Changes

← Older edit

Trutzbox Manual

66,533 bytes added, 5 years ago

→‎Preconditions

== The TrutzBox® ==

Comprehensive background information and technical details that go beyond setting up and using the TrutzBox® are provided by the ''Comidio Compendium''', see https://comidio.de/trutzbox-kompendium/.

(To hide the search line: click on "x" on the right side in the search line.

=== Before you turn to the TrutzBox... updates! ===

Please make sure that the following '''Updates are done''' and that you can ~~access your~~ '''access your Internet router''' user interface.

<tr>

<td>'''Browser'''</td>

<td>~~Bitte achten Sie darauf, dass jeder Ihr~~ Please make sure that your '''~~Browser mit dem neusten Update~~each of your browsers is up to date with the latest update''' ~~versehen auf dem neusten Stand ist~~.

Only in this way can you be sure that you are optimally protected by the latest updates. In addition, TrutzBox is set up with its own updates to work with the latest browser updates. If the browser is not equipped with the latest update, the TrutzBox may not work and therefore does not offer optimum protection.

<tr>

<td width="80">'''ATTENTION:'''

'''We can only provide support if you first go through Quick Start'''

*'''Step-by-step'''

*'''completely'''

[[#top|-> Table of Contents (of this manual)]]

=== TrutzBox with or without (own) WLAN? ===

=== Phases, users and administrator ===

This manual describes two roles in these words:

'''~~”User”~~User''' Anyone using TrutzBox functions is referred to in this manual as "'''User'"''.

'''Administrator '''

==Fast Lane (for TrutzBox® Administrator)==

Chapter 2 contains information for technically affine users:

Now 9 screen pages follow one after the other for the initial setup of your TrutzBox:

*Page 1: '''Welcome (Willkommen)''': TrutzBox self-tests whether it has access to the Internet,*Page 2: '''License terms (Lizenzbedingungen)''': accept the license agreement,*Page 3: '''Import Root-Zertificate(Root-Zertifikat importieren)'''

<tr>

<td width="110">~~Schritt~~ Step 1:</td>

<td width="490">Download Root-Zertificate</td>

</tr>

<td>Start test</td></tr></table>

*Page 4: ''' Set admin password (Admin-Passwort setzen)''': Setting the administrator password for your TrutzBox,*Page 5: ''' Register TrutzBox (TrutzBox registrieren)''': Enter TrutzLegitimierung (TrutzKennung und TrutzSchlüssel),*Page 6: '''Create TrutzMail Adresse(TrutzMail Adresse anlegen)''': Create name, e-mail address and password,*Page 7: ''' WLAN settings (WLAN Einstellungen)''': Setting the WLAN name (SSID) and the WLAN password (can be done later in case of later WLAN setup),*Page 8: ''' source packages (Quellpakete)''': Determine memory release or storage of source packages, and*Page 9: ''' recap (Zusammenfassung)''': Presentation of the entries, and if OK: "Start initial setup".

<nowiki>*</nowiki>IE = Internet Explorer

[[#top|-> Table of Contents (of this manual)]]

==== Enter TrutzBox as a proxy in your browser (Step D)====

[[#top|-> Table of Contents (of this manual)]]

==TrutzBox® Setup (for TrutzBox® Administrator)==

This chapter includes

*Start-up of the TrutzBox®

[[File:20170131 FritzBox immer gleiche IP Adresse ur.PNG|700px|link=]]

*'''~~tart~~ Start up the TrutzBox® at the beginning in proxy mode (see chapter "Using the TrutzBox® -> for users). When you have experience with TrutzBox® , you can gradually connect devices without proxy directly to TrutzBox® (transparent mode).'''

</tr>

Here you can read the license conditions.

If you agree, click on "Lizenzbedingungen akzeptieren" (Accept license terms" ) (1).

[[#top|-> Table of Contents (of this manual)]]

[[File:20151015-Ersteinrichtung-0061.png|700px|link=]]

Since we are currently using Firefox, click on "hier" (here" ) in step 1 of (a)(1)

[[#top|-> Table of Contents (of this manual)]]

[[File:~~20151015-Ersteinrichtung-0071~~3_2_2_SetUp_Einrichtung_060.png|700px|link=]]

In the trust query, set the ~~two~~ upper check ~~marks~~ mark (1~~)+(2~~). Click on "Weiter" (32).

[[#top|-> Table of Contents (of this manual)]]

Continue to "Part III: Completion of the setup".

==== Part IIb: Setup with Non-Firefox ====

Here you can read the license conditions.

If you agree, click on "Lizenzbedingungen akzeptieren" (Accept license terms" ) (1).

[[#top|-> Table of Contents (of this manual)]]

[[File:325 IPv6 Unterstützung deaktivieren 021.png|700px|link=]]

In the FRITZ!box user interface, call up "Internet".

[[#top|-> Table of Contents (of this manual)]]

[[File:SSD EinbauAustauschAnleitung 010.png|700px|link=]]

Loosen the 4 screws (1) and remove the housing cover (2).

[[#top|-> Table of Contents (of this manual)]]

== Use of the TrutzBox® (-> for users)==

The TrutzBox® is delivered by Comidio with security settings suitable for everyday use, so that even inexperienced users can email and surf immediately protected and without a trace.

* '''TrutzMail''': End-to-end email service with encrypted content and encrypted metadata.

* '''TrutzContent''': Maximum protection for children and young people by using filter lists to block inappropriate websites.

* '''TrutzRTC''': Real-time communication with '''TrutzChat''' (Messaging) and '''TrutzMeeting''' (Audio and Video Conferencing Service).* '''TrutzBase''': Use of modern virus protection, firewall and intrusion detection systems.

[[#top|-> Table of Contents (of this manual)]]

==== TrutzBrowse for experts ====

The TrutzBox® offers two different basic functions for this purpose:

'''1. TrutzContent:'''

* An Internet device unnoticedly calls up a web page in the background without a user deliberately initiating it. These can be TVs, washing machines or game consoles (if they are connected to the Internet), or even the standard Internet browser of the user's PC, which in turn contacts Mozilla or Google or the server of a plug-in provider independently, for example.

The TrutzBox® checks if the contact to such a server is allowed and blocks the connection to this server if necessary.

'''2. TrutzBrowse:'''

If the„'''FoxyProxy Standard'''“ add-on is implemented, the user can activate and deactivate the "Trutzbox" proxy and thus the TrutzBrowse function by clicking the Proxy Switcher button (orange fox head) in the browser header.:

* to '''switch on''': by clicking on the symbol "crossed out, orange fox head" the FoxyProxy selection window appears; there click on the green line "'''Use proxy Trutzbox for all URLs (ignore patterns)''''" and the proxy is switched on and the symbol "orange fox head" appears.

* to '''turn off''': by clicking on the symbol "orange fox head" the FoxyProxy selection window appears; click on the red line "'''Turn Off All Proxies'''" and the proxy is switched off and the symbol "crossed out, orange fox head" appears.

The"'''FoxyProxy Standard'''" add-on is installed as follows:

[[File:04 01 03 01 220.png|700px|link=]]

*~~Ganz nach unten scrollen~~ Scroll all the way down (1).

* Click on "Sehen Sie sich weitere Add-ons an!" (2).

* In the symbol line, the symbol "FoxyProxy switched off" (crossed out logo) indicates that the proxy is switched off (1).

* ~~Durch Refresh~~The page is refreshed or called up again, ~~bzw~~e. ~~erneutes Aufrufen, also z~~g.~~B. Klick auf~~ by clicking on (2)~~, wird die Seite neu aufgebaut~~.

[[#top|-> Table of Contents (of this manual)]]

[[File:20151203 Chrome Proxy switch 05-6 V01.png|700px|link=]]

I Enter "switchy" in the search field (5). Click on „+ HINZUFÜGEN“(6).

[[File:TrutzMail Konto in Outlook 020.png|700px|link=]]

Click on "~~New~~Neu" to add a new email account.

[[#top|-> Table of Contents (of this manual)]]

[[File:TrutzMail Konto in Outlook 030.png|700px|link=]]

Click on "E-Mail-Konto" and on: "Weiter".

[[File:TrutzMail Konto in Outlook 040.png|700px|link=]]

Enter the relevant data (email address and password can be obtained from the administrator).

[[File:TrutzMail Konto in Outlook 200.png|700px|link=]]

TrutzMail supports IMAP; please click on "POP or IMAP".

[[File:TrutzMail Konto in Outlook 203.png|700px|link=]]

Enter the data accordingly (1.) and click on "~~Next~~Weiter" (2.).

[[#top|-> Table of Contents (of this manual)]]

* The same certificates and keys are used to encrypt messages and authenticate the TrutzBox of the communication partner as for TrutzMail.

Once created, TrutzMail addresses can also be used directly for ~~chat/~~messaging~~. This does not require any configuration on the TrutzBox~~.

[[File:TrutzRTC 010a.png|700x700px|link=]]

===== ~~preconditions:~~ Preconditions =====

In order to use the TrutzChat service, a '''TrutzMail address''' and an '''XMPP-enabled program'' on the mobile device (PC or mobile) are required. Chat programs that support the XMPP protocol are available for all common operating systems with different features.

The individual selection depends partly on requirements, partly on taste.

Comidio ~~recommends~~ uses the following ~~chat programs for the respective operating system~~clients:

<tr>

<td width="160">Apple ~~Macintosh~~MacOS</td><td width="540">Adium (https://adium.im) oder Swift (https://swift.im)</td>

</tr>

<tr>

<td>Microsoft Windows</td>

<td>PSI (http://psi-im.org) oder Swift (https://swift.im)</td>

</tr>

<tr>

Several TrutzMail addresses can also be configured in one client.

~~Konfiguration des Chat-Programms~~ Configuration of the chat program '''Adium''':

[[File:TrutzRTC 020a.png|700x700px|link=]]

Depending on the functionality of the messaging client, the XMPP server on the TrutzBox supports the following XMPP standard functions:

* Instant-Messaging: Text messages incl. formatting and emoticons

* Create and manage communication groups, group chats (multi-user chat - MUC ), ~~also cross-~~but currently only for communication participants who are logged on to the same TrutzBox.

* Audio/Video Communication: Telephone Calls

* File transfer: Send files to the communication partner(s)

There is no need to open additional ports on the Internet router at home.

[[#top|-> Table of Contents (of this manual)]]

===== Setting up and using chat rooms ======

The TrutzBox is also used by clubs, groups of friends, schools, industrial projects etc. to communicate with each other safely. Such closed user groups can not only hold video conferences and exchange secure e-mails with several users simultaneously, but also communicate together via one (or more) chat rooms. Such chat rooms are also called Multi User Chat (MUC).

<

To do this, it is possible to create a chat room on my own TrutzBox, i.e. the TrutzBox, where I have a TrutzMail address, and then invite any number of participants with their TrutzMail address.

<

For example, to create a new room in the chat program Adium, call the menu „Ablage“ -> „gehe zu Chat..“ auf:

[[File:20180515 XMPP Chat beitreten.png|500x500px|link=]]

The fields have the following meaning:

'''Konto''': select here the TrutzMail account under which the "chat room" is to be createdl

'''Raumname''': define a room name (here myroom) and append the user account (without @comidio.email) behind it in parentheses. The room name must not contain any special characters

'''Server''': do not change anything

'''Handle''': do not change anything

'''Passwort''': an optional access password can be entered here

'''Kontakte einladen''': here you can separate participants by commas and invite them to the room. Participants can also be invited or unloaded separately at a later date

'''Einladungstext''': here you can enter any text that is displayed with the invitation.

Once the room has been created in this way, further contacts (in the contact list with the right mouse button - menu "Invite to chat") can be invited into the room.

<

The chat room is then located on the TrutzBox on which the room was created. Participants from another TrutzBox are automatically notified with the invitation and connect to this room.

==== TrutzMeeting: Audio- and Video-Conference Service ====

== Administrating the TrutzBox® (for TrutzBox® Administrator) == The TrutzBox® is delivered by Comidio with security settings suitable for everyday use, so that even inexperienced users can email and surf immediately protected and without a trace.

Setting up additional e-mail addresses and administration of the TrutzBox ® is performed by the administrator, i.e. the person who also performed the initial setup of the TrutzBox ® during setup.

[[Main Page#Nutzung eines Mail-Client (Bsp. MS Outlook)|-> Nutzung eines Mail-Client (in diesem Handbuch)]]

==== Add new user ====

Here you can change the password for the registered user.

==== Delete user =====

[[File:20150705 Accounts 501 Ben löschen.png|600x600px|link=]]

[[#top|-> Table of Contents (of this manual)]]

=====Manage mail exchange (PGP) =====

With this functionality, TrutzBox owners can '''additionally''' exchange PGP-encrypted e-mails with non-trutzBox owners in addition to TrutzMail (automatic exchange of content and metadata of encrypted e-mails between TrutzBoxes).

*The first section describes the transmission options.

[[#top|-> Table of Contents (of this manual)]]

===== ~~send~~ Send emails =====

If an email is to be ''sent''' via the TrutzBox, the TrutzBox first checks whether the recipient is a TrutzBox …

*'''(Se1)''' if yes, email content and metadata are automatically encrypted by the TrutzBox and sent to the recipient TrutzBox via TrutzMail,

If the TrutzBox knows a public key for a mail recipient whose mail address does not end with @comidio.email, this e-mail is encrypted with it.

====== Receive e-mails ======

If an e-mail is to be ''received''' via the TrutzBox (i.e. the target address ends with @comidio.email), there are three differentiations:

*span style="color: green">''''(Em1)'''' sent by a TrutzBox: fully encrypted (incl. metadata) directly to the receiver TrutzBox (see first case above Se1)

===== Identification of e-mails in the subject line ======='~~"Send~~ ''Sending e-mails'''

All e-mails sent via the TrutzBox are automatically encrypted by the TrutzBox. If the recipient is a TrutzBox (and thus the mail address ends with @comidio.email), then the TrutzBox automatically obtains the required public key of the recipient. If the recipient does not have a TrutzBox (and therefore a normal e-mail address has been addressed), the TrutzBox administrator must first inform the TrutzBox of the public key of the recipient. For security reasons, it is not possible to send an e-mail to a recipient if the recipient's public key is unknown.

'''Receiving emails'''

All encrypted e-mails received by the TrutzBox are automatically decrypted by the TrutzBox and made available for retrieval of an e-mail program. The TrutzBox can also receive e-mails from normal e-mail servers. These can be either encrypted or unencrypted. To show the recipient of the e-mail whether the e-mail was encrypted or unencrypted and whether the TrutzBox was able to check the sender's signature, the TrutzBox adjusts the mail subject field in the e-mail. The TrutzBox places text in square brackets before the mail subject as first the letter

*U - for unsigned (the TrutzBox could not confirm the sender), or

[[#top|-> Table of Contents (of this manual)]]

===== Statistics =====

The two lists show the top 100 most used (and thus blocked!) trackers and the top 100 websites with the highest (and thus blocked!) number of trackers since the last reset. By pressing "Reset" the statistic is set to 0 and starts again.

[[#top|-> Table of Contents (of this manual)]]

=== TrutzMail ===

[[File:TrutzMail 70 Webmail.png|600px|link=]]

Here you can access TrutzMail directly via webmail. For general information on TrutzMail, see chapter "Using the TrutzBox -> Encrypted Mailing - TrutzMail". Users can access TrutzMail directly via <nowiki>https://trutzbox/mail</nowiki>.

[[#top|-> Table of Contents (of this manual)]]

==== ~~remote~~ Remote access ====

[[File:20160114 TB UI 55200.png|600px|link=]]

=== System ===

==== System-Updates ~~und~~ and -Reset ====

Under this menu item

*update-logs can be downloaded,

#Download TrutzBox® certificate from TrutzBox® according to the Wiki manual (6.1.1).

#Import and confirm TrutzBox® certificate from PC into browser according to Wiki manual (6.1.2).

#Download and confirm TrutzBox® certificate upon request by e-mail client.

[[#top|-> Table of Contents (of this manual)]]

==== Switch on/off ====

[[File:20160114 TB UI 56400.png|600px|link=]]

Situations may occur in which shutting down and then restarting the TrutzBox® makes sense.

Click on "Datei speichern" (1).

[[#top|-> Table of Contents (of this manual)]]

[[File:05-07-06-VPN-Client-Win10-050.png|600x600px|link=]]

Click on the (blue) download arrow and then on the file you just downloaded (1).

[[#top|-> Table of Contents (of this manual)]]

[[File:05-07-06-VPN-Client-Win10-060.png|400x400px|link=]]

Click on "Next" (1).

