (WLAN) with the TrutzBox®.

Switch WLAN connection from PC to Internet router to PC to TrutzBox®:

[[File:20150624 Bild TrutzBox WLAN Wechsel V02.png|700x700px|link=]]

To do this, click the WLAN icon in the notification area on the right of the task bar (1.). When selecting wireless network connections, click (2.) on your TrutzBox® SSID (WLAN name assigned under 4.6 when setting up). Then click on "Connect" (3.) and enter the WLAN password in the window that appears (4.). By clicking on "OK" (5.) the confirmation (6.) appears.

[[File:Umschalten auf WLAN2.png|700px|link=]]

From now on you use TrutzBrowse, TrutzContent and TrutzBase.

=== TrutzBox®-network ===

To ensure maximum security for the devices connected to the TrutzBox®, the TrutzBox® sets up its own network separate from the Internet router. A DHCP server gives the connected devices a new IP address from the range 192.168.195.50 to 192.168.195.199. A separate DNS server (dnsmask) forwards the name resolution for the connected devices to the DNS server of the Internet router.

The TrutzBox® takes over the routing between the TrutzBox® internal network (WLAN, LAN-Int1 and LAN-Int2) and the TrutzBox® external network (Lan connection "LAN-Ext").

The TrutzBox® itself has the IP address 192.168.195.200 in the internal network. The IP address of the TrutzBox® is obtained from the Internet router when it is started.

[[File:63 Netzwerk 010.png|700px|link=]]

A permanently assigned (static) IP address from the range 192.168.195.50 to 192.168.195.199. can also be assigned to a connected device. Subnet mask is then 255.255.255.0, the router and DNS server IP address is 192.168.195.200.

[[#top|-> Table of Contents (of this manual)]]

==== Firewall ====

A Statefull-Inspection Firewall has been installed to provide additional protection for both the TrutzBox® and the internal network connected to it. This not only protects the TrutzBox® itself from unauthorised access to the network side, but also blocks external attackers. In addition, the firewall protects all connected network devices against uncontrolled network access via appropriate port shares. <

The firewall used is a Stateful Packet Inspection Firewall (SPI), i.e. each data packet is assigned to a specific active connection (session):

* All devices connected to the internal network are bridged so that they can communicate with each other without restriction.

* All connected devices can establish connections to "extern" (LAN-Ext) on all ports. If a device on the internal network wants to access a device on the Internet router (external network), then a fully qualified host name must be used (e.g..fritz.box must be appended). All connections via port 80/443 are automatically routed via the TrutzBox® Proxy (filter), which then controls incoming and outgoing data.

* An external connection to the TrutzBox® is only enabled for special ports

* Establishing a connection from the external network to the internal network is not enabled and is therefore not permitted.

[[File:63 Netzwerk 020.png|700px|link=]]

The TrutzBox® Administrator can open additional ports as required. <

The firewall is based on the open source firewall "iptables". In addition, the Shorewall Firewall package is provided as an add-on to provide experts with additional functions such as simplified user guidance or zone setup.

[[#top|-> Table of Contents (of this manual)]]

Fox

Bureaucrats, Administrators

5,561

edits

Comidio β

Changes

Trutzbox Manual

Comidio ^β