VOIP etc > Voice Over IP - VOIP > VOIP Tech Chat > [Unlock] Unlocking Linksys SPA2102 adapter

[Unlock] Unlocking Linksys SPA2102 adapter

If you enter just the IP address in your browser, you should see the password screen showing "spa user" or similar. The user name is "user" (without the quotes) and the password should have been supplied by (or be readily available from) your provider. It's usually something simple like 1234. However, this "user" access is limited to parameters that the provider has designated as user changeable. Speed dials, IP address, port forwarding, etc. are generally in this category.

If you enter i.p.add.ress/admin/ in your browser, you should see the password screen showing "spa admin" or similar. The user name is "admin" (without the quotes) and the (probably different) password might be available from your provider, if you explain that are having a technical problem that is best fixed by you making some settings changes. This "admin" access, if enabled, allows modification of all device settings. Alternatively, they may simply make the requested changes at their end.

If the provider won't cooperate, you might try some Google searches; possibly the passwords are the same for all their users. Or, try capturing traffic from the device as it boots up -- with luck, the provisioning file is unencrypted.

If none of the above helps, post provider name and the trouble you are having. It's possible that a member will have some useful advice.

I already tried the first two ways, but default user name and password combinations not work. Btw, how to capture traffic from the device as it boots up?

reply to pulsar777
just don't do it - just call the provider or get a new provider - locked devices suck

otherwise you can reset your ATA and then do what you want

IMO, it's very unlikely that hacking the hardware will be productive.

If you want help, post as much detail about the problem as possible.

What is wrong (or what would you like to change) with your present setup?

Given that your provider is apparently unwilling to fix it, why do you want to stay with them (long contract, no one else can port your number, etc.)?

well, there are no obvious connectors pins on board.
Is there way to get device configuration file, to decrypt it, modify and reupload again?
I want to get admin password to be able to view settings and change it myself. In general, I'm satisfied with current service provider, except for a phone service, I want to be able to control all settings myself.

reply to pulsar777
Who is the provider ?

reply to pulsar777
Did you try the "Reset By IVR" method? It worked for all the ones that Clear sent out.

reply to toro
local, non-U.S. provider. Reset By IVR method: did you mean reset the device to factory defaults with phone pad by dialing **** and pressing 7xxxx#..? It ask password at the end. Also I don't want to erase all the configuration settings.

reply to pulsar777
Then unless your provider gives you the password there is very little you can do.
You can try to sniff the traffic from the ATA when it boots up, by connecting its WAN interface to your router through to an old hub (not switch), connecting your PC to the same hub and running Wireshark. The ATA will probably use TFTP, HTTP or HTTPS to retrieve its configuration file within the first 1-2 minutes of the boot up. Unless it uses HTTPS, you can actually see the request and the URL for the file and try to download it manually. Then, if you're lucky and the file is not encrypted you can get your passwords from there or you can spoof the provider's servers and "feed" the ATA another file which will reset the passwords. If the file is encrypted you are out of luck, you won't be able to decrypt it without knowing the key which is stored in the ATA.
--
Providers: voip.ms, freephoneline, smartcall.ro through asterisk. Hardware: Vonage VDV21, Moto VT2x42, Linksys SPA series, Grandstream HT series, Panasonic KX-TGP5x0
»www.voipfan.net

the ATA and PC both are connected to the router, which connected to cable modem. Do I need connect it through the hub before router? Also, I read somewhere that encryption somehow use MAC address of ATA for the key.

If ATA use TFTP to retrieve its configuration file, the TFTP server may be configured to prevent direct download of configuration file, is it correct?

Usually no. However that restriction may be implemented in case of HTTPS (but in that case you can't even see the URL for the config file)

reply to pulsar777
1. you can reset it
2. no, it will not save your configuration - it will RESET it - not just passwords

don't know why people are looking at diagrams of the circuit board - pretty irrelevant

The ****73738# reset sequence can be blocked by the provider (basically it asks for the admin password), and in case of the OP it is blocked: »Re: [Unlock] Unlocking Linksys SPA2102 adapter
--
Providers: voip.ms, freephoneline, smartcall.ro through asterisk. Hardware: Vonage VDV21, Moto VT2x42, Linksys SPA series, Grandstream HT series, Panasonic KX-TGP5x0
»www.voipfan.net

reply to IPfaxer

There's no JTAG support on the Linksys SPAxxxx and PAP2(T) series of ATAs. Have you tried capturing the traffic with wireshark yet ?

will try..