[[#top|-> Table of Contents (of this manual)]]

[[File:05-07-06-VPN-Client-Win10-070.png|400x400px|link=]]

~~== TrutzBox~~Click on "I Agree" (1).<~~sup~~br>~~® Certificates, Connectivity and Network ==~~ ~~=== Certificates ===If you do not disclose the certificate to browsers and the mail system, you will be prompted for security confirmation each time you open it.~~ ~~Therefore it is recommended to download the TrutzBox<sup~~[[#top|->®<~~/sup~~u> ~~certificate from the TrutzBox®~~Table of Contents </~~sup~~u> ~~to your PC and import it into your browser and mail programs.~~(of this manual)]] ~~More background information see TrutzBox Compendium ''TrutzBox® Certificates''' p. 90ff. https~~[[File:~~//comidio~~05-07-06-VPN-Client-Win10-080.~~de/trutzbox-kompendium/~~png|400x400px|link=]]<br~~/><<br/~~>~~It is assumed that the setup has already been completed as described in chapter~~ Click on "~~3.2 TrutzBox Setup~~Next" ~~and that a certificate has already been imported on the setting up PC.~~(1). ~~In the event that certificates~~*should be implemented on the PC, see following table,*is to be implemented on the mobile device,**for Apple iOS devices see chapter 6.1.2.4,**for Google Android devices see chapter 6.1.2.5.[[#top|-> <~~br/~~u>~~The following TrutzBox certificate table helps to import certificates into the respective browser~~ Table of ~~a PC.~~Contents <br/u>~~#Determine in the upper row~~ (~~initial situation~~of this manual) ~~which certificate is already implemented on this PC.~~]] ~~#Specify in the left column which browser to use on this PC.~~ ~~#Then find a brief description in the table and a reference to the detailed description of the recommended procedure~~[[File:05-07-06-VPN-Client-Win10-090.png|400x400px|link=]] ~~<table border width=~~Click on "~~700~~Install">~~<tr><td width="175">'''~~(1). ~~Initial situation ...~~ ~~(to the right)~~ [[#top|-><bru>~~2... I want to do that~~Table of Contents <br/u>(~~down~~of this manual) ~~'''~~]] <~~/td~~br>~~<td width~~[[File:05-07-06-VPN-Client-Win10-100.png|400x400px|link=~~"175">''On this PC or Mac the TrutzBox® certificate is not yet imported in any browser''~~]]<~~/td~~br>~~<td width="175">”On this PC or Mac,~~ The green bar shows the progress of the ~~TrutzBox® certificate is only imported in FireFox ''~~installation.<~~/td~~br><~~td width="175"~~br>~~''On this PC or Mac, the TrutzBox® certificate is only imported in a non~~[[#top|-~~FireFox* browser''</td~~><~~/tr~~u>Table of Contents </~~table~~u>(of this manual)]]<~~table border width="700"~~br><trbr>~~<td width~~[[File:05-07-06-VPN-Client-Win10-110.png|400x400px|link=~~"175">''Certificate should be imported for a browser other than FireFox (in Windows or Mac certificate management)''~~]]<~~/td~~br>~~<td width=~~Click on "~~350~~Next"~~>'''either~~ (~~if you have Firefox~~1) (6.~~1.1)'''~~ *Download the certificate "trutzbox.cer" to your PC with FireFox~~'''or (if you don't have Firefox) '''~~*Copy "trutzbox.cer" certificate to PC or Mac~~'''then (6.1.2.2) '''~~*Open Internet Explorer or Safari*Import certificate from download directory into certificate management<~~/td~~br>[[#top|-> <~~td width="175"~~u>~~(no action, because certificate already imported)~~Table of Contents </tdu>(of this manual)]]<~~/tr~~br><~~/table~~br>~~<table border width~~[[File:05-07-06-VPN-Client-Win10-120.png|400x400px|link=~~"700">~~]]<trbr>~~<td width=~~Click on "~~175~~Finish"~~>''The certificate is to be imported for FireFox~~ (~~in FireFox certificate management~~1)''.<~~/td~~br><~~td width="175"~~br>~~'''See 6.1.2.1'''~~[[#top|-> <bru>~~Use FireFox to import the "trutzbox.cer" certificate from a PC or Mac into FireFox certificate management~~Table of Contents </~~td><td width="175"~~u>(~~no action, since certificate already imported~~of this manual)~~</td>~~]]<~~td width="175"~~br>~~See 6.1.2.1''~~ ~~Use FireFox to import the "trutzbox~~[[File:05-07-06-VPN-Client-Win10-130.~~cer" certificate from a PC or Mac into FireFox certificate management</td>~~png|600x600px|link=]]<~~/tr~~br>~~</table>~~ ~~<nowiki>*</nowiki> Non-FireFox browsers include Internet Explorer, Google Chrome, Safari~~The opened "Readme file" explains that the configuration file must be loaded into the folder "C:\Program Files\OpenVPN\conig.

[[#top|-> Table of Contents (of this manual)]]

~~Structure and use of certificate management systems~~[[File:05-07-06-VPN-Client-Win10-140.png|400x400px|link=]]<br~~/><<br/~~>~~First,~~ Click on the ~~TrutzBox certificate~~ app "OpenVPN" (~~'''trutzbox.cer'''~~1) ~~is downloaded from the TrutzBox to the PC intended for use. Unless set otherwise by the user, the download takes place in the~~ and then on "~~Download~~OpenVPN configurationfile directory" ~~directory of~~ (2) to open the PCconfiguration file folder. ~~In principle there are ''2 certificate management systems'''' on one PC, one in the '''operating system''', here Windows 10 for example, and~~ [[#top|- ~~if Firefox is used - a second one~~ > Table of ~~'''Firefox'''.~~ Contents <br/u>(of this manual)]] <![[File:05-07- ~~*****************************************************************************************~~ 06-VPN-><!Client-Win10- ******************************* 1150. ~~Bildchen Zertifikate ******************************* --><table border width~~png|600x600px|link=~~"700">~~]]<trbr>~~<td>'''A Import certificate~~ Copy the VPN configuration file received from your TrutzBox via TrutzMail (~~trutzbox~~1) ..~~cer) into certificate management system '''~~. <~~/td~~br>[[#top|-> <~~/tr~~u>Table of Contents </~~table~~u>(of this manual)]] [[File:~~Zertifikatsverwaltung11~~05-07-06-VPN-Client-Win10-160.png|~~700px~~600x600px|link=]] ~~<table width="700"><tr><td width="180"> In the Firefox certificate management system, the TrutzBox certificate is imported via the Firefox browser~~.~~</td><td width="50"></td><td width="470"> In~~ .. into the ~~operating system certificate management system, the TrutzBox certificate ''one-time''' is imported directly from the operating system or via any other browser, except the Firefox browser~~opened configuration file folder.<~~/td></tr></table~~br>

[[#top|-> Table of Contents (of this manual)]]

<![[File:05-07- ~~*****************************************************************************************~~ 06-VPN-><!Client-Win10- ******************************* 2170. ~~Bildchen Zertifikate ******************************* -->~~png|400x400px|link=]]<~~!-- ***************************************************************************************** --~~br>~~<table border width=~~Then click on the interface management "~~700~~OpenVPN GUI">~~<tr><td>'''B. Use of the certificate~~ (~~from all browsers~~1)~~'''~~. <~~/td~~br>[[#top|-> <~~/tr~~u>Table of Contents </~~table~~u>(of this manual)]] [[File:~~Zertifikatsverwaltung21~~05-07-06-VPN-Client-Win10-180.png|~~700px~~400x400px|link=]] ~~<table width="700"><tr~~>~~<td width="180"> When using~~ This will display the ~~Firefox browser, it accesses~~ OpenVPN GUI icon in the ~~TrutzBox certificate in its own certificate management during operation~~lower right corner.<~~/td~~br>~~<td width="50"></td><td width="470"> All other browsers access the TrutzBox certificate in the operating system certificate management system during operation~~Double-click on it (1) ...~~</td></tr></table>~~

[[#top|-> Table of Contents (of this manual)]]

<![[File:05-07- ~~*****************************************************************************************~~ 06-VPN-><table border width="700"><tr><td>'''C. Opening or deleting the TrutzBox certificate ''' </td></tr></table> [[File:Zertifikatsverwaltung31~~190.png|~~700px~~600x600px|link=]]~~ ~~ ~~<table width="700"><tr><td width="180"> Accessing or deleting~~ ... establishes the VPN connection to your TrutzBox ~~certificate in Firefox certificate management systems is done via Firefox browser~~.<~~/td><td width="50"></td~~br>~~<td width="470">The TrutzBox certificate can be opened or deleted in~~ Once the ~~operating system certificate management systems ''once only''' via the operating system or any other browser~~connection has been successfully established, ~~except~~ the ~~Firefox browser~~message "CONNECTED.SUCCESS" and...~~</td>~~<~~/tr></tablebr>

[[#top|-> Table of Contents (of this manual)]]

[[File:05-07-06-VPN-Client-Win10-200.png|400x400px|link=~~=== Download certificate from TrutzBox~~]] ... the successful connection establishment is briefly displayed (1). The previously colorless OpenVPN GUI icon changes to blue... [[#top|-> <~~sup~~u>®Table of Contents </~~sup~~u> (of this manual)]] ~~to PC ====~~[[File:~~20150730 Zertifikate 010~~05-07-06-VPN-Client-Win10-210.png|~~500px~~400x400px|link=]] ~~Open the TrutzBox user interface in your browser with "trutzbox"~~. ~~Enter the administrator password (1~~.) . and ~~click on "Login "~~ is displayed in blue during an existing VPN connection (2.1). [[#top|-> Table of Contents (of this manual)]] [[File:~~20150730 Zertifikate 021~~05-07-06-VPN-Client-Win10-220.png|~~400px~~400x400px|link=]] Status information is displayed when the symbol is passed over with the mouse. [[#top|-> Table of Contents (of this manual)]] ~~Click~~ '''Disconnecting the link ...''' [[File:05-07-06-VPN-Client-Win10-230.png|400x400px|link=]] ... by double-clicking on ~~"TrutzBox Filter"~~ the OpnVPN GUI icon (1) ... [[#top|-> Table of Contents (of this manual) ]] [[File:05-07-06-VPN-Client-Win10-240.png|600x600px|link=]] ~~"Configure filter" (2~~...) and ~~right-click~~ Click on ~~the button~~ "~~Download root certificate~~Trennen" (3.1).

[[#top|-> Table of Contents (of this manual)]]

~~[[File:20150730 Zertifikate 031.png|400px|link=]] Start the download of the certificate by clicking on "Save target as". [[File:20150730 Zertifikate 041.png|700px|link=]] The certificate is saved in the download area of the PC (1.).~~

~~ ~~

~~[[File:20150730 Zertifikate 051.png|700px|link=]] ~~

~~Log out by clicking on "Logout“ (1.) ~~

~~ ~~

~~[[#top|-> Table of Contents (of this manual)]]~~

~~ '''In step 1, the certificate was saved to the device.'''~~

~~ ~~

~~==== TrutzBox® Certificate activate in ... ====~~

~~In step 2, the certificate is imported from the PC into the respective browser. < ~~

~~Import the TrutzBox® root certificate into any browser on any PC. With every browser call the TrutzBox® generates a new certificate, which is then accepted by the browser. ~~

~~[[#top|-> Table of Contents (of this manual)]] ~~

~~===== {{anchor|Zertifikat Importieren Mozilla Firefox}} Mozilla Firefox (Microsoft Windows + Apple OS X; Zertifikat in Firefox) =====~~

~~[[File:20150730 Zertifikate 110.png|300px|link=]] ~~

~~Open the browser (in the example Mozilla Firefox) and click on "Extras" (1.).~~

~~ ~~

~~[[File:20150730 Zertifikate 120.png|600px|link=]] ~~

~~Click on „Erweitert“ (2.) -> Zertifikate“ (3.) und „Zertifikate anzeigen“ (4.).~~

~~ ~~

~~[[File:20150730 Zertifikate 130.png|500px|link=]] ~~

~~Click on „Zertifizierungsstellen“ (5.) and on „Importieren …“ (6.).~~

~~ ~~

~~[[#top|-> Table of Contents (of this manual)]]~~

~~ ~~

~~[[File:20150730 Zertifikate 140.png|500px|link=]] ~~

~~Now go to the directory where the certificate was downloaded. In the standard case this is the "Download" directory.~~

~~Click on the certificate (7.) and confirm with "Open“ (8.).~~

~~ ~~

~~[[File:20150730 Zertifikate 150.png|500px|link=]] ~~

~~Mark the two upper boxes (9. + 10.) by clicking and confirm „OK“ (11.).~~

~~ ~~

~~This loads the root certificate into the browser and all certificates generated temporarily by the TrutzBox® are automatically recognized by the browser (without constant single query).~~

~~ This "download-certificate-to-browser" must be done once for each browser (Mozilla Firefox, Google Chrome, Internet Explorer, Safari, Opera) on each connected device (e.g. laptops, PCs).~~

~~ ~~

~~[[#top|-> Table of Contents (of this manual)]]~~

~~ ~~

~~===== {{anchor|Zertifikat Importieren Microsoft Windows}} Internet Explorer / Google Chrome (Microsoft Windows) =====~~

~~The certificate does not have to be imported into the browsers "Internet Explorer" and "Google Chrome": ~~

by importing the TrutzBox® certificate from the download directory to the Windows certificate management, the TrutzBox® certificate is automatically available to Internet Explorer and Google Chrome browsers.

~~This chapter describes how to import the root certificate already downloaded from~~ == TrutzBox® ~~into the Windows certificate management.~~Certificates, Connectivity and Network ==<~~br/~~!-- ====================== Chapter 6 ====================== --><~~br/~~!-- ==================================================== -->~~[[File:Zertifikat aktivieren 030 in Windowsverwaltung 010.png|700px|link~~=== Certificates ===]]If you do not disclose the certificate to browsers and the mail system, you will be prompted for security confirmation each time you open it. * Find out in which directory (usually "Downloads") Therefore it is recommended to download the TrutzBox® certificate ~~"trutzbox.cer" has been downloaded (1).~~* Make a double click on from the ~~file "trutzbox.cer" (2).~~TrutzBox®<br/sup>~~[[File:Zertifikat aktivieren 030 in Windowsverwaltung 020~~to your PC and import it into your browser and mail programs.~~png|300px|link=]]~~ ~~Click on "Öffnen" der Datei.~~ ~~[[#top|->~~ More background information see TrutzBox Compendium ''TrutzBox<usup>~~Table of Contents~~ ®</usup> ~~(of this manual)]]~~Certificates''' p. 90ff. https://comidio.de/trutzbox-kompendium/ ~~[[File:Zertifikat aktivieren 030 in Windowsverwaltung 030.png|300px|link=]]~~< ~~Click on~~ It is assumed that the setup has already been completed as described in chapter "~~Zertifikat installieren~~3.2 TrutzBox Setup"and that a certificate has already been imported on the setting up PC..

