Reliance Jio Fiber ONT Authentication

[randompleb]

Hi, first post here. I read about how the Jio Fiber ONT is locked down here before making the decision to subscribe to their services. This was done as there is no other fiber provider here. Anyway let's cut right to the chase.

It was mentioned on this forum that the ONT uses Tr-069. Yeah, it does use that along with GPON. You can check it for yourself, it'll show "O5 State" when it's authenticated properly. So, I guess it sends a serial number to authenticate with the OLT? Does anyone know how would I be able to monitor GPON/TR-069 stuff with a packet monitoring program of some sorts?

Also, this is what I found in js/menuSearchList.js

"menu74": {

        "mainMenu": "Advanced",

        "secondLevelMenu": "VLAN Configuration",

        "thirdLevelMenu": "",

        "hrefAttrLink": "vlanWan.html",

        "breadCrumb": "Advanced@@Network@@VLAN Configuration"

    },

I guess you could, theoretically speaking, access it using some curl POST magic? Because sticking vlanWan.html right at the end of "platform.cgi?=" will throw a 401 unauthorized error. But I guess this is useless as the ONT itself uses TR-069?

Edit: Just to be clear, isn't Jio's ONT actually ONT+Router?

 

[GR2]

I think jio is using mac address for authentication. I heard that wireshark can capture vlan tags but i am not sure if it captures lan vlan or vlan configured in olt. Yes, jio's ont is a modem+router combo which is called a gateway.

 

[randompleb]

Well, if they're using just the mac address then you could easily spoof the mac id on a router. I think they're using some other authentication credentials. Looks like only someone working with Jio can help us out.

Edit: Well, it looks like one cannot sniff GPON traffic without specialized gear since it is not ethernet related.

 

[randompleb]

If someone has worked with GPON please do shed some light on the authentication between the OLT and ONT.

 

[GR2]

Well, if they're using just the mac address then you could easily spoof the mac id on a router. I think they're using some other authentication credentials.

I can spoof my own router's mac address (changed it to jio's modem wan mac). But what is use?

 

[randompleb]

Sorry. Based on the replies above, I thought you were saying that Jio is using mac address for authentication. I mean like an ACL you have on your home routers. Also, what do you mean when you say "But what is use?". Because, if only MAC authentication is used (without something like the standard GPON authenticatoin) you could spoof your Jio MAC on other router and it'll be authenticated with the OLT. But I don't think that they're using it because MAC spoofing is very easy.

Also, I'm not even sure if they're using TR-069. Because I was told that TR-069 is not used in GPON networks like JIO. On IRC, someone said that GPON has multiple authentication methods in place. He/She mentioned the following possibilities that are generally used in GPON authentication:
1. Serial Number
2. Password
3. Serial Number + Password

 

---

[GR2]

@randompleb

I said "what is the use" because is there any advantage of spoofing the jio's mac address on my router, unless if it was a GPON ont.

 

[randompleb]

Yes, tr069 is enabled. What I was saying was that tr069 is not used for authentication but for only remote management purposes. I think it is used by the MyJio app (indirectly) to change WIFI stuff. I guess standard TR-069 stuff to send firmware updates is also possible. Authentication with the OLT must be the standard GPON related authentication.

Again, this is just a theory and it's hard to tell whether the above statement is true unless someone from Jio confirms this.

 

[GR2]

@randompleb My guess is they are using serial number.

 

[Roy]

Yes nitin. They activate my frnd's ONT using serial number.