The update file "FRITZ.Box_4040-07.29.image" on ftp.avm.de contains the latest FRITZ!OS (Firmware) for the FRITZ!Box 4040. **Attention:** This update file is only intended for use with FRITZ!Box 4040! Please follow the instructions at the end of this file to install the update. ``` Product: FRITZ!Box 4040 Version: FRITZ!OS 7.29 Language: German, English, French, Italian, Polish, Spanish Release date: 24/11/2021 ``` # Top functions of FRITZ!OS ------------------------------------------------------------ - Priority for working from home - Easy to enable prioritization of a computer for internet access - FRITZ!Fon displays weather forecast on the start screen (currently only available for germany) - FRITZ! Smart Home now supports DECT compatible roller shutters - Smart Home: Lightsequence "Wakeup/Sleep" for FRITZ!DECT 500 and compatible DECT LEDs - Smart Home: TOP - Perfect indoor climate with FRITZ!DECT 440 - humidity information at a glance - For FRITZ!Box's integrated fax machine: Log of received and sent faxes - Telefony: TOP - Many improvements to user interface for using the telephone book, call diversion and call blocks ------------------------------------------------------------ # New features of FRITZ!OS 7.27 Internet: NEW - Prioritization of a home network device can now be enabled on the FRITZ!Box user interface NEW - Device block makes it easy for internet access to be switched on and off for individual devices in the parental controls NEW - When parental controls are enabled, settings and ticket entry are displayed when the user interface (fritz.box) is opened NEW - Support for encrypted resolution from domain names to IP addresses (DNS over TLS) NEW - Simplified configuration for 1&1 connections without entry of 1&1 start code Wireless: NEW - Encryption according to the new WPA3 standard (including Wi-Fi guest access, connections to Mesh Repeaters and internet access via Wi-Fi with SAE) NEW - An open Wi-Fi network can be offered at the Wi-Fi guest access, in which only data are transmitted in encrypted form (Enhanced Open/Opportunistic Wireless Encryption, OWE) Mesh: NEW - Performance Mesh Steering improves Wi-Fi connections for terminal devices that are used from on the go NEW - Mesh auto-channel: Accounts for the Wi-Fi environment of the Mesh Repeater in selecting the best Wi-Fi channel for the entire Mesh Home Network: NEW - Network devices with blocked internet access (device block or parental controls) are marked in the entire user interface NEW - Network passwords for the powerline network can be changed on FRITZ!Powerline connected directly (via LAN) USB: NEW - The SMBv3/v2 protocol of the Windows network drive function is supported by default; optionally, SMBv1 can still be supported System: NEW - Users supported in becoming acquainted with FRITZ!Box functions with welcome page NEW - Time period for automatic updates can be defined Mobile Communications: NEW - Expanded failover protection to automatically switch to an internet connection using the mobile broadband modem when the internet connection via the DSL or WAN connection fails Internet: NEW - Prioritization of a network device above all others; this property can be enabled in the "Details" of the device in the home network [1] System: NEW - Change visibility of password during assignment and entry (eye icon) NEW - Data backup for internal storage (ring tones, images, voice messages) ----------------------------------- # Additional improvements in FRITZ!OS 7.29 ## Internet: - **Improved** List of trusted certification authorities updated - **Improved** When internet access to storage media via FTP/FTPS is enabled, the randomly preselected port number is displayed ## Telephony: - **Fixed** Restricted availability by telephone when using telephony via IPv6 - **Improved** Encrypted telephony more robust against lost connections - **Improved** Enhanced interoperability for use of encrypted telephony ## USB: - **Improved** compatibility with MacOS 12.0 "Monterey" - **Improved** compatibility with several older devices (printers, scanners) ----------------------------------- # Additional improvements in FRITZ!OS 7.28 ## System: - **Improved** Increased stability ## Wi-Fi: - **Improved** Better stability ## USB: - **Fixed** No network drive connection (SMB) was possible with macOS Big Sur Version 11.3 # Further Improvements of FRITZ!OS 7.27 ## Internet: - **Improved** Deutsche Telekom: Automatic configuration of telephone numbers (EasySupport) for connection