Unlock G-2425G-A router running on latest firmware

Note: Tested for Nokia router G-2425G-A running on firmware 3FE49362JJIJ50.

Use this script to decrypt your configuration file. This script has been updated for latest firmware (3FE49362JJIJ50).


Source

All the steps to decrypt the config files has been already discussed in other posts as well, kindly follow them.

1) After decrypting the config file, open the generated xml file in a text editor.
2) Search for TelnetSshAccount section and write username as ONTUSER and password as "anyrandompassword" (remember this password for future).
3) Enable ONTUSER to drop into busybox instead of vtysh by setting LimitAccount_ONTUSER to false. Go to LimitAccount_ONTUSER section and change that option to FALSE.
4) Encrypt the config file again using the same script and import in your router (remember to enable telnet in Security --> Access Control --> LAN).
5) Now use any tool to access telnet, I have used windows powershell (you can enable telnet in windows additional features).
6) In Windows PowerShell write; telnet --> o --> 192.168.1.1

Username: ONTUSER
Password: your password from STEP 2

7) Now in shell write ---> ritool set OperatorID ALCL

After this step you have enabled root access. Login to your router to check everything has been unlocked.

Now hard reset from back of the router is recommended to enable editing any WAN settings but before that remember to take a backup of your configuration and wan settings.

8) After hardreset the router's gateway will default to 192.168.1.254 and username and password will change to AdminGPON and ALC#FGU respectively.

 

[xvamp]

@trikona I don't know how to setup VLAN ID on my OpenWRT, previously I'd just connect and it would work out of the box.

When I tried on PC too, I didn't use my VLAN ID. Can you please direct me as to how to go about setting VLAN ID on PC?

Update 12:20PM // 27-9-23 - I set my VLAN ID on my PC going to Device Manager, and PPPoE connection is working. Just need to figure how to set VLAN ID on my OpenWRT router, and will update here.

Update 12:30PM // 27-9-23 - I set VLAN ID by editing WAN interface and in Devices added custom eth1.100 device, and it's working on my OpenWRT router too. Phenomenal stuff!

 

[rahul600]

can anyone help me out...
i am unable to upload the new config, The import button on click goes white and no remarks are shown next to button after selecting newly encrypted file.
if i am changing the file name to config.cfg it is showing >> Upload Failed: File Invalid!


please help me out....


Device info
Device Name
G-2425G-A
Vendor
Nokia
Serial Number
ALCLB2A62824
Hardware Version
3FE48299DEAA
Boot Version
U-Boot-Dec-31-2016--12:00:00
Software Version
3FE49362JJIJ50

 

[rahul600]

@xvamp can you please steps again how you had figure out.
same problem

 

[tr1k0N4]

@rahul600 Are you using the exact same command that gets outputted in your terminal, after you decrypt the firmware, to encrypt it back again?

 

[rahul600]

this are below command i am trying

1.python nokiatool.py
2.python nokiatool.py -d OYdLWUVDdKQTPaCIeTqniA==
3.python nokiatool.py -u config.cfg (to decrypt config file)

now i had changed like this
<TelnetSshAccount. n="TelnetSshAccount" t="staticObject">
<Enable rw="RW" t="boolean" v="True"></Enable>
<UserName ml="64" rw="RW" t="string" v="admin"></UserName>
<Password ml="64" rw="RW" t="string" v="OYdLWUVDdKQTPaCIeTqniA==" ealgo="ab"></Password>

python nokiatool.py -ple config-XXXXXXX-XXXXXX.xml 0x4924ea42 ( to encrypt again )



same i had used to unlock the same router with older software version there it works. but now with this Software Version
3FE49362JJIJ50.. not working


first let me know what exactly changes i need to do after decrypt if i am doing wrong there,
second.. is there any changes in command to encrypt it again

 

[tr1k0N4]

@rahul600, this is where you go wrong, brother:

python nokiatool.py -ple config-XXXXXXX-XXXXXX.xml 0x4924ea42 ( to encrypt again )

You have to use the command that gets outputted in the terminal after you decrypt the firmware and not this one you mentioned in your comment.
For example:
encrypt hosted at ImgBB

 

---

[wazarikun]

Can someone please share the latest firmware 3FE49362JJIJ50.bin with me?

I've unlocked mine at an earlier version and I want to upgrade

 

[galaxy_ani]

@Rehan ahmad
dear friend please share steps unlock latest version 3FE49362IJHK51 ( airtel Xstream fiber G-2425G-A )
please reply on my mail [email protected]

 

[khamosh]

2) Search for TelnetSshAccount section and write username as ONTUSER and password as "anyrandompassword" (remember this password for future).

Suggestion: mention that user have to change TelnetSshAccount variable from false to true

 

[f3rmion]

the router's configuration page has no settings to edit the beacon interval and DTIM duration but the unencrypted configuration file has multiple instances of parameters by the name "BeaconPeriod" and "DTIMPeriod"
I'm trying to experiment with different values to see the effect on battery life but i don't know which instance of the parameter to edit. Perhaps the multiple instances are because of the the multiple SSID alias. I'd really appreciate if someone can clarify this.