~~[[File:Zertifikat aktivieren 030 in Windowsverwaltung 040~~In the event that certificates*should be implemented on the PC, see following table,*is to be implemented on the mobile device,**for Apple iOS devices see chapter 6.1.2.4,**for Google Android devices see chapter 6.1.2.5.~~png|400px|link=]]~~

~~Click on "Weiter"~~The following TrutzBox certificate table helps to import certificates into the respective browser of a PC. [[#~~top|-> Table of Contents~~ Determine in the upper row (initial situation) which certificate is already implemented on this PC.<br/u> ~~(of~~ #Specify in the left column which browser to use on this ~~manual)]]~~PC. ~~[[File:Zertifikat aktivieren 030~~ #Then find a brief description in ~~Windowsverwaltung 050~~the table and a reference to the detailed description of the recommended procedure.~~png|400px|link=]]~~

~~Choose~~ <table border width="~~Alle Zertifikate in folgenden Speicher speichern~~700".><~~br/~~tr><~~br/>[[File:Zertifikat aktivieren 030 in Windowsverwaltung 060.png|400px|link~~td width=]]~~<br/~~"175">~~Click on "Durchsuchen~~ '''1.Initial situation ..".<br~~/>[[#top|-> Table of Contents </u~~> (~~of this manual~~to the right)]] ~~[[File:Zertifikat aktivieren 030 in Windowsverwaltung 070.png|300px|link=]]~~ * Choose the second folder "Vertrauenswürdige Stammzertifizierungsstellen" (1)2.* Click on "OK".~~ [[File:Zertifikat aktivieren 030 in Windowsverwaltung 080.png|400px|link=]] Click on "Weiter"~~.I want to do that<br~~/>[[#top|-> Table of Contents </u~~> (~~of this manual~~down)]]''' ~~[[File:Zertifikat aktivieren 030 in Windowsverwaltung 090.png|400px|link=]]~~<br/td>~~Click on~~ <td width="~~Fertigstellen~~175".~~<br/~~>~~[[File:Zertifikat aktivieren 030~~ ''On this PC or Mac the TrutzBox® certificate is not yet imported in ~~Windowsverwaltung 100.png|300px|link=]]~~any browser''<br/td>~~Click on~~ <td width="OK175".~~ [[#top|-> <u~~>~~Table of Contents (of~~ ”On this ~~manual)]] [[File:Zertifikat aktivieren 030~~ PC or Mac, the TrutzBox® certificate is only imported in ~~Windowsverwaltung 110.png|400px|link=]]~~FireFox ''<br/td>~~Finally, click on~~ <td width="OK175".>''On this PC or Mac, the TrutzBox® certificate is only imported in a non-FireFox* browser''<br/td>~~[[#top|-> Table of Contents~~ </utr> ~~(of this manual)]]~~<br/table>

<table border width="700"><tr><td width="175">''Certificate should be imported for a browser other than FireFox (in Windows or Mac certificate management)''</td><td width="350">'''either (if you have Firefox) (6.1.1)''' *Download the certificate "trutzbox.cer" to your PC with FireFox'''or (if you don't have Firefox) '''*Copy "trutzbox.cer" certificate to PC or Mac'''then (6.1.2.2) '''*Open Internet Explorer or Safari*Import certificate from download directory into certificate management</td><td width="175">(no action, because certificate already imported)</td> </tr></table><table border width="700"><tr><td width= ~~{{anchor|Zertifikat Importieren Apple OS X}} Safari/ Google Chrome~~ "175">''The certificate is to be imported for FireFox (~~Apple OS X; Zertifikat~~ in ~~Schlüsselbund~~FireFox certificate management) ''</td><td width=~~====~~"175">'''See 6.1.2.1''' Use FireFox to import the "trutzbox.cer" certificate from a PC or Mac into FireFox certificate management</td><td width="175">(no action, since certificate already imported)</td>~~Open the~~ <td width="~~Finder~~175" ~~and go~~ >See 6.1.2.1'' Use FireFox to import the "~~Downloads~~trutzbox.cer" ~~directory. There you will find the root~~ certificate ~~downloaded~~ from ~~TrutzBox.~~a PC or Mac into FireFox certificate management</td></tr></table>

~~[[File:Zertifikat aktivieren 040 Macintosh 010a.png|600px|link=]]~~<nowiki>*</nowiki> Non-FireFox browsers include Internet Explorer, Google Chrome, Safari ~~In your "Downloads" directory, double-click on the TrutzBox root certificate "trutzbox.cer". The program for keychain management opens.~~ [[#top|-> Table of Contents (of this manual)]]~~ [[File:Zertifikat aktivieren 040 Macintosh 012a.png|500px|link=]] Click on "Hinzufügen".~~

~~[[File:Zertifikat aktivieren 040 Macintosh 020a~~Structure and use of certificate management systems < First, the TrutzBox certificate ('''trutzbox.~~png|500px|link=]]~~cer''') is downloaded from the TrutzBox to the PC intended for use. Unless set otherwise by the user, the download takes place in the "Download" directory of the PC.

~~The "Keychain~~ In principle there are ''2 certificate management~~" opens~~ systems'''' on one PC, one in the '''operating system''', here Windows 10 for example, and ~~shows the loaded certificate "TrutzBox Root CA". It~~ - if Firefox is ~~marked with~~ used - a ~~red symbol (1), as it is "not yet trustworthy.~~ ~~Click on "TrutzBox Root CA" (2)~~second one of '''Firefox'''.<br/~~>[[#top|-~~> <ubr/>~~Table of Contents~~ <br/u> ~~(of this manual)]]~~<~~br/~~!-- ***************************************************************************************** -->~~[[File:Zertifikat aktivieren 040 Macintosh 031a~~<~~br/~~!-- ***************************************************************************************** -->~~The~~ <table border width="~~TrutzBox Root CA~~700" ><tr><td>'''A Import certificate (1trutzbox.cer) ~~opens and shows the warning in red: "This root~~ into certificate ~~is not trustworthy."Click on "Vertrauen" (2).~~management system ''' </td><br/tr><br/table>~~[[File:Zertifikat aktivieren 040 Macintosh 040a.png|400px|link=]]~~

~~Click on "System Standards" to open a selection menu (2).Click on "Immer vertrauen". [[#top|-> Table of Contents (of this manual)]] ~~[[File:~~Zertifikat aktivieren 040 Macintosh 050a~~Zertifikatsverwaltung11.png|~~400px~~700px|link=]]

~~All applications are based on~~ <table width="700"><tr><td width="~~Immer vertrauen~~180"> In the Firefox certificate management system, the TrutzBox certificate is imported via the Firefox browser.</td><brtd width="50"></td>~~After that you can close~~ <td width="470"> In the ~~window and have to confirm~~ operating system certificate management system, the ~~change with your MAC~~ TrutzBox certificate ''one-time''' is imported directly from the operating system ~~password if necessary. Then you can close~~ or via any other browser, except the ~~keychain~~Firefox browser.</td></tr></table>

[[#top|-> Table of Contents (of this manual)]]

~~ ~~

~~===== iOS Smartphone/Tablet: Browser Safari with Apple iOS =====~~

~~Download certificate using the iPhone as an example.~~

~~Open~~ <table border width="700"><tr><td>'''B. Use of the ~~Smartphone Browser~~ certificate (~~Safari~~from all browsers) ~~and enter in the input field:~~ '''<~~nowiki~~br>~~http://trutzbox~~</~~nowiki~~td>.<br/tr><br/table>~~[[File:Zertifikat aktivieren 050 iPhone iPad 030.png|300px|link=]]~~

~~... click on "Öffnen". ~~[[File:~~Zertifikat aktivieren 050 iPhone iPad 040~~Zertifikatsverwaltung21.png|~~300px~~700px|link=]]

~~Click on~~ <table width="700"><tr><td width="~~Fortfahren~~180"> When using the Firefox browser, it accesses the TrutzBox certificate in its own certificate management during operation.<br/td><brtd width="50"></td>~~[[#top|->~~ <utd width="470">~~Table of Contents~~ All other browsers access the TrutzBox certificate in the operating system certificate management system during operation.</utd> ~~(of this manual)]]~~<br/tr>~~[[File:Zertifikat aktivieren 050 iPhone iPad 051.png|300px|link=]]~~<br/table>~~Click on "Vertrauen".~~

[[#top|-> Table of Contents (of this manual)]]

~~[[File:Zertifikat aktivieren 050 iPhone iPad 070~~<table border width=]]"700"><tr><td>'''C. Opening or deleting the TrutzBox certificate ''' </td></tr></table>

~~Enter TrutzBox Administrator password ... ~~[[File:~~Zertifikat aktivieren 050 iPhone iPad 080~~Zertifikatsverwaltung31.png|~~300px~~700px|link=]]

~~and click on~~ <table width="~~Anmelden~~700"><tr><td width="180"> Accessing or deleting the TrutzBox certificate in Firefox certificate management systems is done via Firefox browser.<br/td><brtd width="50"></td>~~[[#top|-~~<td width="470"> The TrutzBox certificate can be opened or deleted in the operating system certificate management systems ''once only''' via the operating system or any other browser, except the Firefox browser.<u/td>~~Table of Contents~~ </utr> ~~(of this manual)]]~~<br/table> ~~[[File:Zertifikat aktivieren 050 iPhone iPad 090.png|300px|link=]]~~

[[#top|-> Table of Contents (of this manual)]] ==== Download certificate from TrutzBox® to PC ====[[File:20150730 Zertifikate 010.png|500px|link=]] Open the TrutzBox user interface in your browser with "trutzbox". Enter the administrator password (1.) and click on "Login " (2.). [[File:20150730 Zertifikate 021.png|400px|link=]] Click on "TrutzBox Filter" (1.) -> "Configure filter" (2.) and right-click on the ~~menu selection .~~button "Download root certificate" (3.).

~~[[File:Zertifikat aktivieren 050 iPhone iPad 100.png|300px|link=]]~~

~~ ~~

~~... and click on 3. menu item (= TrutzBox Filter). ~~

~~ [[#top|-> Table of Contents (of this manual)]] ~~

~~[[File:Zertifikat aktivieren 050 iPhone iPad 110.png|300px|link=]]~~

~~ ~~

~~Click on "Filter-Konfigurieren".~~

~~ ~~

[[#top|-> Table of Contents (of this manual)]]

~~ ~~

~~[[File:Zertifikat aktivieren 050 iPhone iPad 120.png|300px|link=]]~~

~~ ~~

~~Click on "Download Root Certificate". ~~

~~ [[#top|-> Table of Contents (of this manual)]] ~~

~~[[File:Zertifikat aktivieren 050 iPhone iPad 130.png|300px|link=]]~~

~~ ~~

~~Click on "Installieren".~~

~~[[#top|-> Table of Contents (of this manual)]] ~~[[File:~~Zertifikat aktivieren 050 iPhone iPad 140~~20150730 Zertifikate 031.png|~~300px~~400px|link=]] ~~If asked, enter personal code.~~ Start the download of the certificate by clicking on "Save target as". ~~[[#top|-> Table of Contents (of this manual)]]~~ [[File:~~Zertifikat aktivieren 050 iPhone iPad 150~~20150730 Zertifikate 041.png|~~300px~~700px|link=]] ~~Click on "Installieren"~~The certificate is saved in the download area of the PC (1.).

[[File:~~Zertifikat aktivieren 050 iPhone iPad 160~~20150730 Zertifikate 051.png|~~300px~~700px|link=]] Log out by clicking on "Logout“ (1.)

~~Click on "Installieren". ~~[[#top|-> Table of Contents (of this manual)]] ~~[[File:Zertifikat aktivieren 050 iPhone iPad 170.png|300px|link=]]~~ ~~Click on "Fertig"~~'''In step 1, the certificate was saved to the device.'''

~~[[File:Zertifikat aktivieren 050 iPhone iPad 180.png|300px|link=]]~~

~~ ~~

~~If necessary, click "User Logout" to log out. ~~

~~ [[#top|-> Table of Contents (of this manual)]] ~~

~~ ~~

~~'''If the certificate is not accepted, please check whether the "TrutzBox Root CA" is switched on.'''~~

~~ ~~

~~[[File:6 1 2 4 Zertifikat importieren 200.PNG|300px|link=]]~~

~~ ~~

~~If necessary, switch on the "TrutzBox Root CA" via: ~~

~~"Einstellungen" -> "Allgemein" -> "Info" -> "Zertifikatsvertrauenseinstellungen" ~~

~~ [[#top|-> Table of Contents (of this manual)]] ~~

==== TrutzBox® Certificate activate in ... ==== ~~Android Smartphone~~ In step 2, the certificate is imported from the PC into the respective browser. < Import the TrutzBox® root certificate into any browser on any PC. With every browser call the TrutzBox®</~~Tablet: Standard Browser unter Google Android~~ sup> generates a new certificate, which is then accepted by the browser. [[#top|-> Table of Contents (of this manual)]] ===== {{anchor|Zertifikat Importieren Mozilla Firefox}} Mozilla Firefox (Microsoft Windows + Apple OS X; Zertifikat in Firefox) =====

~~Load certificate~~ [[File:20150730 Zertifikate 110.png|300px|link=]] Open the browser (in ~~Android browser; depending~~ the example Mozilla Firefox) and click on "Extras" (1.). [[File:20150730 Zertifikate 120.png|600px|link=]] Click on ~~the Android device the screens may differ slightly~~„Erweitert“ (2.) -> Zertifikate“ (3.) und „Zertifikate anzeigen“ (4.).

~~Download the certificate to your PC (https~~[[File:~~//comidio~~20150730 Zertifikate 130.depng|500px|link=]]<br/~~wiki/index~~>Click on „Zertifizierungsstellen“ (5.~~php/TrutzBox_Handbuch#Zertifikat_von_TrutzBox.C2~~) and on „Importieren …“ (6.~~AE_auf_PC_herunterladen~~) ~~und kopieren oder mailen Sie es vom PC auf das Android-Gerät~~.

~~In the Android device change to "Einstellungen" and select "Sicherheit" ...~~[[#top|-> Table of Contents (of this manual)]]

[[File:~~Zertifikat aktivieren 080 Smartphone Android 090~~20150730 Zertifikate 140.png|~~300px~~500px|link=]] Now go to the directory where the certificate was downloaded.In the standard case this is the "Download" directory.Click on the certificate (7. ~~scroll down~~ ) and confirm with "Open“ (8..).

[[File:~~Zertifikat aktivieren 080 Smartphone Android 100~~20150730 Zertifikate 150.png|~~300px~~500px|link=]] Mark the two upper boxes (9. + 10.) by clicking and confirm „OK“ (11.).

~~... select „von Speicher installieren“.~~This loads the root certificate into the browser and all certificates generated temporarily by the TrutzBox<~~br/~~sup>~~ [[#top|-> Table of Contents~~ ®</usup> are automatically recognized by the browser (~~of this manual~~without constant single query)]]~~ [[File:Zertifikat aktivieren 080 Smartphone Android 121~~.~~png|300px|link=]]~~ ~~Assign the name~~ This "~~TrutzBox~~download-certificate-to-browser" must be done once for ~~the certificate~~each browser (Mozilla Firefox, Google Chrome, Internet Explorer, Safari, Opera) on each connected device (e.g. laptops, ~~and finally select "OK”~~PCs).

[[#top|-> Table of Contents (of this manual)]]

===== {{anchor|Zertifikat Importieren Microsoft ~~Windows10~~Windows}} Internet Explorer / Google Chrome (Microsoft Windows ~~10 Zertifikatsverwaltung~~ ) ===== The certificate does not have to be imported into the browsers "Internet Explorer" and "Google Chrome": by importing the TrutzBox® certificate from the download directory to the Windows certificate management, the TrutzBox® certificate is automatically available to Internet Explorer and Google Chrome browsers.

In This chapter describes how to import the root certificate already downloaded from TrutzBox ~~user interface in the navigation menu go to:~~ ~~TrutzBox Filter -~~ ~~Filter-Konfigurieren~~®<br/sup>~~There click on "Root Zertifikat herunterladen"~~into the Windows certificate management.

[[File:~~060~~ Zertifikat ~~importieren~~ aktivieren 030 in Windowsverwaltung 010.png|700px|link=]]

~~Click~~ * Find out in which directory (usually "Downloads") the TrutzBox® certificate "trutzbox.cer" has been downloaded (1).* Make a double click on the file "~~Öffnen~~trutzbox.cer"(2).

~~[[#top|-> Table of Contents (of this manual)]] ~~[[File:~~060~~ Zertifikat ~~importieren~~ aktivieren 030 in Windowsverwaltung 020.png|~~400px~~300px|link=]]

Click on "Öffnen" der Datei. [[#top|-> Table of Contents (of this manual)]] [[File:Zertifikat ~~installieren ..."~~aktivieren 030 in Windowsverwaltung 030.png|300px|link=]]

~~[[#top|-> Table of Contents (of this manual)]]~~Click on "Zertifikat installieren".

[[File:~~060~~ Zertifikat ~~importieren~~ aktivieren 030in Windowsverwaltung 040.png|~~600px~~400px|link=]]

~~Select „Alle Zertifikate in folgendem Speicher speichern“ and click~~ Click on ~~„Durchsuchen~~ "Weiter". [[#top|-> Table of Contents (of this manual)]] [[File:Zertifikat aktivieren 030 in Windowsverwaltung 050.~~.".~~png|400px|link=]]

~~[[#top|-> Table of Contents (of this manual)]]~~Choose "Alle Zertifikate in folgenden Speicher speichern".

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 060 .png|400px|link=]] Click on "Durchsuchen ...". [[#top|-> Table of Contents (of this manual)]] [[File:Zertifikat ~~importieren 040~~aktivieren 030 in Windowsverwaltung 070.png|~~400px~~300px|link=]]

~~Select~~ * Choose the second folder "Vertrauenswürdige ~~Stammzertifizierungsstellen“ and click~~ Stammzertifizierungsstellen" (1).* Click on ~~„OK“~~"OK".

~~[[#top|-> Table of Contents (of this manual)]] ~~[[File:~~060~~ Zertifikat ~~importieren 050~~aktivieren 030 in Windowsverwaltung 080.png|~~700px~~400px|link=]]

Click on "Weiter".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 090.png|400px|link=]]

~~[[#top|-> Table of Contents (of this manual)]] [[File:060 Zertifikat importieren 060~~Click on "Fertigstellen".~~png|700px|link=]]~~

~~Click on "Fertig stellen". [[#top|-> Table of Contents (of this manual)]] [[File:060 Zertifikat importieren 070.png|600px|link=]] Click on "Ja". [[#top|-> Table of Contents (of this manual)]] ~~[[File:~~060~~ Zertifikat ~~importieren 080~~aktivieren 030 in Windowsverwaltung 100.png|~~400px~~300px|link=]]

Click on "OK".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 030 in Windowsverwaltung 110.png|400px|link=]]

Finally, click on "OK". [[#top|-> Table of Contents (of this manual)]]~~ ~~

==== ~~Import~~ = {{anchor|Zertifikat Importieren Apple OS X}} Safari/ Google Chrome (Apple OS X; Zertifikat in Schlüsselbund) ===== Open the "Finder" and go to the "Downloads" directory. There you will find the root certificate downloaded from ~~PC into mail system (e~~TrutzBox.~~g. Microsoft Outlook under Windows)~~ [[File:Zertifikat aktivieren 040 Macintosh 010a.png|600px|link=]] ~~====If an~~ In your "~~Internet Security Warning~~Downloads" ~~is displayed~~directory, ~~install~~ double-click on the TrutzBoxroot certificate "trutzbox.cer". The program for keychain management opens. [[#top|-> <~~sup~~u>®Table of Contents </~~sup~~u> ~~certificate~~(of this manual)]] [[File:Zertifikat aktivieren 040 Macintosh 012a.png|500px|link=]] Click on "Hinzufügen".