via WAN/LAN 1 with a fiber optic modem - **Improved** Assignment to devices added to the access profile settings in the parental controls - **Improved** Device status (active/not active) is displayed in the selection of devices for port sharing - **Improved** Clearer display of port sharing overview on mobile devices - **Improved** Independent port sharing settings for a device are now permitted when the request was made over IPv6 for the IPv4 address of the device - and vice versa - **Improved** Event message when port 80 temporarily released for sharing in order to issue certificate for letsencrypt.org - **Improved** DNS over TLS (DoT) more robust - **Improved** Message upon failed ticket entry (parental controls) - **Improved** Display and modification of the IPv6 Interface ID under "Home Network / Network / Network Connections" - **Improved** Any domain name can be used to address a VPN remote peer, not just MyFRITZ! domain names - **Improved** NetBIOS permission can be configured individually for a single VPN connection - **Improved** Ticket for parental controls can be entered before start of online block, so that usage time can be extended without interruption - **Improved** Additional links from the user interface in the online help for IPv4 and IPv6 routes under "Network Connections" - **Improved** Optimized display of the DSL/Fiber information in the user interface - **Improved** IPv6 prefix delegations and IPv6 subnets are displayed under "Home Network / Network / Network Settings" - **Improved** IP address range for guest network increased to up to 253 devices - **Improved** Incorrect configuration by using the same network address on both sides of a LAN-LAN linkup for VPN prevented - **Improved** Access to the myfritz.net domain for a downstream FRITZ!Box registered with MyFRITZ! allowed from the home network - **Improved** Greatly improved performance for VPN - **Improved** In the context of encrypted name resolution (DNS over TLS, DoT), SNI (Server Name Indication) is supported - **Improved** Support for multiple DNS queries over a single TCP connection - **Fixed** Option for "PPPoE Passthrough" missing under "other providers" - **Fixed** "Diagnostics / Function" showed wrong error message for MyFRITZ! registration for FRITZ!Boxes in IP client mode - **Fixed** Defective links behind "MyFRITZ!" under "Diagnostics / Security" - **Fixed** VPN connection name was not displayed in network connections and Mesh Overview - **Fixed** In the VPN overview table "local network" was missing and "remote network" left empty - **Fixed** Devices that are connected to a downstream router via IPv6 prefix delegation received no IPv6 internet connection when parental controls were enabled - **Fixed** Devices that are connected to a downstream router via IPv4 static routes received no IPv4 internet connection when parental controls were enabled - **Fixed** Port sharing for different devices with the same name could not be created - **Fixed** Adaptations of DSL line speed were no longer accounted for after restart - **Fixed** Occasional restarts of FRITZ!Box during many parallel FTP transmissions over WAN - **Fixed** Problems with umlauts in the parental control filter lists - **Fixed** Guest network lock in the parental controls did not lock reliably - **Fixed** No automatic Wake on LAN (WoL) via VPN - **Fixed** Prioritization settings for devices with the "Everything except surfing and mail" access profile were no longer applied after rebooting - **Fixed** In certain scenarios, IP client operating mode could not be configured correctly via LAN with DHCP - **Fixed** Formatting errors occured in the configuration of IPv6 routes - **Fixed** Display corrected in the port sharing overview - **Fixed** After activating DNS over TLS (DoT) and longer run times, certain websites could no longer be resolved - **Fixed** After update of FRITZ!OS 7.03 or older, the IP address was not refreshed on MyFRITZ!Net (DynDNS) - **Fixed** Repeated dropping and reestablishment of VPN connections after automatic disconnection - **Fixed** IPv6: After the home network prefix was refreshed, invalid IPv6 addresses for guest access were not deleted - **Fixed** Changes to access profiles were sometimes rejected groundlessly with the error message "The list of blocked network applications with this ID already exists." - **Fixed** "PTR" type DNS queries were not always resolved correctly - **Fixed** IPv6: In IPv6 route advertisement (RA) with option 25 (Recursive