Hey,
I fail to connect my FritzBox at home with a remote RUT200 via wireguard VPN. I have basic understanding of networking and debugging using a unix cli. I have read many forums and articles on the web, but I seem to miss something… Can you point me in the right direction?
Sorry for the long post, but I try to give all available information instead of just asking an open question:D I tried to disguise any information, which might be risky to publish on the web. I hope the naming is unambiguous.
I use a fritzbox 7530 at home creating a network 192.168.188.0/24. There is a influx database connected to this network I use for collecting data. I have a remote location generating data. I used a fritzbox 6820 at the remote location for about a year, which is connected to the internet via lte and which was connected to my fritzbox at home via wireguard vpn. Unfortunately, the lte modem of the 6820 failed regularly and did not recover without manual intervention making it useless. So I bought a RUT200. Connecting the two fritzboxes was very simple. Establishing the wireguard VPN tunnel for the RUT 200 seems to be impossible for me 
My home network is 192.168.188.0/24. The remote network is 192.168.178.0/24. As far understood various articles and forum posts, a third network is required for the vpn tunnel, which I set to 192.168.179.0/24.
Here the configuration of the FritzBox and the RUT 200. Any information not given is empty.
FritzBox
My FritzBox UI is set to German. So I translated many terms. I hope you can follow.
Online Monitor:
- Internet IPv4 and IPv6 adress → Dual Stack
WireGuard VPN:
- web ui
- There is a public key mentioned, which is not listed in the config file. It doesn’t say, what this key is relevant for.
- There is some more information on the web ui, which is identical to the content of the config file as well: preshared key, address of my fritzbox, remote network
- I didn’t tick the following fields: route all IPv4 traffic via VPN tunnel, allow netBios over this link, only certain devices shall be reachable via this tunnel
- IP Network address fritzBox: 192.168.188.1
config file
-
The config file can be exported only directly after setting up the tunnel. At a later point in time, only the information given above is displayed on the webUI. I can’t change any keys or IP addresses after creation of the setup.
-
[Interface]
PrivateKey = interfacePrivateKeyGeneratedByFritzbox
Address = 192.168.179.1/24
DNS = 192.168.188.1
DNS = fritz.box -
[Peer]
PublicKey = peerPublicKeyGeneratedByFritzbox
PresharedKey = peerPresharedKeyGeneratedByFritzbox
AllowedIPs = 192.168.188.0/24
Endpoint = asdf.myfritz.net:589298
PersistentKeepalive = 25
Teltonika RUT200
Since I fiddled around for a while, I started with a clean factory reset In the configuration wizard, I set the address of the RUT200 to 192.168.178.1.
The firmware is up to date.
The first time, I tried to set the VPN up, I had issues accessing the fritz box via its endpoint address via IPv6. So I disabled IPv6. This made the error of not reaching the fritz box to change. The error in logread was: “user.notice wireguard_monitor: VpnHome endpoint asdf.myfritz.net:58298 is not responding for 1772318880 seconds, restarting”. Trying to ping the endpoint address with an online IPv6 UDP port scanner revealed, that the fritzbox is not reachable via IPv6. I deactivated IPv6 by going to Network → WAN → mob1s1a1 → Edit → PDP type → select IPv4 from the dropdown menu instead of IPv4/IPv6
here the setup of the wireguard vpn tunnel:
- general settings
- enable: on
- private key: generalSettingsPrivateKeyGeneratedByRut
- public key: generalSettingsPublicKeyGeneratedByRut
- IP address: 192.168.179.1/24
- advanced settings
- listen port: 51820
- MTU: 1280
- Peer settings
- General settings
- public key: peerPublicKeyGeneratedByFritzbox