[[File:~~20150730 Zertifikate 210~~Zertifikat aktivieren 040 Macintosh 020a.png|500px|link=]] The "Keychain management" opens and shows the loaded certificate "TrutzBox Root CA". It is marked with a red symbol (1), as it is "not yet trustworthy. Click on "~~Zertifikat anzeigen~~TrutzBox Root CA"(2). [[#top|-> Table of Contents (of this manual)]] [[File:~~20150730 Zertifikate 220~~Zertifikat aktivieren 040 Macintosh 031a.png|400px|link=]] ~~Click on~~ The "~~Zertifikat installieren ...~~TrutzBox Root CA" certificate (1) opens and shows the warning in red: "This root certificate is not trustworthy.~~) und bestätigen Sie~~ "Click on "Vertrauen" (2.).

[[File:Zertifikat aktivieren 040 Macintosh 040a.png|400px|link=]]

Click on "System Standards" to open a selection menu (2).

Click on "Immer vertrauen".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 040 Macintosh 050a.png|400px|link=]]

All applications are based on "Immer vertrauen".

After that you can close the window and have to confirm the change with your MAC system password if necessary. Then you can close the keychain.

[[#top|-> Table of Contents (of this manual)]]

===== iOS Smartphone/Tablet: Browser Safari with Apple iOS =====

Download certificate using the iPhone as an example.

~~[[File~~Open the Smartphone Browser (Safari) and enter in the input field:~~20150730 Zertifikate 230.png|500px|link=]]~~<brnowiki>http://trutzbox</nowiki>~~Click on "Weiter"~~.

[[File:~~20150730 Zertifikate 240~~Zertifikat aktivieren 050 iPhone iPad 030.png|~~500px~~300px|link=]] ~~Belassen Sie die Markierung auf "Zertifikatspeicher automatisch auswählen" (1~~.~~) und Click~~ .. click on "~~Weiter~~Öffnen" ~~(2.)~~.

~~[[#top|-> Table of Contents (of this manual)]] ~~[[File:~~20150730 Zertifikate 250~~Zertifikat aktivieren 050 iPhone iPad 040.png|~~500px~~300px|link=]] Click on "~~Fertig stellen~~Fortfahren". [[~~File:20150730 Zertifikate 260.png~~#top|~~500px|link=]]~~-> <~~br/~~u>~~To answer the question, click on "Ja".~~Table of Contents <br/u>(of this manual)]] [[File:~~20150730 Zertifikate 270~~Zertifikat aktivieren 050 iPhone iPad 051.png|300px|link=]] Click on "OKVertrauen" ~~to end the successful import~~.

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 050 iPhone iPad 070.png|300px|link=]]

Enter TrutzBox Administrator password ...

[[File:Zertifikat aktivieren 050 iPhone iPad 080.png|300px|link=~~=== Creating profiles in FireFox ====~~If you want to surf protected from the same PC (e.g. a laptop) both at home (via your own TrutzBox) and on the move (via another TrutzBox), you need to have imported the certificate valid for the respective TrutzBox in your browser. ~~In this case FireFox offers the possibility to create and use different profiles, which can also use different certificates for each profile. The following shows how to create another profile in addition to the standard profile. ~~]]

and click on "Anmelden".

[[#top|-> Table of Contents (of this manual)]]

[[File:~~20160525 FireFox Profil einrichten V01~~Zertifikat aktivieren 050 iPhone iPad 090.png|~~900px~~300px|link=]] Click on the menu selection ... [[File:Zertifikat aktivieren 050 iPhone iPad 100.png|300px|link=]]

... and click on 3. menu item (= TrutzBox Filter). [[# ~~Click on Windows Start~~top|-~~Button~~> Table of Contents (of this manual)]] ~~# Right click on FifreFox Logo~~[[File:Zertifikat aktivieren 050 iPhone iPad 110.png|300px|link=]] # Click on "~~Eigenschaften~~Filter-Konfigurieren".~~# Click into the line "Ziel"~~ ~~Press~~ [[#top|-> <~~ctrl~~u> ~~a to highlight the entire destination address~~Table of Contents (of this manual)]]~~Press #~~<~~ctrl~~br> ~~c to copy the destination address#Re-click Windows Start button~~[[File:Zertifikat aktivieren 050 iPhone iPad 120.png|300px|link=]] # Click on "~~Eingabeaufforderung~~Download Root Certificate". [[# ~~Right click in the middle~~ top|-> Table of Contents (of ~~the prompt window~~this manual)]] [[File:Zertifikat aktivieren 050 iPhone iPad 130.png|300px|link=]] # Click on "~~Einfügen~~Installieren". [[# ~~Position the cursor to the right~~ top|-> Table of ~~the quotation mark and enter~~ Contents <~~space~~/u> ~~and "-p~~(of this manual)]]~~# Press return key~~ ~~# Click on "Create Profile"~~[[File:Zertifikat aktivieren 050 iPhone iPad 140.png|300px|link=]]~~# Click on "Next~~ "~~# Enter new profile name~~If asked, enter personal code. [[# ~~Click on "Finish"~~top|-> Table of Contents (of this manual)]] ~~# The first time FireFox is started, the profile to be used is selected. (Each profile can use a different certificate~~[[File:Zertifikat aktivieren 050 iPhone iPad 150.)png|300px|link=]]

~~Here you can download the manual: https://comidio~~Click on "Installieren".~~de/wiki/images/9/97/20160525_FireFox_Profil_einrichten_V01.png~~

[[File:Zertifikat aktivieren 050 iPhone iPad 160.png|300px|link=]]

Click on "Installieren".

[[#top|-> Table of Contents (of this manual)]]

[[File:Zertifikat aktivieren 050 iPhone iPad 170.png|300px|link=]]

Click on "Fertig".

[[File:Zertifikat aktivieren 050 iPhone iPad 180.png|300px|link=]]

If necessary, click "User Logout" to log out.

[[#top|-> Table of Contents (of this manual)]]

'''If the certificate is not accepted, please check whether the "TrutzBox Root CA" is switched on.'''

[[File:6 1 2 4 Zertifikat importieren 200.PNG|300px|link=]]

If necessary, switch on the "TrutzBox Root CA" via:

"Einstellungen" -> "Allgemein" -> "Info" -> "Zertifikatsvertrauenseinstellungen"

[[#top|-> Table of Contents (of this manual)]]

=== ~~Connect device with TrutzBox®<~~== Android Smartphone/~~sup>~~ Tablet: Standard Browser unter Google Android ==== ~~Assumption: the TrutzBox® was connected to the Internet router via network cable (red connection in the following figure).~~ ~~[[File:20150810 Netzwerk Alternativen mit USB WLAN Adapter.png|700px|link~~=]] ~~There are basically two ways to connect devices to the TrutzBox®:#PC 1 is connected to the Internet router via WLAN or network cable (dashed yellow).# PC 2 is connected to the TrutzBox® via WLAN or network cable (green dashed).~~

~~<table border=1 width="700">~~Load certificate in Android browser; depending on the Android device the screens may differ slightly.<trbr/>~~<td width="80">''' case 1:'''~~<br/td>~~<td width="620">In order for Internet traffic~~ Download the certificate to your PC (~~surfing~~https://comidio.de/wiki/index.php/TrutzBox_Handbuch#Zertifikat_von_TrutzBox.C2.AE_auf_PC_herunterladen) ~~via the TrutzBox~~und kopieren oder mailen Sie es vom PC auf das Android-Gerät.<~~sup~~br/>®<br/~~sup~~>, In the ~~TrutzBox® must be entered as proxy (= deputy, quasi~~ Android device change to "Einstellungen" and select "~~doorman~~Sicherheit"~~) in the respective browser of the PC~~.~~The entry must be made separately for each browser~~.. ~~This mode is called '''"Proxy mode"'''.~~<br/td>[[File:Zertifikat aktivieren 080 Smartphone Android 090.png|300px|link=]]<br/tr>~~<tr>~~... scroll down and ...<tdbr/>~~''' case 2:'''~~<br/td>~~<td> All Internet traffic (surfing) automatically passes through the TrutzBox®~~[[File:Zertifikat aktivieren 080 Smartphone Android 100.~~This mode is called~~ png|300px|link=]]<br~~>'''"Transparent mode'''".<~~/td>~~</tr>~~... select „von Speicher installieren“.<br/~~table~~> ~~In both cases, TrutzBox~~[[#top|-> <~~sup~~u>®Table of Contents </~~sup~~u> ~~controls both incoming and outgoing Internet communication.~~(of this manual)]]~~'''The aim is to connect as many or all devices as possible in the home network directly via the TrutzBox~~<~~sup~~br>®<br/~~sup~~> (i[[File:Zertifikat aktivieren 080 Smartphone Android 121.~~e. in "transparent mode").''' ~~png|300px|link=]]~~It is advisable to reach this state step by step.~~ ~~Therefore you should start~~ Assign the name "~~small~~TrutzBox" at for the ~~beginning~~ certificate, and ~~gain experience in "proxy mode~~finally select "OK”. ~~You can also surf in a browser (e.g. Firefox) in proxy mode while surfing in a second browser (e.g. Chrome) without protection.For example, you can track the influence the security slider has on unprotected access in various positions (e.g. effects on advertising offers shown).~~ ~~Once you have gained sufficient experience in proxy mode, you can gradually connect devices in transparent mode by connecting the devices directly to the TrutzBox® via WLAN (or network cable). ~~ ~~'''To change from transparent mode to proxy mode or vice versa, proceed as follows: '''~~*Shut down PC or device*If previously connected to TrutzBox, now connect to the Internet router or vice versa*Switch on/restart the device (now the device automatically receives an IP address valid in this network area)

[[#top|-> Table of Contents (of this manual)]]

===== {{anchor|Zertifikat Importieren Microsoft Windows10}} Microsoft Windows 10 Zertifikatsverwaltung =====

~~==== Set up~~ In the TrutzBox user interface in the navigation menu go to: TrutzBox~~<sup~~Filter ->® Filter-Konfigurieren<br/~~sup~~> ~~as proxy (proxy mode) in... ====Comidio offers a so-called~~ There click on "~~proxy configuration URL~~Root Zertifikat herunterladen" ~~so that the user does not have to make name and port settings every time~~. ~~This is:~~ <~~nowiki~~br/>~~"http~~[[File:~~//trutzbox/api/proxy/pac"</nowiki>~~060 Zertifikat importieren 010.png|700px|link=]]

The following sections describe how to configure the proxy configuration URL in your browser. Once entered, the browser "remembers" it and the browser then accesses the Internet in a controlled manner through the TrutzBox. You can later simply switch on and off the TrutzBox by clicking Click on~~"No proxy" andAutomatic proxy configuration URL" or~~ "~~Use script for automatic configuration~~Öffnen"<.~~br>~~

[[#top|-> Table of Contents (of this manual)]] [[File:060 Zertifikat importieren 020.png|400px|link=~~==== Windows PC: Browser Mozilla Firefox~~ ]] Click on ~~Microsoft Windows 7 =====~~"Zertifikat installieren ...".

~~Open the browser.~~[[#top|-> Table of Contents (of this manual)]]

[[File:~~Proxy einrichten 010 Firefox auf PC 010~~060 Zertifikat importieren 030.png|~~500px~~600px|link=]]

~~Click~~ Select „Alle Zertifikate in folgendem Speicher speichern“ and click on „Durchsuchen ..."~~Extras" and "Einstellungen". [[File:Proxy einrichten 010 Firefox auf PC 020~~.~~png|700px|link=]]~~

~~Click on "Erweitert".~~

~~ ~~

[[#top|-> Table of Contents (of this manual)]]

[[File:~~Proxy einrichten 010 Firefox auf PC 030~~060 Zertifikat importieren 040.png|~~700px~~400px|link=]]

~~Click on "Netzwerk~~Select " Vertrauenswürdige Stammzertifizierungsstellen“ and ~~"Einstellungen". [[File:Proxy einrichten 010 Firefox auf PC 040~~click on „OK“.~~png|700px|link=]]~~

~~Click on "Automatische Proxy~~[[#top|-~~Konfigurations-URL", enter~~ > <~~nowiki~~u>~~"http://trutzbox/api/proxy/pac"~~Table of Contents </~~nowiki~~u> ~~and confirm with OK".~~(of this manual)]]

~~Now the TrutzBox® is configured as proxy and protects between Internet router and PC. [[#top|-> Table of Contents (of this manual)]] ===== Windows PC: Browser Google Chrome on Microsoft Windows 7 =====~~[[File:~~Proxy einrichten 020 Chrome auf PC 010~~060 Zertifikat importieren 050.png|700px|link=]]

~~Select (1) and click~~ Click on "~~Einstellungen~~Weiter" ~~(2) in the Chrome browser called up~~..~~ [[File:Proxy einrichten 020 Chrome auf PC 020.png|700px|link=]]~~

~~Scroll to the very bottom.~~

~~ ~~

[[#top|-> Table of Contents (of this manual)]]

[[File:~~Proxy einrichten 020 Chrome auf PC 030~~060 Zertifikat importieren 060.png|700px|link=]]

Click on "~~Erweiterte Einstellungen anzeigen~~Fertig stellen". [[#top|-> Table of Contents (of this manual)]] [[File:060 Zertifikat importieren 070.png|600px|link=]] Click on "Ja". [[#top|-> Table of Contents (of this manual)]]