DNS Server), sometimes bits from the "Reserved" field were set - **Fixed** After restoring factory settings, the first VPN connection configured no longer worked - **Fixed** After importing a configuration with an alternative LAN IPv4 network, the local DNS server remained in the old network after settings were adopted - **Fixed** The TR-064 parameter WANAccess was sometimes incorrect ("granted") when no WAN was available upon restart - **Fixed** "PTR" type DNS resolutions were not always possible - **Fixed** Sending of advanced support data did not trigger a push mail - **Fixed** When a saved configuration was adopted selectively, not all of the push mails originally configured were adopted - **Fixed** VPN connections via L2TP (e.g. in Windows 10) were unexpectedly slow - **Fixed** Device block had no effect in certain scenarios - **Fixed** When a FRITZ!Box was operated behind certain cable modems, brief interruptions of the internet connection occurred every 12 hours - **Fixed** In factory settings the first VPN connection could not be enabled for a single instance - **Fixed** Expanded failover protection with mobile dongles in modem mode did not work when using a non-functioning ADSL line - **Fixed** Expanded failover protection with mobile dongles and internet access via WAN/LAN 1 was not started under certain initial conditions present at the time of activation - **Fixed** Online Monitor for mobile communications did not always show data when "Advanced failover protection" was enabled - **Fixed** VPN connections on the basis of third-party providers were sometimes interrupted after long connection times - **Fixed** Wireless devices in the home network could not always be accessed via VPN - **Change** Unnecessary settings option for connection speed removed from "IP Client" mode - **Change** Button for changing the access profiles under the Parental Controls Overview in the user interface - **Change** First configuration simplified by removing the double query about DSL or WAN connection - **Change** Kabel BW and Unitymedia removed from provider list - **Change** "Emule" protocol removed from selection for port sharing - **Change** IP compression (data compression) is no longer supported in VPN connections ## Wireless: - **Improved** Reworked "Wi-Fi / Wi-Fi Channel" page - **Improved** Improved auto channel function after detection of interference sources (5-GHz band) - **Improved** Improved messages on Wi-Fi under "System / Event Log" - **Improved** Detection of multiple parallel WPS activations improved - **Improved** New message under "System / Event Log" when the maximum number of wireless repeaters is exceeded - **Improved** Naming of Wi-Fi guest access (SSID, preassigned) depends on selected language - **Change** In "Mesh Repeater" operating mode, only Wi-Fi networks with visible names are shown for selection of the Mesh Master - **Improved** Redesigned the print output of information on the wireless guest access - **Improved** "WPA3" option added to the encryption of the FRITZ!Box in "Mesh Repeater" operating mode - **Change** Reworked information page (for instance, after changes to Wi-Fi configuration) - **Change** WPS/PIN method removed - **Change** Outdated WPA/TKIP encryption removed - **Fixed** "Wireless / Guest access": Duration for disabling automatically could not be changed - **Fixed** Sorting by MAC addresses in "Wi-Fi / Wi-Fi Network / Security" did not work - **Fixed** "Delete" button for devices was displayed even if the device could not actually be deleted - **Fixed** PMF option no longer offered for "WPA/TKIP" encryption selection - **Fixed** Detection of interference did not work under certain rare circumstances - **Fixed** Time stamp "Wireless LAN channels used" corrected (5-GHz band) - **Fixed** Incorrect entry no longer appears in the "Event Log" when individual wireless bands were enabled or disabled manually on a FRITZ!Repeater 3000 - **Fixed** Erroneous display of bandwidth in connections with HUAWEI P30 corrected - **Fixed** After a FRITZ!OS update, the "Wi-Fi / Wi-Fi Channel" page did not show any Wi-Fi channels, and in some circumstances, no Wi-Fi networks in the environment - **Fixed** Activation of WPS immediately after the Mesh Master was started frequently led to non-DBDC uplinks to Mesh Repeaters - **Fixed** Incorrect message under "System / Event Log" for WPS during DFS wait time - **Fixed** Possible problems while registering repeaters after changing Wi-Fir encryption from "WPA2+WPA3" to "non-encrypted" - **Fixed** WPS for the Wi-Fi Guest Access did not work reliably with non-encrypted Wi-Fi - **Fixed** The legend under the "Allocation of Wi-Fi Channels" diagram was not rendered in a single line ("Wi-Fi /Wi-Fi Channels" page)) - **Fixed** Vulnerabilities in the processing of incoming fragmented frames and aggregated MPDUs (A-MPDU) fixed ("Fragatttack") ## System: - **Change** Push Service: Various corrections to content of "Change notice" email - **Improved** Configuration wizard can be interrupted and resumed - **Improved** Various usability improvements in the First Configuration wizard - **Improved** Status overview page within the first configuration - **Improved** Security query when leaving a page without saving changed settings - **Improved** Saving and restoring settings now includes telephony data from the internal storage of the FRITZ!Box (ring tones, telephone book pictures, voice messages) - **Improved** After support data have been sent to AVM, a second dispatch can be started immediately without any wait time - **Improved** A password can be made visible during entry (eye icon) in the user interface - **Improved** Corrected details in the "Diagnostics / Function" for Mesh and USB - **Change** Offer to switch to "Level III: Notify me about new versions of FRITZ!OS and install new versions automatically (recommended)" is now offered after updating only when "Level II: Notify me about new versions of FRITZ!OS and install necessary updates automatically" was previously configured - **Change** The option to log in to a FRITZ!Box (user interface) without a password, which was not recommended, is no longer supported *1 - **Change** If "only with the FRITZ!Box password" was set up for logging in to the user interface, a FRITZ!Box user with the name "fritz" and a random four-digit number together with the FRITZ!Box password will be created automatically. To log in to the user interface in the home network, entering the FRITZ!Box password is still sufficient. *2 - **Fixed** FRITZ!Box users could not be sorted in the overview - **Fixed** Access profiles with blocked applications in parental controls were not available when settings were restored - **Fixed** Number of messages in "System / Event Log" was too restricted in some areas - **Fixed** Display of installation date for the last update was incorrect in certain scenarios - **Improved** Device name displayed the same everywhere in the Mesh - **Improved** "FRITZ!Box Info" push service now includes an option for information on the "Home network" - **Improved** New menu icons for "Overview" and "Smart Home" - **Improved** "Reset" function in details of network devices for deleting all settings for this device - **Improved** Diagnostics check expanded to include "Mesh", "Internet", "DECT" and "Wi-Fi" - **Improved** FRITZ!Box support page now includes option to send support data directly to AVM - **Improved** Separate restoration of settings for the Smart Home and Telephony areas - **Improved** Modernized display of "LEDs" and other symbols throughout the user interface - **Improved** Upon the first restart after the update, activation of automatic updates is offered (auto-update level III) - **Improved** Warning on the FRITZ!Box Overview on selected settings that are not recommended - **Improved** Page structure simplified in many areas of the user interface to improve usability - **Improved** Reworked concept for navigation in the wizard for first configuration - **Improved** Overview of authorized apps in the "System / FRITZ!Box Users" area now also includes rights and time of last login - **Improved** Update information is included in event log (visible only with the next update) - **Improved** Update process optimized for automatic updates (silent update, task 60018) - **Change** WAN port can be switched as 5th LAN interface if this is not needed as a WAN connection to the internet provider - **Change** In the factory settings, the WAN port always works as a WAN interface (an existing setting as 5th LAN interface for this connection is not changed by the update) - **Change** Update setting upon delivery is now auto update level III (updates are installed automatically) - **Change** User with the name "ftpuser-internet" is deleted - **Fixed** The code of the Google Authenticator could not always be entered on the user interface ## Mesh: - **Change** On a FRITZ!Box configured as a Mesh Repeater, the option for adopting the settings in the Mesh