Open dandare1980 opened 4 years ago
jamesmacwhite
commented
4 years ago I haven't personally tried to interface with the USB modem directly, other than accessing the modem side via SSH. adb debug is running on the modem side TCP 5555, but trying to interact with it over the network seems to cause a lock up. Someone else reported similar behaviour on the hh40:
jamesmacwhite
commented
3 years ago @dandare1980 I don't know if you are still interested in this, but there's a Russian forum site that's got an active thread around the HH70 and the modem side.
https://4pda.to/forum/index.php?s=&showtopic=944986&view=findpost&p=106587940
The latest post there seems to offer some interesting information around connecting to the modem, there's been a lot of discussion around it going back through the pages in the thread.
Google translate is a little rough on some of the context but maybe it might offer more clues.
dandare1980
commented
3 years ago Thank you James, there's some very interesting info on there regarding the modem as you say.
While poking around did you find a way of extracting the administrator password for the web interface? It seems to be generated by an algorithm based on the IMEI which also determines the device SSID. Although I can edit my device configuration through the command line I don't currently have access to the conventional web interface.
jamesmacwhite
commented
3 years ago Last 4 digits of the IMEI form the SSID format of 4GEE_Router_XXXX followed by 2.4Ghz or 5Ghz respectively for the dual band radio.
In terms of the web interface password. Running /usr/bin/webs from command line should reveal the g_webs_data.password in plain text. This is coming from a sqlite database stored at /jrd-resource/resource/sqlite3/user_info.db3 the table webs_config, has the web interface password stored in BLOB/binary.
dandare1980
commented
3 years ago @jamesmacwhite thank you, that command worked perfectly and I now have access via the web interface.
My only mystery left to resolve is whether this device supports the full range of LTE bands: B1, B3, B7, B8 and B20. It should by default, but I'm not sure if the firmware has been adjusted to only support EE network bands. I suspect this as when using a Vodafone SIM I can only receive 3G (with or without an external Poynting omnidirectional aerial) but in my phone I have very good 4G access and speeds. However, I believe both networks share broadly the same LTE bands so perhaps not?
jamesmacwhite
commented
3 years ago Interesting question, I believe the official LTE band support from Alcatel is:
UMTS(3g) B1/3/8 LTE(4G) B3/B7/B20
Which if Vodafone don't operate on those bands could explain why 4G is not possible in the 4GEE router but in your phone.
jamesmacwhite
commented
3 years ago There's also a hidden diagnostic page:
http://192.168.1.1/index.html#/diagnostic
Replace the IP if different
This might give you more clues when connecting a different SIM to know what tower you've connected to, compared to your phone. I'm not sure why EE hides this page, it's actually quite useful.
dandare1980
commented
1 year ago @jamesmacwhite thank you, that command worked perfectly and I now have access via the web interface.
My only mystery left to resolve is whether this device supports the full range of LTE bands: B1, B3, B7, B8 and B20. It should by default, but I'm not sure if the firmware has been adjusted to only support EE network bands. I suspect this as when using a Vodafone SIM I can only receive 3G (with or without an external Poynting omnidirectional aerial) but in my phone I have very good 4G access and speeds. However, I believe both networks share broadly the same LTE bands so perhaps not?
For anyone with the same issue, I was able to login to the modem at 192.168.225.1, upload a small arm utility called diagcmd to /usr/bin and then issue the commands diagcmd 26 ac 1a and diagcmd 26 ad 1a respectively to output the configuration of the LTE bands from NV_LTE_BC_CONFIG and NV_LTE_BC_CONFIG_DIV.
In my case, both outputs read as 44 00 08 which was different to the default values of c5 00 08.
I restored the defaults by running the commands diagcmd 27 ac 1a c5 00 08 followed by diagcmd 27 ad 1a c5 00 08 to reinstate bands B1, B3, B7, B8 and B20.
On rebooting the device it could now access Vodafone's LTE service.
The diagcmd utility can be obtained from here.
Instructions were obtained from the forum @jamesmacwhite refers to above using Google Translate.
Do you know if it's possible to connect to the HH70 via USB?
I want to perform some operations via ADB, but the device refuses to be detected under Windows 10.