[[File:060 Zertifikat importieren 080.png|400px|link=]] Click on "OK". [[#top|-> Table of Contents (of this manual)]] ==== Import certificate from PC into mail system (e.g. Microsoft Outlook under Windows) ====If an "Internet Security Warning" is displayed, install the TrutzBox® certificate. [[File:20150730 Zertifikate 210.png|500px|link=]] Click on "Zertifikat anzeigen". [[File:20150730 Zertifikate 220.png|400px|link=]] Click on "Zertifikat installieren ..." (1.) und bestätigen Sie (2.). [[#top|-> Table of Contents (of this manual)]] [[File:20150730 Zertifikate 230.png|500px|link=]] Click on "Weiter". [[File:20150730 Zertifikate 240.png|500px|link=]] Belassen Sie die Markierung auf "Zertifikatspeicher automatisch auswählen" (1.) und Click on "Weiter" (2.). [[#top|-> Table of Contents (of this manual)]] [[File:20150730 Zertifikate 250.png|500px|link=]] Click on "Fertig stellen". [[File:20150730 Zertifikate 260.png|500px|link=]] To answer the question, click on "Ja". [[File:20150730 Zertifikate 270.png|300px|link=]] Click on "OK" to end the successful import. [[#top|-> Table of Contents (of this manual)]] ==== Creating profiles in FireFox ====If you want to surf protected from the same PC (e.g. a laptop) both at home (via your own TrutzBox) and on the move (via another TrutzBox), you need to have imported the certificate valid for the respective TrutzBox in your browser. In this case FireFox offers the possibility to create and use different profiles, which can also use different certificates for each profile. The following shows how to create another profile in addition to the standard profile. [[File:20160525 FireFox Profil einrichten V01.png|900px|link=]] # Click on Windows Start-Button# Right click on FifreFox Logo# Click on "Eigenschaften"# Click into the line "Ziel"Press #<ctrl> a to highlight the entire destination addressPress #<ctrl> c to copy the destination address#Re-click Windows Start button# Click on "Eingabeaufforderung"# Right click in the middle of the prompt window# Click on "Einfügen"# Position the cursor to the right of the quotation mark and enter <space> and "-p# Press return key# Click on "Create Profile"# Click on "Next >"# Enter new profile name# Click on "Finish"# The first time FireFox is started, the profile to be used is selected. (Each profile can use a different certificate.) Here you can download the manual: https://comidio.de/wiki/images/9/97/20160525_FireFox_Profil_einrichten_V01.png === Connect device with TrutzBox® === Assumption: the TrutzBox® was connected to the Internet router via network cable (red connection in the following figure). [[File:20150810 Netzwerk Alternativen mit USB WLAN Adapter.png|700px|link=]] There are basically two ways to connect devices to the TrutzBox®:#PC 1 is connected to the Internet router via WLAN or network cable (dashed yellow).# PC 2 is connected to the TrutzBox® via WLAN or network cable (green dashed). <table border=1 width="700"><tr><td width="80">''' case 1:'''</td><td width="620">In order for Internet traffic (surfing) via the TrutzBox®, the TrutzBox® must be entered as proxy (= deputy, quasi "doorman") in the respective browser of the PC.The entry must be made separately for each browser. This mode is called '''"Proxy mode"'''.</td></tr><tr><td>''' case 2:'''</td><td> All Internet traffic (surfing) automatically passes through the TrutzBox®.This mode is called '''"Transparent mode'''".</td></tr></table> In both cases, TrutzBox® controls both incoming and outgoing Internet communication. '''The aim is to connect as many or all devices as possible in the home network directly via the TrutzBox® (i.e. in "transparent mode").''' It is advisable to reach this state step by step. Therefore you should start "small" at the beginning and gain experience in "proxy mode". You can also surf in a browser (e.g. Firefox) in proxy mode while surfing in a second browser (e.g. Chrome) without protection.For example, you can track the influence the security slider has on unprotected access in various positions (e.g. effects on advertising offers shown). Once you have gained sufficient experience in proxy mode, you can gradually connect devices in transparent mode by connecting the devices directly to the TrutzBox® via WLAN (or network cable). '''To change from transparent mode to proxy mode or vice versa, proceed as follows: '''*Shut down PC or device*If previously connected to TrutzBox, now connect to the Internet router or vice versa*Switch on/restart the device (now the device automatically receives an IP address valid in this network area) [[#top|-> Table of Contents (of this manual)]] ==== Set up TrutzBox® as proxy (proxy mode) in... ====Comidio offers a so-called "proxy configuration URL" so that the user does not have to make name and port settings every time. This is: <nowiki>"http://trutzbox/api/proxy/pac"</nowiki> The following sections describe how to configure the proxy configuration URL in your browser. Once entered, the browser "remembers" it and the browser then accesses the Internet in a controlled manner through the TrutzBox. You can later simply switch on and off the TrutzBox by clicking on"No proxy" andAutomatic proxy configuration URL" or "Use script for automatic configuration"<.br> ===== Windows PC: Browser Mozilla Firefox on Microsoft Windows 7 ===== Open the browser. [[File:Proxy einrichten 010 Firefox auf PC 010.png|500px|link=]] Click on "Extras" and "Einstellungen". [[File:Proxy einrichten 010 Firefox auf PC 020.png|700px|link=]] Click on "Erweitert". [[#top|-> Table of Contents (of this manual)]] [[File:Proxy einrichten 010 Firefox auf PC 030.png|700px|link=]] Click on "Netzwerk" and "Einstellungen". [[File:Proxy einrichten 010 Firefox auf PC 040.png|700px|link=]] Click on "Automatische Proxy-Konfigurations-URL", enter <nowiki>"http://trutzbox/api/proxy/pac"</nowiki> and confirm with OK". Now the TrutzBox® is configured as proxy and protects between Internet router and PC. [[#top|-> Table of Contents (of this manual)]] ===== Windows PC: Browser Google Chrome on Microsoft Windows 7 =====[[File:Proxy einrichten 020 Chrome auf PC 010.png|700px|link=]] Select (1) and click on "Einstellungen" (2) in the Chrome browser called up.. [[File:Proxy einrichten 020 Chrome auf PC 020.png|700px|link=]] Scroll to the very bottom. [[#top|-> Table of Contents (of this manual)]] [[File:Proxy einrichten 020 Chrome auf PC 030.png|700px|link=]] Click on "Erweiterte Einstellungen anzeigen". [[File:Proxy einrichten 020 Chrome auf PC 040.png|700px|link=]]

Scroll down until "Network" appears.