is offered only after Mesh was enabled on this FRITZ!Box - **Improved** Improved indications about adoption of settings enabled for a FRITZ!Box as Mesh Repeater - **Improved** Rendering of DHCP host name, media server name and SMB name on Mesh Repeaters improved - **Improved** Improved text for configuration of a FRITZ!Box as a Mesh Repeater - **Improved** Better detection of terminal devices that cannot be rerouted via Mesh steering - **Improved** Notification in FRITZ!Box log when a network loop is created (for instance, simultaneous LAN and wireless connection to the same device) - **Fixed** Incorrect formatting in the mobile view of the "Mesh Settings" page on a FRITZ!Box in "Mesh Repeater" mode - **Fixed** Settings for Wi-Fi schedule could not be changed under some circumstances, if the setting "FRITZ!Box as a Mesh Repeater" was used - **Fixed** For a FRITZ!Box configured as Mesh Master, but not as router (DHCP server), name and IP address of the router could not be changed - **Fixed** Display of Wi-Fi channel bandwidth in the user interface on the Mesh Master was sometimes different on the Mesh Repeater - **Fixed** Display of FRITZ!Powerline 520/530E in the Mesh connection diagram was not correct - **Fixed** In certain cases a FRITZ!Repeater was displayed twice in the "Mesh Overview" of the FRITZ!Box - **Fixed** When telephony in the Mesh is used, telephony registration of a FRITZ!Box used as a Mesh Repeater was sometimes prevented by the Mesh Master - **Fixed** For wireless guest access the steering characteristics (11k/v) of wireless devices were not taken into account correctly (Google Pixel 2 and SAMSUNG S10) ## Home Network: - **Improved** Faster display of network connections in very large networks - **Improved** When leaving the device details a message concerning changed device names is displayed only if the name was actually changed - **Change** When an individual name is set for the FRITZ!Box, the name of the working group for home network sharing ("USB/Storage") remains unchanged - **Fixed** The section for blocking devices was displayed in the device details of guest devices even though this function is reserved for home network devices - **Fixed** Changed IP settings of the FRITZ!Box were not offered for printing - **Fixed** Time synchronization (NTP) was instable in certain scenarios ## USB: - **Improved** In fritz.nas, multiple files can be selected using the shift key - **Improved** When creating new release links on fritz.nas, the user is informed if the FRITZ!Box is not accessible from the internet - **Improved** The "USB Devices" and "Storage (NAS)" pages on the user interface were integrated into "USB/Storage" and simplified - **Change** "USB Devices" and "Storage (NAS)" menus combined under "Home Network / USB/Storage" - **Fixed** A folder released for sharing was not rendered legibly under "Sharing" - **Fixed** When uploading a file to fritz.nas by Drag & Drop, each file was uploaded twice - **Fixed** The time information "Changed On" was given incorrectly on fritz.nas if the language was not set to German in the FRITZ!Box - **Fixed** Home network sharing of a network drive (SMB) was not visible under Network in Windows Explorer - **Fixed** Data transmission via network drive function (SMB) failed with the Windows error message "STATUS_NO_MEMORY" ## Mobile Communications: - **Improved** New "Compatibility mode for mobile broadband dongles" option for generic integration of variants of known mobile broadband dongles - **Improved** Country-specific list of mobile network providers when FRITZ!Box used with a USB mobile network dongle - **Improved** Optimized details for "Advanced failover protection" setting - **Improved** Mobile network provider "Magenta Mobil" added for Austria - **Improved** Support for Huawei E3372h-320 USB mobile network dongle - **Fixed** Detail corrections to settings and status information when using mobile dongles - **Fixed** Not all of the settings for the SMS message push service could be changed - **Fixed** Received SMS messages were sometimes rendered with only partial text or with an incorrect time stamp in the push service and in "System / Event Log" ## Security: - **Improved** More detailed message about security-relevant changes under "System / Event Log" - **Improved** Display of the ports that can be reached from the home network under "Diagnostics / Security" - **Change** Waiting for the additional confirmation of a change is indicated by the flashing of all LEDs