The update file "FRITZ.Box_4040-07.56.image" on ftp.avm.de contains the latest FRITZ!OS (Firmware) for the FRITZ!Box 4040. **Attention:** This update file is only intended for use with FRITZ!Box 4040! Please follow the instructions at the end of this file to install the update. Product: FRITZ!Box 4040 Version: FRITZ!OS 7.57 Language: English, Dutch, French, Italian, Polish, Spanish Release date: 09/04/2023 **New features:** ------------------------------------------------------------ - FRITZ!OS 7.56 - with over 150 new functions and useful improvements - Mesh Wi-Fi now with dynamic smart repeating for better performance in the home network - VPN with WireGuard technology: Simple, fast, and secure connection to the home network from anywhere (not for FRITZ!Box 6490, 6590) - New energy-saving mode can be switched on upon request - Simplified replacement of a FRITZ!Box with new wizard - The user interface was fine-tuned and rounded out with comprehensive "Help and Info" - Many new functions for the MyFRITZ!App and FRITZ!App Smart Home (iOS/Android) ------------------------------------------------------------ With each FRITZ!OS update, AVM also updates its security functions. Therefore we recommend performing the update for all devices. ------------------------------------------------------------ Below you find a complete list and descriptions of the new functions in the latest FRITZ!OS, along with a list of further improvements in this version. --- # New functions of FRITZ!OS 7.56 ## Internet: **NEW** Automatic prioritization provides for fairly distributed data rates throughout the entire FRITZ!Box network (home network and guest network) **NEW** VPN with WireGuard for simple setup of fast, secure VPN connections **NEW** The MyFRITZ! direct connection allows you to receive information on the FRITZ!Box in real time on MyFRITZ!Net. ## Mesh: **NEW** In Mesh Repeater operating mode, connections to the Mesh Repeater with multiple Wi-Fi bands are now possible (FRITZ!Box only, not Repeater) ## USB: **NEW** Support for storage media formatted in exFAT ## System: **NEW** "Help and Info" in the user interface: A completely overhauled help function with many instructions based on user scenarios and a strong search engine **NEW** In the new energy-saving mode, Wi-Fi, LAN and USB use even less power for slightly reduced performance  **NEW** New wizard transfers all important Internet, telephony, and WLAN settings as well as connections to mesh, telephony, and smart home devices to a new FRITZ!Box   ## Powerline: **NEW** 24-hour information summary about energy savings through automatic switching to an energy-saving transmission mode (powerline repeater only) ## FRITZ!Apps: **NEW** MyFRITZ!App offers the option to enable prioritization for internet access on each home network device **NEW** MyFRITZ!App allows home network devices to be renamed **NEW** MyFRITZ!App allows a MyFRITZ! account to be created for MyFRITZ! internet access to the user interface of the FRITZ!Box (for iOS) **NEW** FRITZ!App Smart Home supports scenes and the enabling and disabling of routines **NEW** FRITZ!App TV allows the TV function (DVB-C) and station search to be enabled for FRITZ!Box Cable devices ------------------------------------------------------------ # Further Improvements of FRITZ!OS 7.57 ## System: - **Fixed** stability and security increased # Further Improvements of FRITZ!OS 7.56 ## Internet: **Improved** When the DNS server of the internet provider (or the listed DNS server) is interrupted, automatic switch to the public DNS server **Improved** Failure detection via DNS validation added for "Expanded failover protection" **Improved** FRITZ!Box services (SMT, FTP, IGD and TR-064) offered via Bonjour or mDNS **Improved** Unwanted queries from certain IP addresses to FRITZ!Box services can be blocked with the new IP block list **Improved** "QUIC" added to the internet protocols supported by parental controls **Improved** When internet access to storage media via FTP/FTPS is enabled, the randomly preselected port number is displayed **Improved** Support for VPN user dial-in for Android mobile telephones and tablets with IKEv2 IPSec (preshared key) **Improved** Optimized upload and download speeds by adjusting the TCP segment size (MSS clamping), now also for IPv6-based connections **Improved** IPv4 VPN connections (IPSec) can be tunneled via IPv6, for instance to reach FRITZ!Box devices on DS Lite connections (IP6 tunnel for IPv4, IPv4-inIPv6)  **Improved** VPN packet acceleration supported in IPSec **Improved** In the user interface, an image now illustrates the different types of VPN connections **Improved** No publication of IPv4 address to MyFRITZ!Net on dual-stack connections with carrier-grade NAT; MyFRITZ! address always resolved here into the IPv6 address **Improved** After a restart, the FRITZ!Box refreshes its IP address with MyFRITZ!Net immediately (DynDNS update) **Improved** A FRITZ!Box in "Mesh Repeater" mode is automatically registered with the MyFRITZ! account of the Mesh Master **Improved** IPv6 on the FRITZ!Box enabled by default for all internet connections **Improved** FRITZ!Box can be operated on IPv6-only connections **Improved** Support for IPv6 during prioritization of network applications and prioritization of a home network device **Improved** The IPv6 Interface Identifier used on the WAN port is chosen at random **Improved** Improved tips and error messages on sharing ports on DSL Lite connections with PCP support **Improved** Data traffic from Wi-Fi calling (VoWifi) with smartphones prioritized over the FRITZ!Box internet connection **Change** Predefined selection of DynDNS providers replaced by a general settings option **Change** The "IPv6" tab is displayed for IPv6-only connections **Change** Support for the User Service Platform specification (USP, Broadband Forum TR-369) and configuration on the "Provider Services" tab **Change** When a new port sharing setting is created, the outdated "eMule" application is no longer listed **Change** Outdated entries removed from the provider list for internet access **Fixed** The ICMP identifier for pings was set to 0 by the FRITZ!Box in some rare cases **Fixed** The FRITZ!Box could send an invalid Phase1 ID for VPN user dial-in via IPSec **Fixed** The entry field for the IPv6 LAN prefix was too small **Fixed** The IPv6 address could not be entered manually for IPv6 port sharing **Fixed** Devices in the guest network with a captive portal were not connected to the internet via IPv6 **Fixed** IPv6: When SLAAC was used and the DHCPv6 server was disabled in the FRITZ!Box, after a restart IPv6 could not longer be used in the home network **Fixed** In individual cases, deletion of a port sharing setting deleted additional port sharing settings of the same device **Fixed** VPN connections (IPSec) to StrongSWAN via IPv6 failed under some circumstance **Fixed** VPN connections (LAN-LAN) could not be saved without a name **Fixed** In some scenarios the FRITZ!Box's NTP server did not work after re-establishing the internet connection **Fixed** Under certain circumstances, not all DNS servers made available by the provider were used ## Wi-Fi: **Improved** When a radar event is detected, the system attempts to hold the channel with reduced bandwidth **Improved** When encryption on the Mesh Master is changed to "non-encrypted", activation of the 5-GHz Wi-Fi network is ensured and wireless devices are correctly deregistered if necessary **Improved** Data rates increased when exchanging data with certain wireless devices **Improved** The legend below the "Allocation of Wi-Fi Channels" diagram on the "Wi-Fi / Wi-Fi Channels" page is now displayed in a single line **Improved** Optimized automatic channel selection when checking for prioritized use in the 5-GHz Wi-Fi network **Improved** The adjustment of radio channel settings in the 5-GHz frequency band now allows all channel numbers to be selected **Change** New message under "System / Event Log" when a new session key was negotiated (encrypted connections compliant with the WPA3/SAE standard) **Change** Restructuring of the "Wi-Fi > Wi-Fi Network", "Wi-Fi > Security", and "Wi-Fi > Wi-Fi Channel" pages **Change** MAC address filters are limited to a maximum of 128 entries **Fixed** On the user interface for the "Wi-Fi Guest Access", starting the WPS quick connection was linked with the "Wi-Fi / Security / WPS" page **Fixed** Incorrect information when Wi-Fi disabled when "Internet connection via Wi-Fi" is selected **Fixed** The period for displaying the load on the Wi-Fi channel could not be changed in the user interface when the 2.4-GHz Wi-Fi network was disabled **Fixed** Sorting of "Other Wi-Fi Networks in Your Vicinity" table by name did not always work reliably ("Wi-Fi / Wi-Fi Channel" page) **Fixed** Preset name for Wi-Fi guest access linked to the language selection **Fixed** When a WPS quick connection was started during the check for higher-priority users (e.g. radar), an incorrect message could be displayed under "System / Events" **Fixed** Mesh Repeater operating mode: The "Select Wi-Fi Network" list did not display invalid Wi-Fi network names (SSID) ## Mesh: **Improved** Higher data throughputs in the Mesh Wi-Fi possible thanks to dynamic smart repeating **Improved** Display of home network connections on the "Mesh" page of the user interface responds more quickly to changes **Improved** Home network devices (e.g. printers or NAS) displayed in the "Mesh Overview" can be opened directly by link **Improved** Changed country and language settings of the Mesh Master are automatically transmitted to the Mesh Repeater **Improved** New message in "System / Event Log" when FRITZ!OS removes a network loop **Improved** "Mesh Overview" now shows network switches that use the LLDP protocol **Improved** "Mesh Overview" now shows deployed network switches or access points in sequence **Improved** Indication on the start page of the user interface when there are FRITZ! devices in the home network that are not yet enabled for Mesh **Improved** Region and language settings of the FRITZ!Box are adopted by FRITZ!Repeater(s) **Fixed** After changing the connection of a repeater, the connection display on the "Home Network > Mesh" page of the user interface was wrong **Fixed** When using certain powerline adapters together with a network switch, the connection display on the "Home Network > Mesh" page of the user interface was wrong ## Home Network: **Improved** Reworked details pages for network devices **Improved** FRITZ!Powerline devices can be restarted in the "Device Details" of the FRITZ!Box user interface under "Home Network / Network" or registered by clicking a button **Improved** Own network device highlighted in the overviews of the user interface **Improved** More flexibility when assigning your own names for a network device in the home network for display in the user interface: Spaces and special characters are allowed **Improved** The symbol in the user interface for prioritized network devices was updated **Improved** Reworked user guidance through changing of the FRITZ!Box name **Fixed** Display for search for updates  for devices in the Mesh was not suitable in certain cases ## USB: **Improved** Media data are read in completely with "Refresh index" **Improved** A list of FRITZ!Box users with the right to access NAS contents is displayed under "Home Network Sharing" **Improved** A message appears indicating when the maximum number of sharing links is exceeded **Improved** After completion of fax configuration, a USB folder for storing faxes can be selected under "Settings for the Fax Function" **Change** When uploading files to fritz.nas, the creation date of the respective file is now displayed **Change** MagentaCloud removed as a media source in the internet because API is no longer compatible **Change** After indexing, the ".start_indexation.mp3" file is no longer displayed via SMT/FTP **Fixed** Added radio stations were displayed only after manual indexing **Fixed** After starting operation of "FRITZ!Box as Mesh Repeater", the network drive function (SMB) was not always available **Fixed** Accessing a sharing link allowed the creation of additional sharing settings **Fixed** During the slide show of FRITZ!NAS images, the control for the duration of the display was not displayed correctly **Fixed** Folders in the uppermost level of the directory structure were not displayed in the selection dialog for moving files **Fixed** No network drive function (SMB) could be established to Rclone **Fixed** WebDAV online storage could not be used when the country was set to "Spain" ## System: **Improved** New display of Wi-Fi connections between FRITZ! devices **Improved** Summary of information areas on the "Overview" page for better orientation **Improved** New design and improved operation concept for logging in to the FRITZ!Box user interface **Improved** Revised layout of the FRITZ!Box user interface **Improved** Changed operating concept for changing settings in the user interface **Improved** Under "System / FRITZ!Box Users / Apps", the FRITZ!Box user from which each app has been configured is displayed for each app **Improved** The "Forgot Password" push service email now contains information on the device that requested this mail **Improved** If desired, the selection list of FRITZ!Box users can be hidden during login to the user interface from the home network **Change** Simplified flashing behavior of the FRITZ!Box LEDs when connection is triggered by the "Connect" button **Change** The hyperlinks for Contents, Manual, Tips & Tricks, en.avm.de, and Legal Notice are now located under "Help and Info" **Change** New contents under "Help and Info / Get to Know the Functions" **Change** Additional confirmation for configuring certain settings can no longer be switched off **Change** The push service for the Wi-Fi guest access sends registration and deregistration events of the guest devices from the Mesh Repeater or Mesh Master with which the devices are registered **Fixed** The display of several "Exposed Hosts" for two different devices under "Diagnostics / Security" was sometimes misleading **Fixed** Repeater events were occasionally listed twice in the Event Log ## Mobile network: **Improved** Expanded failover protection supports smartphones and mobile network dongles with tethering function **Improved** Failure detection via DNS validation added for expanded failover protection **Improved** Internet connection with username/password supported for Alcatel IK41VE1 IoT/M2M 4G (MBIM) mobile network dongle **Change** Simple failover protection removed - existing configurations are converted to expanded failover protection **Fixed** Page at "Internet / Mobile Network" was empty when a mobile broadband dongle was inserted ## Security: **Improved** Use of a random SIP port possible under "Telephony / Telephone Numbers / Line Settings / Security" **Improved** All a user's rights listed under "System / FRITZ!Box Users" **Improved** Information about security methods currently used on SIP remote sites under "Diagnostics / Security / Telephony" **Improved** Display of the last ACS connections under "Diagnostics / Security / Provider Services (TR069)" **Improved** While login is blocked due to an incorrect password entry, the password entry field can be edited for the next login attempt **Improved** SIP port can be reached from the internet only by the set protocol (IPv4 or IPv6) **Improved** Protection from frequent login attempts with incorrect password via the SMB protocol ## FRITZ!Apps: **Improved** FRITZ!Apps support with explanation of where the preset FRITZ!Box password is found on the FRITZ!Box **Improved** MyFRITZ!App shows when internet access is blocked for each home network device **Improved** MyFRITZ!App with additional connection information for the home network devices **Improved** When MyFRITZ!App is registered with a FRITZ!Box that has not yet been configured, MyFRITZ!App indicates this and offers to open the browser for configuration **Improved** MyFRITZ!App displays Wi-Fi dual-band connections for "Your Mesh" in the overview diagram **Improved** MyFRITZ!App reliably displays Mesh connection paths graphically, even for more complex constellations **Improved** MyFRITZ!App indicates when Mesh functions have not been enabled in the Mesh Repeater **Improved** MyFRITZ!App sets the name of the smartphone or tablet as the name of the network device in the home network of the FRITZ!Box if no name was assigned yet (for Android) **Improved** MyFRITZ!App supports the convenience function of call diversion for callers "not in the telephone book" **Improved** FRITZ!App WLAN displays the channel bandwidth of the Wi-Fi connection **Improved** FRITZ!App Smart Home displays the adaptive heating (preheating phase) of radiator controls **Improved** FRITZ!App Smart Home displays open window detection with a window sensor on the radiator control **Improved** FRITZ!App Smart Home supports the creation of templates for the current light setting **Improved** FRITZ!App Smart Home displays a message when applying templates ----------------------------------------------------------- [1] Talking caller ID - FRITZ!Fon learns to speak: New features for FRITZ!Fon New "Voice" Ringtone The new "Voice" ringtone announces the name of the caller, if available, or the location the call is coming from along with the telephone number of the caller. The feature is available for incoming calls, but a voice announcement can also be selected for alarms and appointments. When you get a call, instead of a ringtone the caller's name is announced if their telephone number is in your contacts. If there is no telephone book entry, the location from