Click on "Proxy-Einstellungen ändern". [[#top|-> Table of Contents (of this manual)]] [[File:Proxy einrichten 020 Chrome auf PC 050.png|700px|link=]] Click on "LAN-Einstellungen". [[File:Proxy einrichten 020 Chrome auf PC 061.png|700px|link=]] Check "Skript für automatische Konfiguration verwenden" and enter the address "<nowiki>http://trutzbox/api/proxy/pac</nowiki>". Click "OK" to confirm. [[#top|-> Table of Contents (of this manual)]] [[File:Proxy einrichten 020 Chrome auf PC 070.png|700px|link=]] Confirm "OK". [[File:Proxy einrichten 020 Chrome auf PC 080.png|700px|link=]] Open a new tab for testing. [[#top|-> Table of Contents (of this manual)]] [[File:Proxy einrichten 020 Chrome auf PC 090.png|700px|link=]] For example, open "Google“. [[File:Proxy einrichten 020 Chrome auf PC 100.png|700px|link=]] The TrutzBurg appears in the upper right corner.This shows that the TrutzBox is active. [[#top|-> Table of Contents (of this manual)]] ===== (Windows PC: Browser Internet Explorer on Microsoft Windows 7) ===== ===== Apple Mac: Browser Safari on Apple iOS =====[[File:Proxy einrichten 050 Safari auf Mac 010.png|700px|link=]] * Under iOS, click on -> Systemeinstellungen –> Netzwerk and -> WLAN.* Click on "Proxies" (1) and activate there under Protocol to be configured: "Autom. Proxy-Konfiguration" (2).* Enter "<nowiki>http://trutzbox/api/proxy/pac</nowiki>" (3) in the URL field on the right.* Check or tick the box for"Passiven FTP-Modus (PASV) verwenden" (4).* Confirm by clicking on"OK" (5). [[#top|-> Table of Contents (of this manual)]] ===== Apple Mac: Browser Firefox on Apple iOS ========== iOS Smartphone/Tablet: Browser Safari on Apple iOS ===== [[File:Proxy einrichten 100 iOS Smartphone Tablet 010.png|300px|link=]] Click on "Einstellungen". [[File:Proxy einrichten 100 iOS Smartphone Tablet 020.png|300px|link=]] Click on "WLAN". [[#top|-> Table of Contents (of this manual)]] [[File:Proxy einrichten 100 iOS Smartphone Tablet 030.png|300px|link=]] Click on "i" of the WLAN connection of the active Internet router. [[File:Proxy einrichten 100 iOS Smartphone Tablet 040.png|300px|link=]] Scroll down and click on "Auto" in the "HTTP-PROXY" area. [[#top|-> Table of Contents (of this manual)]] [[File:Proxy einrichten 100 iOS Smartphone Tablet 050.png|300px|link=]] Enter the address"<nowiki>http://trutzbox/api/proxy/pac</nowiki>" in the "URL" input field (1.) and confirm your entry by clicking on "WLAN" (2.). [[File:Proxy einrichten 100 iOS Smartphone Tablet 060.png|300px|link=]] Exit "Einstellungen" by pressing the menu button. [[#top|-> Table of Contents (of this manual)]] ===== Android Smartphone/Tablet: Standard Browser on Google Android ===== Setting up a proxy under Android. The screens may vary slightly depending on the Android device. Switch to "Preferences" in Android ... [[File:Proxy einrichten 080 Smartphone Android 010.png|300px|link=]] ... and select "WLAN“. [[File:Proxy einrichten 080 Smartphone Android 020.png|300px|link=]] Hold down the selected WLAN (here: "rhg_1") until a new menu appears. "Press "Change network". [[File:Proxy einrichten 080 Smartphone Android 030.png|300px|link=]] Press „Erweiterte Optionen“ and then open „Proxy“. [[File:Proxy einrichten 080 Smartphone Android 040.png|300px|link=]] Select „Autom. Proxy-Konfig.“. [[File:Proxy einrichten 080 Smartphone Android 050.png|300px|link=]] On "PAC-URL" enter: <nowiki>http://trutzbox/api/proxy/pac</nowiki> Then click on "SPEICHERN". ===== Microsoft Windows 10 ===== Configure Automatisches Proxy-Script for Microsoft Windows 10 in Edge: In Edge, select "Einstellungen" and go all the way down. [[File:080 Proxy einschalten 010.png|300px|link=]] Click on „Erweiterte Einstellungen anzeigen". [[#top|-> Table of Contents (of this manual)]] [[File:080 Proxy einschalten 020.png|300px|link=]] Click on "Proxyeinstellungen öffnen". [[#top|-> Table of Contents (of this manual)]] [[File:080 Proxy einschalten 030.png|700px|link=]] Set the „Setupscript verwenden“ switch to „Ein“. In the field „Scriptadresse" enter <nowiki>"http://trutzbox/api/proxy/pac"</nowiki> and click on „Save“. [[#top|-> Table of Contents (of this manual)]] ==== Connect the device directly via WLAN (or LAN) with TrutzBox® (Transparent-Modus) ==== Now connect your PC and, if necessary, other Internet-enabled devices via wired network (LAN) or wireless network (WLAN) with the TrutzBox®. Switch WLAN connection from PC to Internet router to PC to TrutzBox®: [[File:20150624 Bild TrutzBox WLAN Wechsel V02.png|700x700px|link=]] To do this, click the WLAN icon in the notification area on the right of the task bar (1.). When selecting wireless network connections, click (2.) on your TrutzBox® SSID (WLAN name assigned under 4.6 when setting up). Then click on "Connect" (3.) and enter the WLAN password in the window that appears (4.). By clicking on "OK" (5.) the confirmation (6.) appears. [[File:Umschalten auf WLAN2.png|700px|link=]] From now on you use TrutzBrowse, TrutzContent and TrutzBase. === TrutzBox®-network === To ensure maximum security for the devices connected to the TrutzBox®, the TrutzBox® sets up its own network separate from the Internet router. A DHCP server gives the connected devices a new IP address from the range 192.168.195.50 to 192.168.195.199. A separate DNS server (dnsmask) forwards the name resolution for the connected devices to the DNS server of the Internet router. The TrutzBox® takes over the routing between the TrutzBox® internal network (WLAN, LAN-Int1 and LAN-Int2) and the TrutzBox® external network (Lan connection "LAN-Ext"). The TrutzBox® itself has the IP address 192.168.195.200 in the internal network. The IP address of the TrutzBox® is obtained from the Internet router when it is started. [[File:63 Netzwerk 010.png|700px|link=]] A permanently assigned (static) IP address from the range 192.168.195.50 to 192.168.195.199. can also be assigned to a connected device. Subnet mask is then 255.255.255.0, the router and DNS server IP address is 192.168.195.200. [[#top|-> Table of Contents (of this manual)]] ==== Firewall ====A Statefull-Inspection Firewall has been installed to provide additional protection for both the TrutzBox® and the internal network connected to it. This not only protects the TrutzBox® itself from unauthorised access to the network side, but also blocks external attackers. In addition, the firewall protects all connected network devices against uncontrolled network access via appropriate port shares. < The firewall used is a Stateful Packet Inspection Firewall (SPI), i.e. each data packet is assigned to a specific active connection (session): * All devices connected to the internal network are bridged so that they can communicate with each other without restriction. * All connected devices can establish connections to "extern" (LAN-Ext) on all ports. If a device on the internal network wants to access a device on the Internet router (external network), then a fully qualified host name must be used (e.g..fritz.box must be appended). All connections via port 80/443 are automatically routed via the TrutzBox® Proxy (filter), which then controls incoming and outgoing data. * An external connection to the TrutzBox® is only enabled for special ports* Establishing a connection from the external network to the internal network is not enabled and is therefore not permitted. [[File:63 Netzwerk 020.png|700px|link=]] The TrutzBox® Administrator can open additional ports as required. < The firewall is based on the open source firewall "iptables". In addition, the Shorewall Firewall package is provided as an add-on to provide experts with additional functions such as simplified user guidance or zone setup. [[#top|-> Table of Contents (of this manual)]] == Comidio Customer Area (-> for users)== === Registration and order process ===In order to participate in the Support Forum, place an order or manage his account (= his user account), an interested party must register on the Comidio website. He assigns a password and enters his contact data. After registration he logs in with his e-mail address and password only and can then manage his user account (his account). ==== Register ====[[File:20150709 Shop 1010 Registrieren und bestellen V01.png|700px|center]]To register, click in the upper menu bar on "Login / Register". [[File:20150709 Shop 1020 Registrieren und bestellen V01.png|700px|center]]If you have not yet set up an account, i.e. you do not yet have a password to log in, you will first and foremost follow the right path "Neues Kundenkonto anlegen". Enter your existing e-mail address and a (freely selectable) password. Then confirm your acceptance of the data protection declaration and click on "Neues Kundenkonto anlegen". [[#top|-> Table of Contents (of this manual)]] [[#Registrieren| -> Registrieren]] [[File:20150709 Shop 1030 Registrieren und bestellen V01.png|700px|center]]If the billing and delivery addresses are identical, enter only the billing address. If these are different, please enter both addresses. [[File:20150709 Shop 1040 Registrieren und bestellen V01.png|700px|center]]Please select gender and enter your first and last name and, if applicable, your company name. Then scroll down. [[#top|-> Table of Contents (of this manual)]] [[#Registrieren| -> Registrieren]] [[File:20150709 Shop 1050 Registrieren und bestellen V01.png|700px|center]]Please enter your address and telephone number and click on "Adresse speichern". [[File:20150709 Shop 1060 Registrieren und bestellen V01.png|700px|center]]You will now receive the confirmation "Adresse erfolgreich geändert" and can, if necessary, enter a delivery address. As soon as "Logout" is displayed in the upper menu bar, you know that you are logged in and can log out by clicking this button. You can also remain logged in to initialize an order, for example. [[#top|-> Table of Contents (of this manual)]] [[#Registrieren| -> Registrieren]] ==== Order ====To do this, click in the main menu on "Shop". [[File:20150709 Shop 1070 Registrieren und bestellen V01.png|700px|center]]On the page "Shop Info" you will get an overview of the TrutzBox® offer. Scroll down to see all information. [[File:20150709 Shop 1080 Registrieren und bestellen V01.png|700px|center]] Then go to the actual shop by clicking on "Zum Shop". [[#top|-> Table of Contents (of this manual)]] [[#Bestellen| -> Bestellen]] [[File:20150709 Shop 1090 Registrieren und bestellen V01.png|700px|center]]Click on "Ausführung wählen", to see the color options. [[File:20150709 Shop 1100 Registrieren und bestellen V01.png|700px|center]] Click the pulldown arrow first and then click on your color selection. [[#top|-> Table of Contents (of this manual)]] [[#Bestellen| -> Bestellen]] [[File:20150709 Shop 1110 Registrieren und bestellen V01.png|700px|center]]Click on the up arrow to increase the desired number or on the down arrow to reduce it. [[File:20150709 Shop 1120 Registrieren und bestellen V01.png|700px|center]]If the number is correct, click on “in den Warenkorb” so that your selection is saved according to colour and number in the shopping cart. [[#top|-> Table of Contents (of this manual)]] [[#Bestellen| -> Bestellen]] [[File:20150709 Shop 1130 Registrieren und bestellen V01.png|700px|center]] You receive the success message: "... wurde erfolgreich Ihrem Warenkorb hinzugefügt." If further, e.g. different coloured TrutzBoxes are to be purchased, the purchase can be continued by clicking on "Weiter einkaufen". If the selection is currently complete, please click on "Weiter zur Kasse". [[File:20150709 Shop 1140 Registrieren und bestellen V01.png|700px|center]]Please read if the information is correct and scroll down. [[#top|-> Table of Contents (of this manual)]] [[#Bestellen| -> Bestellen]] [[File:20150709 Shop 1150 Registrieren und bestellen V01.png|700px|center]]Please read if the information is correct and scroll down. [[File:20150709 Shop 1160 Registrieren und bestellen V01.png|700px|center]]By ticking the box you accept the general terms and conditions, the service descriptions, the prices and the data protection information. If the entered data is ok, click on "Zahlungspflichtig bestellen". [[#top|-> Table of Contents (of this manual)]] [[#Bestellen| -> Bestellen]] [[File:20150709 Shop 1170 Registrieren und bestellen V01.png|700px|center]]Now you will receive an order confirmation, which lists all relevant information again. [[File:20150709 Shop 1180 Registrieren und bestellen V01.png|700px|center]]If you scroll down, you can create a PDF of your order by clicking on "Drucken". [[File:20150709 Shop 1190 Registrieren und bestellen V01.png|700px|center]]You can save the PDF and print it out if required. [[#top|-> Table of Contents (of this manual)]] [[#Bestellen| -> Bestellen]] [[File:20150709 Shop 1200 Registrieren und bestellen V01.png|700px|center]]You will now receive the order confirmation by e-mail. Now the ordering process is completed. If you do not need to stay in your account area, you can log out by clicking on "Logout". If - after registration - you would like to return to your Accout area, simply enter your e-mail address and password. [[File:20150709 Shop 1210 Registrieren und bestellen V01.png|700px|center]] ==== Log in if password forgotten ==== If an existing customer wishes to view or modify his customer data or place an order, he logs on to the customer management system using the "Anmelden/Registrieren" button. [[File:713 input Passwort vergessen 010.png|700px|center]] Click on "Anmelden/Registrieren". [[#top|-> Table of Contents (of this manual)]] [[File:713 input Passwort vergessen 020.png|700px|center]] Here there are 2 possibilities:#The user has ''not yet created a customer account''', then he will register on the right (in column "Registrieren") by entering his e-mail address and a password to be set, and has thereby created his account. This only applies to new customers and not to existing customers.#The user has already ‘’’created his ustomer account’’’. He logs in on the left (in the "Anmelden" column) by entering his user name or e-mail address and registered password. < If the user is already registered, i.e. has a customer account, ''but has forgotten the password given when registering''', he does not make any entries and simply clicks on "Forgot password?".Translated with www.DeepL.com/Translator. [[#top|-> Table of Contents (of this manual)]] [[File:713 input Passwort vergessen 030.png|700px|center]] First enter the e-mail address to which the confirmation link should be sent (1). Then click on "Passwort zurücksetzen". [[#top|-> Table of Contents (of this manual)]] [[File:713 input Passwort vergessen 040.png|700px|center]] The user management sends a message that a confirmation link has been sent (1).The user calls the inbox of his e-mail system (2). [[#top|-> Table of Contents (of this manual)]] [[File:713 input Passwort vergessen 050.png|700px|center]] There is a new message from "Comidio Support" in the inbox of the e-mail system with the subject "Passwort zurücksetzen für comidio".Open the e-mail by double-clicking on the subject. [[#top|-> Table of Contents (of this manual)]] [[File:713 input Passwort vergessen 060.png|700px|center]] Click on "Klicke hier, um dein Passwort zurückzusetzen". [[#top|-> Table of Contents (of this manual)]] [[File:713 input Passwort vergessen 070.png|700px|center]] The user administration offers a new window in the browser for entering the new password (1).Click on "Speichern". [[#top|-> Table of Contents (of this manual)]] [[File:713 input Passwort vergessen 080.png|700px|center]] The user management confirms the successful entry of the new password (1). To open the user administration: Click on "Anmelden/Registrieren" (2). [[#top|-> Table of Contents (of this manual)]] [[File:713 input Passwort vergessen 090.png|700px|center]] Enter the e-mail address (1) and the new password (2) and click on "Anmelden" (3). [[#top|-> Table of Contents (of this manual)]] [[File:713 input Passwort vergessen 100.png|700px|center]] The user can see that he is logged in by the "Abmelden" button (1) shown in the upper menu bar. To unsubscribe, click on "Abmelden". By clicking on the button "Shop" an order can be placed. [[#top|-> Table of Contents (of this manual)]] == Application example == === Limiting TV tracking === The number of companies interested in data is increasing rapidly. Even with a television, you can no longer be sure that no personal data is transmitted to TV stations or even manufacturers. Even in its terms of use, the TV manufacturer Samsung recommends not to say anything private in the presence of a smart TV, because speech recognition could transmit this anywhere (https://netzpolitik.org/2015/samsung-warnt-bitte-achten-sie-darauf-nichts-privates-vor-unseren-smarttvs-zu-erzaehlen/). But not only the microphone or even the camera on the TV could spy on the user. Current generations of television are getting closer and closer to the technology of smart phones by extending the functionality of the television by downloading apps. And there is interactive TV (HbbTV). This enables app providers, TV set manufacturers, HbbTV providers, providers of electronic program guides (Electronic Program Giude - EPG) and TV stations to track user behavior (https://netzpolitik.org/2015/studie-anonyme-nutzung-von-smart-tvs-kaum-moeglich/ und https://www.lda.bayern.de/lda/datenschutzaufsicht/lda_daten/150227%20PM%20Datenschutz%20und%20Smart-TV.pdf). So the question arises: how can you limit the tracking of the TV with the TrutzBox? Here a short manual ... First you have to make sure that the TV set only communicates to the Internet via the TrutzBox. The easiest way to do this is to connect the TV set to the TrutzBox via LAN cable or WLAN. After that, all standard TrutzBox filters for HTTP and HTTPS (i.e. ports 80 and 443) will automatically take effect. Here at the example of a television of the type "Sony Bravia" After switching on the TV set, TrutzBrowse shows that the TV is loading some data from sony.net and encrypted JS programs, pictures and other data from playstation.net. [[File:Fernseher einschränken-PastedGraphic-3.png|756x756px]] In the further process, when one clicks through the menus of the television the Internet video offers, further profile data are transferred to playstation.net: [[File:Fernseher einschränken-PastedGraphic-4.png]] If you then call up the news on the TV via the Internet, it not only downloads data from Tagesschau.de, but also images from secure.footprint.net. Thus the American service provider Markmonitor (https://www.markmonitor.com) also gets the information that someone here retrieves data: [[File:Fernseher einschränken-PastedGraphic-5.png]] All this information exchanged via http/https (port 80/443) is already controlled by the TrutzBox. The TrutzBox function TrutzBrowse used the default profile to manipulate the http header data. With the menu item TrutzContent you can now also block individual URLs (domains) to which you do not want to supply data. E.g. "secure.footprint.net". However, the TV can also exchange data via protocols and ports other than http. These ports/protocols can be controlled and blocked with TrutzBase. ==What to do if... ? ===== ... WLAN is not working? === If the TrutzBox WLAN is not visible, i.e. does not show an SSID (WLAN ID defined by the administrator during setup) and the WLAN button in the TrutzBox user interface in the "TrutzBox Übersicht" is gray instead of green, proceed as follows:*In the TrutzBox user interface go to "Netzwerk" -> "WLAN", scroll down completely and click on the "Apply" button at the bottom.Wait a moment and check whether the SSID is visible.If not visible, restart the TrutzBox:*In the TrutzBox user interface, click on "System" -> "Ein-/Ausschalten" and wait until the TrutzBox has shut down and started up again automatically.Rebooting takes about 15 minutes.Then check whether the SSID is visible.If not visible, a factory reset may have to be performed.*In this case, please contact Comidio Support so that they can accompany the factory reset by telephone if necessary. === ... a SmartPhone/Tablet app does not work? === Sometimes it is difficult to find out which servers an app wants to access. These must be identified in order to be able to assign SecurityLevel 9 or even 10 to their addresses, if necessary.#Start and stop the app concerned because some SSL connections are enabled for the app the first time the app is started on the TrutzBox.#In the TrutzBox user interface under "TrutzBox Filter" -> "Status" in the tab of the relevant device, delete the status: "Delete history". This prevents other accesses from covering the searched accesses.#Then restart the app on the smartphone/tablet.If the app does not yet work, under Status press "Neu laden" again to see which accesses are not on L10. If necessary, set this to L10. Sometimes an app wants to access several sub-domains of xyz.com. In this case it may help if all sub-domains are activated by entering "*.xyz.com. === ... the browser and/or mail program reports a problem with the certificate? === That's normal. Import the TrutzBox® certificate into the browser and the mail program. Download the TrutzBox® certificate from the TrutzBox user interface (https://trutzbox/#mail/status). === ... the TrutzBurg (symbol of the TrutzBox in the upper right corner of the browser window) is not displayed === '''Browser Update?''' Please check first if your browser is up to date; if not, update it. '''NoScript" off?''' The TrutzBurg (top right) is "injected" into the website by software. This only works if Java-Script is activated in the browser.Therefore, the Java script should NOT be deactivated in the browser: the button should be set at: "Skripte allgemein erlauben", or the extension (add-on) "NoScript" should not be loaded or not activated. Pop-ups allowed?''' Please make sure that pop-ups are allowed. If the TrutzBurg is still not displayed, please proceed according to the following flowchart or table: [[File:20170130 Wenn TrutzBox Symbol nicht gezeigt wird Diagramm V02.png|700px|link=]] [[#top|-> Table of Contents (of this manual)]] <table border="1" width="690"><tr><td width="230">1. Check if TrutzBrowse works correctly </td><td width="230"> Opening in TrutzBox User Interface: TrutzBox Filter -> Status If the call '''xyz.de''' is displayed for the device used?</td><td width="230"> No, so call did not go via TrutzBrowse; continue with 2. Yes, with level 1-9; continue with 4. Yes, with level 10; continue with 5. </td></tr><tr><td>2. Does the current device access in "Transparentmodus" or in "Proxymodus"?</td><td>Determination of operating mode *„transparent mode“: Device is directly connected to TrutzBox via (W)LAN *„proxy mode“: The device is connected to the Internet Router and the TrutzBox is entered in the browser as a proxy (= quasi detour).</td>In transparent mode the TrutzBox is switched on quasi automatically and should work, then with 6. If the device is or should be connected to the Internet Router (proxy mode), continue with 3.</td></tr><tr><td>3. is TrutzBox activated as a proxy in the browser?</td>dd>Proxy Activation Detection*Is the TrutzBox "pac file" entered and activated in the browser?(see manual 6.2.1)*Is the corresponding software switch set up and switched on?</td><td>If TrutzBox is activated as a proxy in the browser, continue with 6. If TrutzBox is not activated as a proxy in the browser, this is recommended (see manual 6.2.1), and then page '''xyz.de''' should be called again.</td></tr><tr><td>4. Displayed in "Status" with level 1-9 Intention: Show tracker</td><td>In Status: Click on link call ('''xyz.de''') right of security level (Same effect as usual click on the TrutzBox icon and after displaying the security slider: click on "Details".)</td><td>In a few exceptions the display of the TrutzBox symbol with sign and number of trackers cannot be shown on the respective website. Nevertheless, protection exists and the results (calls and tracker display and blocking) are correct. When calling from another website the expected display of the TrutzBox symbol should appear again in the upper right corner.</td></tr><tr><td>5. Displayed in "Status" with level 10 Intention a: none < Intention b:Set level to level 1-9</td><td>Case b: in Status: Click on blue icon left of security level of ''xyz.de''' Click on "Change slider settings" Set the desired level in "Slider Position" using the pull-down menu (right).</td>In SecuritySlider level 10 the TrutzBox is bypassed and therefore the TrutzBox symbol is not displayed. This may be necessary for certain applications (e.g. smartphone apps), so that the app works as desired (but unprotected). Level 10 can be set: *by user: Call the SecuritySlider of the corresponding page and click on the green button "TrutzBrowse".*by administrator: set the level to 10 in "Status" or in "Slider Einstellungen”*automatic: if under "TrutzBox Filter" -> "Geräte" the check mark " Falls SSL-Fehler auftreten, Filtering für angesteuerte Domain automatisch ausschalten " is set If level 10 is no longer set, but 1-9, the TrutzBurg should reappear when ''xyz.de''' is called up.</td></tr><tr><td>6. xyz.de''' is not displayed in "Status" Restarting the TrutzBox</td><td>restart via:"System" ->"Ein-/Ausschalten" *Click on "Neu starten".Only if user interface is not accessible: *Cold start by disconnecting the power supply unit*Wait 10 seconds and*Reconnecting the power supply unit</td><td> The "proxy part" of the TrutzBox does not seem to work or does not work properly. First restart or, in an emergency, perform a cold start. Continue with 7.</td></tr><tr><td>7. xyz.de''' is not displayed in "Status" Comidio asks you to send us the files "logs.zip".</td><td>"System" ->"Debug": Click on "Alle Logdateien herunterladen".Save the file "logs.zip" (if necessary, the individual files).Mail the file "logs.zip" (if necessary the individual files) to support@comidio.de</td><td>Comidio is interested in analyzing the error using the log files and therefore asks for the log files to be sent. Continue with 8.</td></tr><tr><td>8. xyz.de''' is not displayed in "Status" Restart possible or contact Comidio Support</td><td>Restart via: "System" -> "Ein-/Ausschalten"Click on "Neu starten".</td>If neither a new start nor a cold start is successful, please send an e-mail to support@comidio.de. Joint work reset may be necessary.