- endpoint host: asdf.myfritz.net
- Allowed IPs: 192.168.179.2/32
192.168.188.0/24 - rout allowed IPs: on
- Advanced settings:
- Tunnel source: Any
- pre-shared key: peerPresharedKeyGeneratedByFritzbox
- Endpoint port: 58298
- persistend keep alive: 25
- QR settings
- I haven’t changed anything here;)
- server IP: MOB1S1A1 IPv4 (some IP-Address)
- tunnel addresses: 192.168.179.2/32
- peer alllowed IPs: All IPv4 (0.0.0.0)/0
All IPv6 (::/0)
- General settings
After setting up the vpn tunnel on the RUT200 I checked the firewall zones:
- lan => wan wireguard
- Input accept
- Output accept
- Forwarding inside zone accept
- Masquerading off
- wan => Reject
- I suppose, this it not relevant for my VPN problem
- wireguard => lan
- Input accept
- Output accept
- Forwarding inside zone accept
- Masquerading on
here some output from the cli, which has been posted in other threats. I can’t find any helpful information in the results
root@RUT200:~# logread | tail -n 20
1046 Mon Mar 2 20:17:09 2026 daemon.info dnsmasq-dhcp[16261]: DHCPREQUEST(br-lan) 192.168.178.151 f8:59:71:b1:4a:22
1047 Mon Mar 2 20:17:09 2026 daemon.info dnsmasq-dhcp[16261]: DHCPACK(br-lan) 192.168.178.151 f8:59:71:b1:4a:22 johannes-Latitude-7480
1048 Mon Mar 2 20:17:09 2026 daemon.info hostapd: wlan0-1: STA f8:59:71:b1:4a:22 WPA: pairwise key handshake completed (RSN)
1049 Mon Mar 2 20:17:09 2026 daemon.notice hostapd: wlan0-1: EAPOL-4WAY-HS-COMPLETED f8:59:71:b1:4a:22
1050 Mon Mar 2 20:17:10 2026 network.info Leased 192.168.178.151 IP address for client f8:59:71:b1:4a:22 - johannes-Latitude-7480 in WiFi
1051 Mon Mar 2 20:17:15 2026 authpriv.info dropbear[31634]: Child connection from 192.168.178.151:58450
1052 Mon Mar 2 20:17:15 2026 authpriv.info dropbear[31634]: Exit before auth from <192.168.178.151:58450>: Exited normally
1053 Mon Mar 2 20:17:24 2026 authpriv.info dropbear[31639]: Child connection from 192.168.178.151:45446
1054 Mon Mar 2 20:17:29 2026 authpriv.notice dropbear[31639]: Password auth succeeded for ‘root’ from 192.168.178.151:45446
1055 Mon Mar 2 20:17:29 2026 connections.notice SSH: Password auth succeeded for root on SSH from 192.168.178.151:45446
1056 Mon Mar 2 20:18:00 2026 cron.err crond[6082]: USER wireguard pid 32174 cmd /usr/bin/wireguard_watchdog
1057 Mon Mar 2 20:18:01 2026 user.notice wireguard_monitor: VpnHome endpoint ``asdf.myfritz.net:58298`` is not responding for 1772479081 seconds, restarting
1058 Mon Mar 2 20:18:03 2026 daemon.notice netifd: Network device ‘VpnHome’ link is down
1059 Mon Mar 2 20:18:03 2026 daemon.notice netifd: VpnHome (32210): RTNETLINK answers: File exists
1060 Mon Mar 2 20:18:03 2026 daemon.notice netifd: Interface ‘VpnHome’ is now down
1061 Mon Mar 2 20:18:03 2026 daemon.notice netifd: Interface ‘VpnHome’ is setting up now
1062 Mon Mar 2 20:18:05 2026 user.notice wireguard: added watchdog cron job
1063 Mon Mar 2 20:18:07 2026 daemon.notice netifd: Interface ‘VpnHome’ is now up
1064 Mon Mar 2 20:18:07 2026 daemon.notice netifd: Network device ‘VpnHome’ link is up
1065 Mon Mar 2 20:18:09 2026 user.notice firewall: Reloading firewall due to ifup of VpnHome (VpnHome)
root@RUT200:~# ip rout
default dev usb0 proto static scope link src 10.237.62.219 metric 3
10.237.62.219 dev usb0 proto static scope link src 10.237.62.219 metric 3
192.168.178.0/24 dev br-lan proto kernel scope link src 192.168.178.1
192.168.179.0/24 dev VpnHome proto kernel scope link src 192.168.179.1
192.168.179.2 dev VpnHome proto static scope link
192.168.188.0/24 dev VpnHome proto static scope link
root@RUT200:~# wg show all dump
VpnHome generalSettingsPrivateKeyGeneratedByRut generalSettingsPublicKeyGeneratedByRut 51820 off
VpnHome peerPublicKeyGeneratedByFritzbox peerPresharedKeyGeneratedByFritzbox 77.179.241.51:58298 192.168.179.2/32,192.168.188.0/24 0 0 444 25
What am I missing?
Windy