which the call is coming is announced, depending on the country, along with the telephone number of the caller. You'll need to have an active MyFRITZ! account. This feature can be enabled under "Telephony / Telephony Devices" in the user interface. Select the FRITZ!Fon handset you want to edit, assign one or more telephone numbers for incoming calls, and then switch to "Ringtones". Select there the "Voice" ringtone for the corresponding telephone number at the end of the list. You can configure additional settings under "Voice Ringtone". For alarms and the appointment calendar you can select the "Voice" ringtone directly on the FRITZ!Fon. Appointment Calendar With the new calendar, you can now set up appointments in FRITZ!Fon and create a reminder for them. You can also be reminded of the appointment with the new "Voice" ringtone. Note: The new features are available for FRITZ!Fon M2, C4, C5 and C6 with the latest handset firmware. ------------------------------------------------------------ [2] WireGuard Support for Simple Setup of VPN Connections WireGuard(R) is a modern, easy to understand, fast, and simple VPN solution. For most operating systems, there are apps or programs from WireGuard for connecting single devices to a network via WireGuard VPN. WireGuard is a registered trademark of Jason A. Donenfeld (https://www.wireguard.com). WireGuard is not compatible with other VPN protocols. Therefore it cannot connect to IPSec, OpenVPN and similar peers. WireGuard itself does not contain any mechanisms for key distribution. Both parties therefore require the public keys of the respective remote site. The concept for the FRITZ!Box is that both key pairs can be generated on the FRITZ!Box to set up a connection, and all the necessary dial-in data can be imported on the client side via a file or QR code, e.g. in the WireGuard App. For your FRITZ!Box to be accessible via WireGuard VPN, you need a MyFRITZ! address your (you'll need to register your FRITZ!Box with MyFRITZ!Net) - or a third-party DynDNS address for your FRITZ!Box. Please note that the connection configuration - QR code or configuration file - is not permanently stored on the FRITZ!Box (for security reasons). Do not let the QR code or configuration file fall into the hands of unauthorized persons. ------------------------------------------------------------ [3] Mesh Wi-Fi - More Performance for FRITZ!Box as Mesh Repeater FRITZ!Box devices that support "Mesh Repeater" operating mode could previously be connected to other FRITZ!Boxes or FRITZ!Repeaters only with one Wi-Fi band (2.4 or 5 GHz) at a time. With the new FRITZ!OS, it's now also possible to use more than one Wi-Fi band for the Wi-Fi uplink. This enables higher data throughputs and stability in the Mesh. When updating a Mesh network that's already been set up with an older FRITZ!OS, which consists of one or more FRITZ!Box devices in Mesh Repeater mode, the previously unused Wi-Fi band is connected automatically. ------------------------------------------------------------ [4] More Operating Convenience in the FRITZ!Box User Interface The FRITZ!Box user interface has been visually refreshed with the new version. Particularly noticeable here is the separation of the menu from the left edge of the screen and the width of the displayed pages have been trimmed for better readability. This has a positive effect on tables and texts, especially when displayed on particularly large screens (resolutions), and at the same time improves the display on smartphones and tablets. The redesign is based on a new style guide that facilitates the integration of innovative operating concepts. ------------------------------------------------------------ [5] Automation Scenes - Create the Perfect Mood for Every Occasion With scenes you can simultaneously perform different actions in the Smart Home. For example, with the "Coming Home" scene, all radiator controls can be set to the comfort temperature at the touch of a button, and your LED lights and smart plugs, the Wi-Fi and/or guest Wi-Fi, and the answering machine can all be switched on at the same time. The preconfigured two scenes "Coming Home" and "Leaving Home" and can be applied directly. They consist of automatically generated templates that can be subsequently turned on and off as required. With a scene you create yourself, multiple devices can be combined and controlled. Templates that have already been created can be added