</td></tr></table>[[#top|-> Table of Contents (of this manual)]] === ... the e-mail gets stuck in the TrutzMail outbox? === Go to TrutzMail -> Status (https://trutzbox/#mail/status). Check whether TrutzMail, SMTP, IMAP each have a green check mark = are OK. If not, restart and press the round arrows to the right. Attention: this restart may take some time. The mail can therefore remain in the mail queue for some time. If it has not been delivered after some time, make sure that the TrutzBox® of the receiver is active, port 5888 (on the DSL router e.g. FRITZ!Box) is not open or the receiver has received a new certificate due to a factory reset, replacement of the TrutzBox®, etc. In this case go to TrutzBox® Overview -> TrutzMail -> Status and click on "Mail-Schlüssel erneuern" in the upper right corner. === ... the user interface (UI) is no longer accessible? === Make sure that the TrutzBox® is listed under Devices and Users on the DSL router (e.g. FRITZ!Box) in the home network. Otherwise you can also reboot your Internet-enabled device (e.g. PC), the DSL router (e.g. FRITZ!Box) and the TrutzBox®. If the TrutzBox® cannot be reached via the IP address, try the "traditional" method = remove the plug, wait a few minutes, reconnect the plug and restart the TrutzBox®. It may take 5 - 10 minutes for it to start up. [[#top|-> Table of Contents (of this manual)]] === ... the right and middle LEDs are off and the left LED is constantly on? === Probably you cannot access Webmin https://trutzbox:10000 any more; then try the "traditional" method = remove the plug, wait a few minutes, plug in the plug again and restart the TrutzBox®. It may take 5 - 10 minutes for it to start up. Should the startup not bring the desired success, please contact us by e-mail at support@comidio.de. [[#top|-> Table of Contents (of this manual)]] === ... Your TrutzBox is not connected to the router or your terminal device (e.g. PC) cannot reach the TrutzBox? === The TrutzBox works exclusively with IPv4 addresses.If your TrutzBox is not connected to the router or your terminal device (e.g. PC) cannot reach the TrutzBox, one reason for this may be that the router assigns IPv6 addresses. To avoid this, it should be ensured that the router assigns IPv4 addresses.To disable IPv6 addresses, go to:https://comidio.de/wiki/index.php?title=TrutzBox_Handbuch#IPv6_deaktivieren [[#top|-> Table of Contents (of this manual)]] === ... Your router has had an "Internet failure" and your TrutzBox is no longer accessible after service has started (e.g. only the left LED is permanently light)? ===Exceptionally, please try the "brutal" method = remove the plug, wait a few minutes, reconnect the plug and reboot the TrutzBox®. It may take 5 - 10 minutes for it to start up. Should the startup not bring the desired success, please contact us by e-mail at support@comidio.de. [[#top|-> Table of Contents (of this manual)]] === ... I want to check that my software packages are up-to-date? ==='''Caution: All version numbers shown in this chapter were valid at the time the screenshots were taken. If you check versions yourself, you will probably find other, then current version information. The newer version numbers are always larger than the older ones, e.g. 0.0.62 is newer than 0.0.61 and 0.2.119-1 is newer than 0.1.134. ''' # Quick test: Check_the_current_status_of_software_updates using Webmin [https://comidio.de/wiki/index.php/TrutzBox_Handbuch#Schnelltest:_Aktuellen_Stand_der_Software-Updates_mittels_Webmin_pr.C3.BCfen -> Details]#Do I have the latest software packages? [https://comidio.de/wiki/index.php/TrutzBox_Handbuch#Habe_ich_die_aktuellen_Software-Pakete.3F -> Details]##What are the current software package versions on the Comidio server? [https://comidio.de/wiki/index.php/TrutzBox_Handbuch#Welches_sind_die_aktuellen_Software-Paket-Versionen_auf_dem_Comidio-Server.3F -> Details]##Which software package versions do I have on my TrutzBox? [https://comidio.de/wiki/index.php/TrutzBox_Handbuch#Welche_Software-Paket-Versionen_habe_ich_auf_meiner_TrutzBox.3F -> Details]##Do I have the current packages on my TrutzBox? [https://comidio.de/wiki/index.php/TrutzBox_Handbuch#Habe_ich_die_aktuellen_Pakete_auf_meiner_TrutzBox.3F -> Details]#When were the latest software packages downloaded to my TrutzBox? [https://comidio.de/wiki/index.php/TrutzBox_Handbuch#Wann_wurden_die_letzten_Software-Pakete_auf_meine_TrutzBox_heruntergeladen.3F -> Details]#When was the last time my TrutzBox checked for software updates? [https://comidio.de/wiki/index.php/TrutzBox_Handbuch#Wann_hat_meine_TrutzBox_das_letzte_Mal_nach_Software-Updates_geschaut.3F -> Details]#When the last filter lists were downloaded to my TrutzBox? [https://comidio.de/wiki/index.php/TrutzBox_Handbuch#Wann_wurden_die_letzten_Filterlisten_auf_meine_TrutzBox_heruntergeladen.3F -> Details] [[#top|-> Table of Contents (of this manual)]] ==== Quick-check: Check current status of software updates via Webmin ====We use Webmin functions to quickly check the current status of the imported software packages. [[File:09_10_100.png|700px|link=]] *Enter "https://trutzbox:10000" (without quotes) (1). *The Webmin display "Alle installierten Pakete sind aktuell" is already a first indication that all software updates have been imported. A click on it (2) allows a forced new check of the up-to-dateness. [[#top|-> Table of Contents (of this manual)]] [[File:09_10_110.png|700px|link=]] *Click on "Aktualisiere verfügbare Pakete" (1). [[#top|-> Table of Contents (of this manual)]] [[File:09_10_120.png|700px|link=]] *If " 0 mögliche Updates gefunden" (1) is displayed, your TrutzBox is up to date. *If your TrutzBox is online overnight, all necessary updates should be installed automatically (around 5:00 am).*If your TrutzBox was offline, any update installations can be initiated manually, or you can leave your TrutzBox online overnight. The manual installation of package updates is described in "5.6.5.8 Webmin: TrutzBox Updates manuell anstoßen". [[#top|-> Table of Contents (of this manual)]] ==== Do I have the current software packages? =====We will*check on the Comidio server which versions of the software packages for the Trutzbox are released,*determine on your TrutzBox the version status of the TrutzBox software packages currently installed on your TrutzBox, and*by comparing the version of the Comidio Server (TARGET) with that of your TrutzBox (ACTUAL) to determine whether it is up-to-date. ===== What are the current software package versions on the Comidio server? =====We check the software packages and their version numbers that Comidio has published on its server for the Trutzbox. [[File:09_10_210.png|700px|link=]] *Call "http://comidio.email/repo/dists/TrutzBox/base/binary-i386/Packages" (without quotes) (1). *Call up full-text search in current page, e.g. by entering Ctrl + F (2) on the keyboard. *Enter "Package: trutz" (without quotation marks) (3). Note: Only if the entry begins with "Package:" does the search show the first meaningful entry. *Click on the down arrow (4). *Details of the next software package found (in the example: "trutzbox-base-routing") are displayed (5). *The version number (in the example: "0.0.62") is displayed after the keyword "Version" (6). *Click the down arrow (7) to move to the next package whose name begins with "trutz. '''Insight''' (with example data) ''':''' '''Package "trutzbox-base-routing" is currently available on the server in version "0.0.62"''' [[#top|-> Table of Contents (of this manual)]] ===== Which software package versions do I have on my TrutzBox? =====We use Webmin to check the software packages and their version numbers installed on my Trutzbox. [[File:09_10_250.png|700px|link=]] *Call "https://trutzbox:10000" (without quotes) (1). *Click on "System" (2). *Click on "Softwarepakete" (3). *Enter "trutz" (without quotation marks) in the search mask (4) to display all packages maintained by Comidio. *Click on "Suche nach Paketen" (5). < [[#top|-> Table of Contents (of this manual)]] < [File:09_10_260.png|700px|link=]] *The software packages on the Trutzbox in whose name "trutz" appears are listed (1). '''Knowledge''' (with example values)'''':''' The "trutzbox-base-routing" package is currently available on my TrutzBox in version "0.0.62"''' [[#top|-> Table of Contents (of this manual)]] ===== Do I have the current packages on my TrutzBox? =====We compare the version numbers of the software packages on my Trutzbox with those on the Comidio server. < '''Insight''' (with example data)'''':''' The "trutzbox-base-routing" package has the same version on the server and on my TrutzBox, so it is current.''' ==== When were the latest software packages downloaded to my TrutzBox? ==== [[File:09_10_300.png|700px|link=]] *Call "https://trutzbox:10000" (without quotes) (1). *Click on "System" (2). *Click on "Systemprotokolle" (3). *Enter "/var/log/unattended-upgrades/unattended-upgrades-dpkg.log" (without quotes) in filename field (4). *Click on "Ansehen" (5). [[#top|-> Table of Contents (of this manual)]] [[File:09_10_310.png|700px|link=]] *Log ended" shows when the software packages were last updated on my TrutzBox (1). '''Insight''' (with example data)''':''' '''The last update of the software packages on my TrutzBox was on 19th October 2017 at 04h : 03min : 51sec.''' [[#top|-> Table of Contents (of this manual)]] ==== When did my TrutzBox last check for software updates? ====We check the logfiles of the Trutzbox to know the date of the last change. [[File:09_10_400.png|700px|link=]] *Call "https://trutzbox:10000" (without quotes) (1). *Click on "System" (2). *Click on "Systemprotokolle" (3). *Enter "/var/log/unattended-upgrades/unattended-upgrades.log" (without quotes) in filename field (4). *Click on "Ansehen" (5). [[#top|-> Table of Contents (of this manual)]] [[File:09_10_410.png|700px|link=]] '''Insight''' (with example data)''':''' '''The last check of my TrutzBox for software package updates was on 24.10.2017 at 06h : 33min : 46sec and showed that no updates were available. The date shown should not be too long ago to be sure that the software packages of my Trutzbox are up to date.''' [[#top|-> Table of Contents (of this manual)]] ==== When were the last filter lists downloaded to my TrutzBox? ==== We check the logfiles of the Trutzbox to obtain the date of the last change. [[File:09_10_500.png|700px|link=]] *Call "https://trutzbox:10000" (ohne Anführungszeichen) (1). *Click on "System" (2). * Click on "Systemprotokolle" (3). *Enter "/var/log/comidio/updshalla.log" (without quotes) in filename field (4). * Click on "Ansehen" (5). [[#top|-> Table of Contents (of this manual)]] [[File:09_10_510.png|700px|link=]] '''Insight''' (with example data)''':''' '''The last filter list update took place on 24.10.2017 at 05h : 00min : 26sec and was successful. The displayed date should not be too long ago to be sure that the filter lists of my Trutzbox are up to date.''' [[#top|-> Table of Contents (of this manual)]] === ... if someone wants to sell his Trutzbox? === A TrutzLegitimation (consisting of TrutzKennung and TrutzSchlüssel) is person-oriented and not bound by concept to a specific TrutzBox.For example, the TrutzMail addresses configured are also linked to the TrutzLegitimation. Thus the seller should not pass on his TrutzLegitimation and the buyer should order a new TrutzLegitimation including TrutzServices from Comidio. We recommend the following procedure to the seller The seller ...#initiates factory reset on Trutzbox,#waits until Trutzbox is completely shut down (may take up to 60 minutes) and the LEDs are off, and#disconnects Trutzbox from the power supply. Now the Trutzbox is ready to be handed over to a buyer. [[#top|-> Table of Contents (of this manual)]] === ... if someone has bought a used Trutzbox or an appropriate hardware and wants to use the TrutzServices? === A TrutzLegitimation (consisting of TrutzKennung and TrutzSchlüssel) is person-oriented and not bound by concept to a specific TrutzBox.For example, the TrutzMail addresses configured are also linked to the TrutzLegitimation. Thus the buyer should order a new TrutzLegitimierung including TrutzServices from Comidio ([https://trutzbox.de/produkt/trutzlegitimierung-trutzservices-fuer-fremdhardware-12-monate/ zu Shop]). We recommend the following procedure to the buyer The buyer ...#orders a new TrutzLegitimierung including TrutzServices from Comidio ([https://trutzbox.de/produkt/trutzlegitimierung-trutzservices-fuer-fremdhardware-12-monate/ zu Shop]),#connects Trutzbox to router,#connects Trutzbox to power supply,#runs through setup#enters NEW Trutz legitimacy,#can set up TrutzMail addresses (up to 5 in the basic contingent), and#runs his trutzbox and is protected on the Internet. [[#top|-> Table of Contents (of this manual)]] === ... if TrutzMails arrive on your own Trutzbox but are not displayed in the mail client (e.g. Outlook or Thunderbird) or webmailer? === When the IMAP icon appears red in the dashboard of the Trutzbox user interface, either *Click on "Details zeigen", or*Click on "Status" under "TrutzMail. There press the restart arrow belonging to IMAP: then the IMAP server is restarted and the TrutzMails are (again) received correctly. [[#top|-> Table of Contents (of this manual)]] == Support in error analysis == For error analysis or optimisation of TrutzBox® settings it can be helpful if Comidio Support can get a "picture" of the current situation of TrutzBox® at the customer. For this purpose, Comidio may ask the customer to record information about states and settings and to transmit it to Comidio.=== Mail Screenshot of TrutzBox® overview page === If Comidio asks you to email a screenshot of the overview page, please proceed as follows. [[File:Fehleranalyse 010 Übersicht 010.png|700x700px|link=]] *Open "trutzbox" and the "TrutzBox Overview" page is displayed automatically. Especially the utilization of the fixed memory is interesting (1), *Take a screenshot of the page "TrutzBox Overview", *Mail screenshot to support@comidio.de. === Mail TrutzMail log files === If Comidio asks you to mail the TrutzMail log files ("TrutzMail log" and "Mail log"), please proceed as follows. [[File:Fehleranalyse 060 TrutzMail Logs 011.png|700x700px|link=]] *Call"trutzbox" and click on "TrutzMail" (1), *Click on "Logs" (2) and*Click on "Herunterladen" (3). [[File:Fehleranalyse 060 TrutzMail Logs 020.png|700x700px|link=]] After downloading, a file icon and the name of the "trutzmail.log" file appear at the bottom left. Double-click on the file name to open an editor window with the log file. [[File:Fehleranalyse 060 TrutzMail Logs 030.png|700x700px|link=]] * Click on "Datei" (1), * Click on "Save as..." (2) and save the log file "trutzmail.log" on the PC.*Proceed in the same way with the log file "Mail log". *Finally, please mail log files "trutzmail.log" and "mail.log" to support@comidio.de === Find oversized files === (This function is currently being revised.) === Generate log files (and email) === If Comidio asks you to mail TruzBox log files, please proceed as follows: Generating the file: '''logs.zip''' Generating the file: '"systeminfo.txt" ==== File creation: logs.zip ====In the TrutzBox user interface in the navigation menu go to: System -> Debug [[File:104 LogDateien mailen 015.png|700px|link=]] *Delete all log files (1).*Set the modules requested by Comidio to "Debug", in this example the modules "database", "proxy" and "levels" (2).*Then please start the application or the device in question (e.g. your TV set)...*... after "strange behaviour" occurred, download the files using the " Alle Logdateien herunterladen " button (3).*Then set all modules back to "information" (no longer to "Debug"), so that the TrutzBox does not permanently write log files and unnecessarily occupies storage space. [[#top|-> Table of Contents (of this manual)]] [[File:104 LogDateien mailen 020.png|300px|link=]] Click on "OK". [[#top|-> Table of Contents (of this manual)]] [[File:104 LogDateien mailen 030.png|700px|link=]] Click on "Speichern". '''Then please mail the file logs.zip to support@comidio.de Thank you very much! ''' >[[#top|-> Table of Contents (of this manual)]] ==== Creation of the file: systeminfo.txt ====In the TrutzBox user interface in the navigation menu go to: System -> Erweiterte Einstellungen [[File:104 LogDateien mailen 040.png|700px|link=]] Click on "Erweiterte Einstellungen". [[#top|-> Table of Contents (of this manual)]] [[File:104 LogDateien mailen 050.png|700px|link=]] Enter the user name "admin" and the corresponding password. Click on "Anmelden". [[#top|-> Table of Contents (of this manual)]] [[File:104 LogDateien mailen 060.png|700px|link=]] Enter in URL line "https://trutzbox:10000/sysinfo.cgi". Press the Enter key. [[#top|-> Table of Contents (of this manual)]] [[File:104 LogDateien mailen 070.png|300px|link=]] Click on "OK". [[#top|-> Table of Contents (of this manual)]] The file is automatically stored in the "Downloads" directory (or in the directory specified by the user). [[File:104 LogDateien mailen 080.png|700px|link=]] Click on "Speichern". [[#top|-> Table of Contents (of this manual)]] '''Please then mail both files (logs.zip and systeminfo.txt) to support@comidio.de Thank you!''' === Screen sharing at TrutzRTC via Comidio Server ===Comidio-Support has the possibility to invite participants to a TrutzRTC meeting on the Comidio server. The participant only needs a Chrome or FireFox browser to access the shared room URL and attend the TrutzRTC Meeting. < If the participant wants to share (= show) his screen, this can be done with the Chrome Browser, in which the "Comidio Conference Screen Sharing" extension was previously activated. The following screenshots show how to find and activate this extension. [[File:105 ScreenSharing Chrome Plugin 010.png|700px|link=]] Call the current Chrome Browser (1). Enter in the URL field "https://chrome.google.com/webstore/category/extensions?hl=de" (2). Enter into the search field "comidio" (3). [[#top|-> Table of Contents (of this manual)]] [[File:105 ScreenSharing Chrome Plugin 020.png|700px|link=]] Click on "+ HINZUFÜGEN" (1). [[#top|-> Table of Contents (of this manual)]] [[File:105 ScreenSharing Chrome Plugin 030.png|700px|link=]] Click on "Erweiterung hinzufügen" (1). [[#top|-> Table of Contents (of this manual)]] [[File:105 ScreenSharing Chrome Plugin 040.png|700px|link=]] Click on logo for settings (3 horizontal lines) (1). [[#top|-> Table of Contents (of this manual)]] [[File:105 ScreenSharing Chrome Plugin 050.png|800px|link=]] Click on "Weitere Tools" (1). Click on "Erweiterungen" (2). [[#top|-> Table of Contents (of this manual)]] [[File:105 ScreenSharing Chrome Plugin 060.png|700px|link=]] The installed extensions are displayed here, including the new screen sharing extension (1). [[#top|-> Table of Contents (of this manual)]] < === exchange of SD cards ===In exceptional situations it may be necessary to replace an SD card in the TrutzBox. The following illustrations show how to replace the SD card. [[File:106 SD Karte wechseln 010.png|700px|link=]] Loosen the four screws with a small cross-head screwdriver. [[#top|-> Table of Contents (of this manual)]] [[File:106 SD Karte wechseln 020.png|700px|link=]] Pull the housing off to the front. [[#top|-> Table of Contents (of this manual)]] [[File:106 SD Karte wechseln 030.png|700px|link=]] Carefully pull out the old SD card. [[#top|-> Table of Contents (of this manual)]] [[File:106 SD Karte wechseln 040.png|700px|link=]] New SD card ... [[#top|-> Table of Contents (of this manual)]] [[File:106 SD Karte wechseln 050.png|700px|link=]] ... in setting ... [[#top|-> Table of Contents (of this manual)]] [[File:106 SD Karte wechseln 060.png|700px|link=]] ... insert as far as it will go. [[#top|-> Table of Contents (of this manual)]] [[File:106 SD Karte wechseln 070.png|700px|link=]] Push the housing back on ... [[#top|-> Table of Contents (of this manual)]] [[File:106 SD Karte wechseln 080.png|700px|link=]] ... and re-tighten the four nuts. [[#top|-> Table of Contents (of this manual)]] === Instructions for writing (fuelling) the SSD ===To reload the SSD disk installed in the Trutzbox, a "tank USB stick" must first be created, with which the built-in SSD disk can then be "fueled" with a new TrutzBox image (previous image overwritten). The tank USB stick must be 32GB in size. First download an image for the USB tank stick from https://trutzbox.de/download/Tank_V67_dev_11.zip. Unpack the file (is then approx. 19GB in size) and upload it with a PC and the program "etcher" (https://etcher.io/) to a 32GB USB stick. Use it to create a bootable USB stick. When you boot the TrutzBox with this USB stick (i.e. insert the tank USB stick into the TrutzBox before the TrutzBox boot), a program is started from the USB stick which copies a TrutzBox image from the USB stick to the built-in storage medium in the TrutzBox. < The copy program outputs information via the TrutzBox LEDs with which you can check the copy process. < '''Description of the LED signals (LEDs on the front of the TrutzBox; LED 1 is left): ''' <table border="1" width="750"><tr><td width="250">'''LEDs 1, 2, 3'''</td><td width="500">'''Meaning'''</td></tr><tr><td width="250">1 an; 2,3 aus</td><td width="500"> Trutzbox booting</td></tr><tr><td>1 on; 2 blinking; 3 off</td><td>Search USB stick</td></tr><tr> <td>1,2 on; 3 blinking</td><td>Search target medium (SD card or mSSD)</td></tr><tr>dtd>1,2,3 from left to right</td><td>Write image to target medium (takes a long time with old TrutzBox, since USB2 is still..., on new TrutzBox with USB3 stick approx. 5-10min)</td></tr><tr>dtd>3.2.1 from right to left</td><td>Check written data (with old TrutzBox, since USB2 is still very long..., on new TrutzBox with USB3 stick approx. 5-10min)</td></tr><tr><td>1,2,3 blink synchronously,3*beeps</td>dtd>successfully completed, box turns off in 30sec </td></tr><tr><td> </td><td> </td></tr><tr><td>.</td><td> </td></tr><tr><td>'''Error'''</td><td> </td></tr> <tr><td>outside inside rhythm: 1 on, 2 off, 3 on 1 off, 2 on, 3 off</td><td> Error display is shown together with beep every 60 seconds. Copy did '''not''' work.</td></tr></table> Then remove the TrutzBox from the power supply, remove the USB stick, reconnect the TrutzBox to the power supply and run the TrutzBox setup again.Please note that the TrutzBox generates new certificates during setup. Therefore, you must delete the previously imported certificates on your mobile devices before setup. It may happen that the TrutzBox does not want to boot from the USB stick when "refuelling". Then only a serial cable helps to connect to the TrutzBox and adjust the boot order with a terminal in the TrutzBox-BIOS. Or remove the storage medium and send it to us. [[#top|-> Table of Contents (of this manual)]] === Installation and start of PuTTY (terminal program under Windows) ===As an alternative to Webmin, it may be necessary to execute commands directly on the Trutzbox via SSH (secure shell). A terminal program is required for this. Under MacOS, a terminal application is already available by default and can be searched for and started there in Spotlight with "terminal". Under Windows, the "PuTTY" terminal program must first be installed. < The installation and use of PuTTY ''under Windows''' is described below. < Calling of: https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html [[File:10 08 PuTTY 010.png|700px|link=]] * Click on (1), falls 32-Bit System, oder …* Click on (2), falls 64-Bit System. [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 020.png|300px|link=]] * Click on "Datei speichern" (1). [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 030.png|700px|link=]] * PuTTY Installer downloaded to download directory (1). [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 040.png|700px|link=]] * Change to the download directory.Double click on PuTTy Installer (1). [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 050.png|500px|link=]] * Click on "Next" (1). [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 060.png|500px|link=]] * Change the destination directory (1), and/or ...* Click on "Next" (2). [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 070.png|400px|link=]] * Click on "Install" (1). [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 080.png|500px|link=]] * PuTTY is being installed ... [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 090.png|500px|link=]] PuTTY is now installed and can be called and started in the program directory ...''' [[#top|-> Table of Contents (of this manual)]] '''... to simplify the call, a desktop shortcut can also be set up:''' [[File:10 08 PuTTY 100.png|700px|link=]] * Right-click on desktop surface (1).* Click on "Neu" (2). * Click on "Verknüpfung" (3). [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 110.png|700px|link=]] * Click on "Durchsuchen..." (1). Click through to the PuTTY directory and there to the PuTTY application: C: -> Program Files -> PuTTY [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 121.png|300px|link=]] * Click on PuTTY-Programm (1).* Click on "OK" (2). [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 130.png|700px|link=]] * Click on "Weiter" (1). [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 140.png|700px|link=]] * If desired, enter another name and/or ... (1).* Click on "Fertig stellen" (2). Shortcut from desktop to PuTTY program is now set up and PuTTY can be called from desktop by double-clicking the shortcut icon...''' [[#top|-> Table of Contents (of this manual)]] '''The call is made as follows:''' [[File:10 08 PuTTY 150.png|400px|link=]] * Double-click on desktop on shortcut icon (1). [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 160.png|400px|link=]] * Click on "SSH" (1).* Enter "trutzbox" as host name and port "22“ (2).* Click on "Open" (3). [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 180.png|600px|link=]] * To log in: Enter "admin" (1).*... and press the Return key (2). [[#top|-> Table of Contents (of this manual)]] [[File:10 08 PuTTY 190.png|600px|link=]] * Enter the Trutzbox admin password as the password and press the Return key (1).Then enter the command(s) named by Comidio ... (2). [[#top|-> Table of Contents (of this manual)]] == Access and passwords == The following accesses and passwords are used chronologically to operate and use the TrutzBox®: '''Registration on website (for purchase TrutzBox®)'''invocation: comidio.de -> Login / Register (https://comidio.de/mein-konto) <table border="1" width="750"><tr><td width="375">'''Name'''</td><td width="375">'''Password'''</td></tr><tr><td> Existing e-mail address of the prospect / customer</td><td> assigns the user by entering </td></tr></table><table border="1" width="750"><tr><td width="750">Purpose:*serves to authenticate the user,*is required after a one-time registration for access ("login") to customer account.</td></tr></table> '''Setting up the TrutzBox ®'''Call: http://trutzbox <table border="1" width="750"><tr><td width="375">'''Name'''</td><td width="375">'''Password'''</td></tr><tr><td>„ admin"; automatically created by TrutzBox®</td><td> user assigns by entering </td></tr></table><table border="1" width="750"><tr><td width="750">Purpose:*is used to authenticate the TrutzBox® Administrator,*required by the administrator for later administration of the TrutzBox.</td></tr></table> <table border="1" width="750"><tr><td width="375">'''Name'''</td><td width="375">'''Password'''</td></tr><tr><td>TrutzKennung(see the document "TrutzLegitimierung")</td> <td>TrutzSchlüssel(see the document "TrutzLegitimierung")</td> </tr></table><table border="1" width="750"><tr><td width="750">Purpose:*is used for authentication of TrutzBox® Rights and TrutzMail Services,*is only required for installation (and if necessary, for factory reset) of the TrutzBox®.</td></tr></table> '''Administration of the TrutzBox® (e.g. create e-mail address)'''Call: http://trutzbox<table border="1" width="750"><tr><td width="375">'''Name'''</td><td width="375">'''Password'''</td></tr><tr><td>( not required; is automatically "admin")</td>when setting up the TrutzBox® defined password </td></tr></table><table border="1" width="750"><tr><td width="750">Purpose:*is used to authenticate the TrutzBox® Administrator,*required by the administrator for administration of the TrutzBox®.</td></tr></table> [[#top|-> Table of Contents (of this manual)]]Administration of the Comidio accountCall: comidio.de -> Login / Register (https://comidio.de/mein-konto)<table border="1" width="750"><tr><td width="375">'''Name'''</td><td width="375">'''Password'''</td></tr><tr><td> E-mail address used for registration (by interested parties)</td><td> Password defined at registration (by interested parties) </td></tr></table><table border="1" width="750"><tr><td width="750">Purpose:*serves to authenticate the user,*is required after a one-time registration for access ("login") to customer account.</td></tr></table> == Information and statements == === Headline information that PGP- and S/MIME-encrypted emails are no longer secure ===

