Fritz!box Vendor Configuration File

Hello everyone!

I was wondering if anyone has succeeded in uploading a vendor configuration file on Fritz!box and if yes… how do they succeed!

Thank you!

Haven’t played with those boxes recently, but download was done via normal “vendor config” file push.

First, you upload a vendor config file via “Files” - specifiying correct OUI and ProductClass into ACS.
(I am using Web UI here to prep a “config file” and then push file to the device - as proof of concept)

A problematic part was the actual config file - it needed to be signed by AVM - as only they have the “sign” tool. At that time, they were not willing to “part with it”…
Yes, I know, stupid… but, there it is!.

In our case, we were working with FRITZ!Box 5490, software version 151.07.12.

Maybe things changed, it has been two years since then…

To my knowledge, if config file was not signed (it is a plain textfile containing configuration directives in FritzOS format), FRITZ!Box will not accept the config… But… things change…

The main issue was, that some options under “InternetGatewayDevice.*” were not writeable via TR-069. For example, creating an additional bridge interface under additional VLAN.
So we needed to implement “3 Vendor Configuration File” download…

I can inquire if AVM has finally “mastered TR-069” fully, so “vendor configs” are maybe not longer necessary…


Hello Robert!
Thanks for you response!

I have managed to create a “Vendor Configuration File” as AVM describe it. I think the edit also make a hash text in the last line to the file,based on the password that you set. This file when you upload/restore it in the Fritz!box locks the CPE to you custom configurations. For example, it start a PPPoE with default username/password on a specific vlan on the WAN port. I did that so that the customer just plug the CPE and instantly have management. Or when the customer do a factory default, I can reach the CPE and fix it.

This is the file I am trying to upload.

So, you have an AVM generated & signed file, that you uploaded to GenieACS as “3 Vendor Configuration File”, with correct OUI and ProductClass? (in my case “00040E” and “FRITZ!Box”)?

If this is so, simple “Push file” under device view should make this happen…

If it is not, than you should enable debug for this device and check the debug log.

Under Admin->Config, add/edit variable “cwmp.debug” and set condition containing device id (SQL like syntax) like this screenshot:

This should provide additional info in case upload is not successful.
Don’t remember, but is it possbile do gain shell access into Fritz!Box? Could help to determine WHY config does not get applied. If that is the case… of course…


The syntax listed here is not correct. The value should be of the form: DeviceID.ID = "e82c6d-963167GWV_004R-SR516AA0C0%2D0009742"

It still works for me, just checked, running 1.2.8.

Maybe newer versions no longer allow this “abbreviation”?

I stand corrected. I didn’t realize this was permitted syntax.

I am just interested, do you have an example of how to create the vendor configuration file for FRITZ!Box?
If you prefer, you can also send it via direct message.

By the way, if I recall correctly, it is now possible to bridge a vlan from wan to a lan port over TR069 without the vendor configuration file.

Hello Jonas,

just seen your comment regarding better TR-069 behavior with FRITZ!Box - can you provide firmware version where this is solved?

My last encounter with Fritz was running 151.07.12 (on 5490 model), still running IGD (InternetGatewayDevice) aka TR-098 data model - and creating a L2 VLAN between WAN port and a LAN port was not possible via TR-069.

Hello Git-neo-si,

It is possible to make new bridges and vlans through TR-069… I think you should “InternetGatewayDevice.X_AVM-DE_AdvancedSettings.LANBridges_GUI_hidden” false in order to create new vlans…


No, that mentioned option only enables LAN bridge creation via web interface. TR-069 part is still limited - for example, creation of bridges not possible.

But maybe newer firmware solved this issue. Unfortunately, currently have no FritzBox in the lab to re-test.