Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
How can we unblock a blocked dect phone (DT288) if IPEI is not known? 6
- Thread starter jaylek
- Start date
-
5
- #2
-
1
- Thread starter
- #6
SPettigrew
MIS
I had the same issue with a 230. The backdoor code supplied by Skytz also worked for this handset!
Many thanks!!!!
Many thanks!!!!
Thanks for the info.
Another query about IPEI :
If a DECT handset that is not authorised to access a certain MD110 network attempts to subscribe, does the MD110 log that access or subscription attempt and perhaps record the IPEI number of the unauthorised handset ?
I read somewhere that there is a security feature to detect stolen phones. If this is the case, how would an administrator know that an attempt to access his network had been made unless some record is kept by the MD110.
Also, there are a lot of DECT GAP compatible base station / handset combinations available, that do not seem to need the IPEI number explicitly entered anywhere and it does not seem obvious how to get it from the handset itself, its serial number or its documentation. I think these are GAP class A systems.
Does anyone know of a way to disover it for this type of handset ?
Perhaps trying to subscribe it and reading it from an MD110 log (if it exists) would be a way. As far as I know, MD110 is GAP class B.
Another query about IPEI :
If a DECT handset that is not authorised to access a certain MD110 network attempts to subscribe, does the MD110 log that access or subscription attempt and perhaps record the IPEI number of the unauthorised handset ?
I read somewhere that there is a security feature to detect stolen phones. If this is the case, how would an administrator know that an attempt to access his network had been made unless some record is kept by the MD110.
Also, there are a lot of DECT GAP compatible base station / handset combinations available, that do not seem to need the IPEI number explicitly entered anywhere and it does not seem obvious how to get it from the handset itself, its serial number or its documentation. I think these are GAP class A systems.
Does anyone know of a way to disover it for this type of handset ?
Perhaps trying to subscribe it and reading it from an MD110 log (if it exists) would be a way. As far as I know, MD110 is GAP class B.
Hello, njohn343
Yes it is possible to find out the IPEI if it is not shown on the DECT phone.
First start a unit trace on CTLP:
<STUNI:UNIT=CTLP,LIM=1;
<STTSI:TRI=1;
Then try to register the dect in MD110 (unsuccessful)...
<STTSE:TRI=1;
<STRAP:TRI=1;
TRACE IND READ RESULT
TRACE INDIVIDUAL NO 1
TIME LINE(S)
.....
20.50.19.480 00009 SWSW SIGNAL GETDIRNUM (H'0041)
FROM CTLP (H'0173) EXE A IN LIM 001
TO CTLMP (H'0172) EXE A IN LIM 001
WITH 0 1 2 3 4 5 6 7 8 9
000 H'01 H'C7 H'2F H'01 H'01 H'D8 H'00 H'0C H'73 H'D8
010 H'02 H'02 H'01 H'FA H'02 H'01 H'85 H'88
20.50.19.480 00010 SWSW SIGNAL GETDIRNUMRES (H'0022)
FROM CTLMP (H'0172) EXE A IN LIM 001
TO CTLP (H'0173) EXE A IN LIM 001
WITH 0 1 2 3 4 5 6 7 8 9
000 H'01 H'C7 H'2F H'00 H'10 H'06 H'99 H'89 H'00 H'FF
010 H'FF H'FF H'02 H'00 H'0B H'06 H'02 H'00 H'02 H'8C
.....
Now look at the EMC (D04-D05) and PSN (D06-D09),
convert EMC to 5 decimal digits and then
PSN to 7 decimal digits and then and try to add the 13:th
checksum digit:
<CXAKI
IR=541,AUTKEY=01234567,IPEI=0047208160881;
NOT ACCEPTED
IPEI
NOT IN RANGE
<CXAKIIR=541,AUTKEY=01234567,IPEI=0047208160882;
NOT ACCEPTED
IPEI
NOT IN RANGE
....
<CXAKIIR=541,AUTKEY=01234567,IPEI=0047208160880;
EXECUTED
Now register the dect successfully.
Done!!
Regards
MDatHome
Yes it is possible to find out the IPEI if it is not shown on the DECT phone.
First start a unit trace on CTLP:
<STUNI:UNIT=CTLP,LIM=1;
<STTSI:TRI=1;
Then try to register the dect in MD110 (unsuccessful)...
<STTSE:TRI=1;
<STRAP:TRI=1;
TRACE IND READ RESULT
TRACE INDIVIDUAL NO 1
TIME LINE(S)
.....
20.50.19.480 00009 SWSW SIGNAL GETDIRNUM (H'0041)
FROM CTLP (H'0173) EXE A IN LIM 001
TO CTLMP (H'0172) EXE A IN LIM 001
WITH 0 1 2 3 4 5 6 7 8 9
000 H'01 H'C7 H'2F H'01 H'01 H'D8 H'00 H'0C H'73 H'D8
010 H'02 H'02 H'01 H'FA H'02 H'01 H'85 H'88
20.50.19.480 00010 SWSW SIGNAL GETDIRNUMRES (H'0022)
FROM CTLMP (H'0172) EXE A IN LIM 001
TO CTLP (H'0173) EXE A IN LIM 001
WITH 0 1 2 3 4 5 6 7 8 9
000 H'01 H'C7 H'2F H'00 H'10 H'06 H'99 H'89 H'00 H'FF
010 H'FF H'FF H'02 H'00 H'0B H'06 H'02 H'00 H'02 H'8C
.....