~~===== (Windows PC: Browser Internet Explorer on Microsoft Windows 7) =====~~'''The last few days have seen headlines saying that PGP and S/MIME encrypted emails are no longer secure. This raises the question of whether this also applies to the TrutzBox.'''

First, a brief explanation of how attackers can read traditional PGP or S/MIME encrypted emails: The prerequisite is that the attacker can intercept and manipulate the encrypted e-mail during transmission. Since with conventional e-mail transmission at least both the sender's and the recipient's e-mail provider are able to do this, this prerequisite is always met.

The attacker then inserts a link into the encrypted e-mail that is retrieved by the e-mail client and thereby sends the e-mail to the attacker after decryption. Details about this attack scenario here: https://www.efail.de/

~~===== Apple Mac: Browser Safari on Apple iOS =====~~

~~[[File:Proxy einrichten 050 Safari auf Mac 010.png|700px|link=]]~~

* Under iOS, click on -> Systemeinstellungen –> Netzwerk and -> WLAN.

* Click on "Proxies" (1) and activate there under Protocol to be configured: "Autom. Proxy-Konfiguration" (2).

* Enter "<nowiki>http://trutzbox/api/proxy/pac</nowiki>" (3) in the URL field on the right.

* Check or tick the box for"Passiven FTP-Modus (PASV) verwenden" (4).

* Confirm by clicking on"OK" (5).

~~ [[#top|~~'''How does e-~~> Table of Contents (of this manual)]] ~~mail work with TrutzBox?'''

~~===== Apple Mac~~The TrutzBox is a server that can also send and receive secure e-mails. When designing the TrutzBox, we attached great importance to the fact that communication via the TrutzBox is not only easier to use, but also offers even more privacy than PGP-encrypted e-mails. This was achieved by TrutzBoxes exchanging their e-mails via Tor hidden services. In contrast to PGP-encrypted e-mails, the TrutzBox offers the following advantages if both sender and recipient have a TrutzBox: ~~Browser Firefox on Apple iOS ========== iOS Smartphone/Tablet: Browser Safari on Apple iOS =====~~

~~[[File:Proxy einrichten 100 iOS Smartphone Tablet 010.png|300px|link=]]~~

~~ ~~

~~Click on "Einstellungen".~~

~~ ~~

~~[[File:Proxy einrichten 100 iOS Smartphone Tablet 020.png|300px|link=]]~~

~~ ~~

~~Click on "WLAN".~~

~~ ~~

~~[[#top|-> Table of Contents (of this manual)]]~~

~~ ~~

~~[[File:Proxy einrichten 100 iOS Smartphone Tablet 030.png|300px|link=]]~~

~~ ~~

~~Click on "i" of the WLAN connection of the active Internet router.~~

~~ ~~

~~[[File:Proxy einrichten 100 iOS Smartphone Tablet 040.png|300px|link=]]~~

~~ ~~

~~Scroll down and click on "Auto" in the "HTTP-PROXY" area.~~

~~ ~~

~~[[#top|-> Table of Contents (of this manual)]]~~

~~ ~~

~~[[File:Proxy einrichten 100 iOS Smartphone Tablet 050.png|300px|link=]]~~

~~ ~~

~~Enter the address"<nowiki>http://trutzbox/api/proxy/pac</nowiki>" in the "URL" input field (1.) and confirm your entry by clicking on "WLAN" (2.).~~

~~ ~~

~~[[File:Proxy einrichten 100 iOS Smartphone Tablet 060.png|300px|link=]]~~

~~ ~~

~~Exit "Einstellungen" by pressing the menu button.~~

~~ ~~

~~[[#top|-> Table of Contents (of this manual)]]~~

~~ ~~

~~===== Android Smartphone/Tablet: Standard Browser~~ *the key management is fully automatic. The user never comes into contact with any keys. Unlike PGP-encrypted emails, which require manual key management on ~~Google Android =====~~all devices in use.

~~Setting up a proxy under Android. The screens may vary slightly depending~~ *no extension is necessary on the ~~Android device~~end devices (e-mail clients).~~ Switch to "Preferences"~~ All email clients can still be used in ~~Android ...~~ ~~ [[File:Proxy einrichten 080 Smartphone Android 010.png|300px|link=]] ... and select "WLAN“. [[File:Proxy einrichten 080 Smartphone Android 020.png|300px|link=]] Hold down the selected WLAN (here: "rhg_1") until a new menu appears~~their full functionality.

~~"Press "Change network". [[File:Proxy einrichten 080 Smartphone Android 030.png|300px|link=]] Press „Erweiterte Optionen“ and then open „Proxy“. ~~ ~~[[File:Proxy einrichten 080 Smartphone Android 040.png|300px|link=]] Select „Autom~~*an attacker who can monitor Internet communication cannot see that an e-mail is being exchanged here, nor which IP addresses are communicating here. ~~Proxy~~With PGP-~~Konfig.“. [[File:Proxy einrichten 080 Smartphone Android 050~~encrypted emails, anyone who has access to the mail servers or Internet connections can read all meta data of the mail.~~png|300px|link=]] On "PAC-URL" enter: <nowiki>http://trutzbox/api/proxy/pac</nowiki>~~

~~Then click on "SPEICHERN". ===== Microsoft Windows 10 =====~~*for security reasons the TrutzBox always encrypts e-mails additionally with PGP

~~Configure Automatisches Proxy~~*since the TrutzBoxes exchange e-~~Script for Microsoft Windows 10~~ mails via the Tor network and there is no "e-mail provider" in ~~Edge: In Edge~~between, ~~select "Einstellungen" and go all~~ no third party can change the ~~way down. [[File:080 Proxy einschalten 010.png|300px|link=]] Click on „Erweiterte Einstellungen anzeigen". [[#top|~~e-~~> Table of Contents (of this manual)]] [[File:080 Proxy einschalten 020.png|300px|link=]] Click~~ mail on ~~"Proxyeinstellungen öffnen". [[#top|-> Table of Contents (of this manual)]] [[File:080 Proxy einschalten 030.png|700px|link=]] Set~~ the ~~„Setupscript verwenden“ switch to „Ein“. In the field „Scriptadresse" enter <nowiki>"http://trutzbox/api/proxy/pac"</nowiki> and click on „Save“~~move.~~ ~~

~~[[#top|~~As a result of this last point: if the communication partner also has a TrutzBox, the e-~~> Table of Contents (of~~ mail cannot be manipulated while on the move and is safe from this ~~manual)]] ~~attack,

~~==== Connect~~ These same features are also used by the chat function of the TrutzBox.Due to this increased security against PGP, the ~~device directly via WLAN (or LAN) with~~ TrutzBox~~® (Transparent-Modus) ====~~is also used by journalists, doctors, lawyers... which require special protection.

If the communication partner does not have a TrutzBox, the TrutzBox can also send and receive PGP-encrypted e-mails via normal mail servers and automatically encrypt and decrypt them. In this case, the email client retrieves the decrypted email from its TrutzBox.

~~Now connect your PC~~ But since in this case the PGP-encrypted mail is exchanged with a normal e-mail account, it can be manipulated on the way. The TrutzBox decrypts the mail correctly anddoes not send any mail to the attacker, but if ~~necessary~~the e-mail program on the client is configured to load references from the e-mail, ~~other Internet~~then the attacker would also receive the mail from the e-~~enabled devices via wired network (LAN) or wireless network (WLAN)~~ mail client.If, as in this attack, the mail was tampered with on the way, the TrutzBox~~®~~would detect this, however, since it cannot verify the signature and would mark the mail accordingly.

~~ Switch WLAN connection from PC~~ However, it is quite easy to ~~Internet router to PC to TrutzBox®:~~fend off this attack. To do this, simply deactivate automatic reloading in the e-mail program.

~~[[File:20150624 Bild TrutzBox WLAN Wechsel V02.png|700x700px|link=]]~~ To do this, click the WLAN icon in the notification area on the right of the task bar (1.). When selecting wireless network connections, click (2.) on your TrutzBox® SSID (WLAN name assigned under 4.6 when setting up). Then click on "Connect" (3.) and enter the WLAN password in the window that appears (4.). By clicking on "OK" (5.) the confirmation (6.) appears. ~~[[File:Umschalten auf WLAN2.png|700px|link=]]~~ ~~From now on you use TrutzBrowse, TrutzContent and TrutzBase.~~ ~~=== TrutzBox®-network ===~~ To ensure maximum security for the devices connected to the TrutzBox®, the TrutzBox® sets up its own network separate from the Internet router. A DHCP server gives the connected devices a new IP address from the range 192.168.195.50 to 192.168.195.199. A separate DNS server (dnsmask) forwards the name resolution for the connected devices to the DNS server of the Internet router. ~~The TrutzBox® takes over the routing between the TrutzBox® internal network (WLAN, LAN-Int1 and LAN-Int2) and the TrutzBox® external network (Lan connection "LAN-Ext").~~ ~~The TrutzBox® itself has the IP address 192.168.195.200 in the internal network. The IP address of the TrutzBox® is obtained from the Internet router when it is started.~~ ~~ [[File:63 Netzwerk 010.png|700px|link=]] ~~A permanently assigned (static) IP address from the range 192.168.195.50 to 192.168.195.199. can also be assigned to a connected device. Subnet mask is then 255.255.255.0, the router and DNS server IP address is 192.168.195.200.~~ [[#top|-> Table of Contents (of this manual)]]~~ ~~==== Firewall ====~~A Statefull-Inspection Firewall has been installed to provide additional protection for both the TrutzBox® and the internal network connected to it. This not only protects the TrutzBox® itself from unauthorised access to the network side, but also blocks external attackers. In addition, the firewall protects all connected network devices against uncontrolled network access via appropriate port shares. < ~~The firewall used is a Stateful Packet Inspection Firewall (SPI), i.e. each data packet is assigned to a specific active connection (session):~~ * All devices connected to the internal network are bridged so that they can communicate with each other without restriction. * All connected devices can establish connections to "extern" (LAN-Ext) on all ports. If a device on the internal network wants to access a device on the Internet router (external network), then a fully qualified host name must be used (e.g..fritz.box must be appended). All connections via port 80/443 are automatically routed via the TrutzBox® Proxy (filter), which then controls incoming and outgoing data. * An external connection to the TrutzBox® is only enabled for special ports* Establishing a connection from the external network to the internal network is not enabled and is therefore not permitted. ~~ [[File:63 Netzwerk 020.png|700px|link=]] The TrutzBox® Administrator can open additional ports as required. < ~~The firewall is based on the open source firewall "iptables". In addition, the Shorewall Firewall package is provided as an add-on to provide experts with additional functions such as simplified user guidance or zone setup.~~ ~~[[#top|-> ~~Table of Contents~~ Inhaltsverzeichnis (~~of this manual~~dieses Handbuchs)]]

Fox

Bureaucrats, Administrators

5,562

edits

Comidio β

Changes

Trutzbox Manual

Comidio ^β