and deleted on an individual basis. Furthermore, individual templates can be created as a simple scene. Settings for devices and/or device groups can be saved and reused with templates. Scenes can be used via the FRITZ!Box, a FRITZ!Fon, FRITZ!App Smart Home or the FRITZ!DECT 440. Routines - for Customizable Automations in the Smart Home Routines enable devices, scenes and templates to be automatically controlled or enabled by an if-then link. The shortcut consists of a trigger and a condition that must be met for an action to be performed. In the Configuration Wizard, you can define a device as a trigger, then specify the change in state or an event (condition). Finally, a previously created scene or template (action) is selected, which is activated when the condition is met. For example, if the humidity measured by the FRITZ!DECT 440 reaches a certain level, the previously configured scene "Ventilation" with a FRITZ!DECT 200 smart plug with a connected humidifier is applied. ------------------------------------------------------------ [6] Additional Confirmation After this update, additional confirmation for certain settings and functions can no longer be disabled. However, if additional confirmation was disabled before the update, this condition remains intact after the update. AVM recommends always using additional confirmation for reasons of security. To allow changes to protected settings from on the go, the TOTP standard with one-time passwords can be also used for additional confirmation. A freely available password manager or a separate app like the Google Authenticator can be used for this. ------------------------------------------------------------ [7] New wizard transfers all important settings for the internet, telephony, and Wi-Fi network, and connections to Mesh, telephony and Smart Home devices to a new FRITZ!Box. Please take note of the following tips and requirements: The Wizard provided in this FRITZ!OS offers assistance if you are using a FRITZ!Box that you would like to replace with another new FRITZ!Box. Any other FRITZ! products connected with your currently used FRITZ!Box, including FRITZ!Repeaters, FRITZ!Fons, FRITZ!DECT Smart Home products, and FRITZ!Apps will also be connected to the new FRITZ!Box. This new switching function makes it easier to exchange your old FRITZ!Box with another FRITZ!Box, so that - the Wi-Fi and home network and all of the connected home network devices will work the same after the switch - no settings have to be changed on the devices connected with the FRITZ!Box because of the switch - the internet connection and telephony can continue to be used in the same way - all important settings on the currently used FRITZ!Box are transferred to the new FRITZ!Box (for instance, for telephony, Smart Home, and MyFRITZ!) 1. Two steps must be taken to prepare the other, new FRITZ!Box:     - a current FRITZ!OS version 7.56 or newer. During the course of the wizard you will be prompted to update your new FRITZ!Box if necessary.     - Set your new FRITZ!Box back to its factory settings , if it was used at all before, and then disconnect it from electrical power. 2. The currently used FRITZ!Box provides the internet connection on your line and has the latest FRITZ!OS version 7.56 or newer. 3. If you use any FRITZ!Repeaters: Update their FRITZ!OS. 4. If you use FRITZ!Fons or FRITZ!DECT Smart Home products, check whether a software update is available and, if so, install it. 5. If you use FRITZ!Apps for the previously used FRITZ!Box, have your smartphone ready. 6. You must have physical access to the FRITZ!Box you are currently using, so that you can insert its network cable and press the buttons. The other, new FRITZ!Box should be close at hand. You will also need to connect to electrical power and the internet for the switching procedure. 7. If you are not only changing the FRITZ!Box model, but also the type of connection (for instance, from DSL to fiber optic), then the other, new connection must be ready for operation. 8. You must be connected with the homei network of the currently used FRITZ!Box with a notebook or computer (recommended) or by smartphone. Under "Wizards" in the http://fritz.box user interface there is a "Transfer Your Settings to a New FRITZ!Box" link to click. Read the instructions presented there and follow them carefully. The process usually takes around 10 to 30 minutes, depending on the complexity of the home network.