Now look at the EMC (D04-D05) and PSN (D06-D09),
convert EMC to 5 decimal digits and then
PSN to 7 decimal digits and then and try to add the 13:th
checksum digit:
<CXAKI
IR=541,AUTKEY=01234567,IPEI=0047208160881;NOT ACCEPTED
IPEI
NOT IN RANGE
<CXAKI
IR=541,AUTKEY=01234567,IPEI=0047208160882;NOT ACCEPTED
IPEI
NOT IN RANGE
....
<CXAKI
IR=541,AUTKEY=01234567,IPEI=0047208160880;EXECUTED
Now register the dect successfully.
Done!!
Regards
MDatHome
thanhthanh
Technical User
Thanks njohn343!
I read the Thread806-533290 there is no help,
is there anyone unlocked PIN CODE for DT570?
I read the Thread806-533290 there is no help,
is there anyone unlocked PIN CODE for DT570?
Hi all
I find a small correction to problem “How to find IPEI number using ST function” .
I has today a problem with IPEI for DT570 system is BC 12.1 (sp4) 9 LIMs
I trialed method with signal tracing. / I know this method and it work correct on my test lim /
[tt]
<STUNI:UNIT=CTLP,LIM=1;
YOUR TRACE INDIVIDUAL IS 2
EXECUTED
<STTSI:TRI=2;
EXECUTED
*** DT subscribing faulty***
<STTSE:TRI=2;
EXECUTED
<STRAP:TRI=2;
TRACE IND READ RESULT
TRACE INDIVIDUAL NO 2
NO SIGNALS FOUND
END
[/tt]
In fact program CTLP is loaded to all lims and generic extension are initiated in lims 5&4&9 and mobility system (base station in this same lim’s)
But I need data from
<STRAP:TRI=x…
…….SWSW SIGNAL GETDIRNUM (H'0041)
My solution
<CNPIP:UNIT=CTLMP;;
[tt
PROGRAM UNIT INFORMATION
PU-NAME PU-NO PRODUCT NUMBER REV PATCH
CTLMP H'172 5/CAA 111 9558/01 R1A NO
TYPE
B'0000 0000 0000 0000 0000 1000 0000 0000
TYPEEXT
B'0000 0000 0000 0000 0010 0001 0000 0011
LOADED IN LIM
4 8
ACTIVE CF LOCATED IN LIM 8
[/tt]
Program CTLMP is loaded in two lims but active in lim 8
Than
<STSII :LIMR=8,UNITR=CTLMP,SIGNAM=GETDIRNUM;
LIMR= 8 because CTLMP program is active in LIM 8
The rest is this same as MDatHome wrote
And the STRAP is very short (only 4 records )
The last digit in IPEI can be 0…9 or * (star)
[/color red]
I find a small correction to problem “How to find IPEI number using ST function” .
I has today a problem with IPEI for DT570 system is BC 12.1 (sp4) 9 LIMs
I trialed method with signal tracing. / I know this method and it work correct on my test lim /
[tt]
<STUNI:UNIT=CTLP,LIM=1;
YOUR TRACE INDIVIDUAL IS 2
EXECUTED
<STTSI:TRI=2;
EXECUTED
*** DT subscribing faulty***
<STTSE:TRI=2;
EXECUTED
<STRAP:TRI=2;
TRACE IND READ RESULT
TRACE INDIVIDUAL NO 2
NO SIGNALS FOUND
END
[/tt]
In fact program CTLP is loaded to all lims and generic extension are initiated in lims 5&4&9 and mobility system (base station in this same lim’s)
But I need data from
<STRAP:TRI=x…
…….SWSW SIGNAL GETDIRNUM (H'0041)
My solution
<CNPIP:UNIT=CTLMP;;
[tt
PROGRAM UNIT INFORMATION
PU-NAME PU-NO PRODUCT NUMBER REV PATCH
CTLMP H'172 5/CAA 111 9558/01 R1A NO
TYPE
B'0000 0000 0000 0000 0000 1000 0000 0000
TYPEEXT
B'0000 0000 0000 0000 0010 0001 0000 0011
LOADED IN LIM
4 8
ACTIVE CF LOCATED IN LIM 8
[/tt]
Program CTLMP is loaded in two lims but active in lim 8
Than
<STSII :LIMR=8,UNITR=CTLMP,SIGNAM=GETDIRNUM;
LIMR= 8 because CTLMP program is active in LIM 8
The rest is this same as MDatHome wrote
And the STRAP is very short (only 4 records )
The last digit in IPEI can be 0…9 or * (star)
[/color red]
- Status
Similar threads