Remove hardware code between router and mesh points.


  • This post is deleted!

  • @Derek-Saville @danwho Derek - It is still a nonsensical argument. A design change is not a hack (see below) the communication between the router and mesh remains - unbreakable hardware locked crypto module once added together, no change there.

    The ability of breaking communication between the router and mesh has always been there and not a hack (see below) - hold the reset button for 40 sec. What happens after this is done, the mesh is in recovery mode.

    What you're arguing about is the ability to use the mesh once in recovery mode.

    The solution you described currently places the kit MeshPoint in Recovery mode - If in recovery mode it is a useless piece of junk hardware that could be added back to one specific router. Where is the hack here?

    in order to install a 'hacked' firmware (design change to use once in recovery mode)

    to bypass AmpliFi's previously claimed unbreakable hardware locked crypto module - true? Not true as indicated once connected this still remains unbreakable.

    Hack..
    To cut or sever with repeated irregular or unskillful blows
    To cut or shape by or as if by crude or ruthless strokes
    To clear or make by or as if by cutting away vegetation
    To gain illegal access to (a computer network, system, etc.)


  • @danwho What products have Asus or Netgear abandoned before 4 years lifespan? What about AmpliFI abandoning their ill-fated Teleport after us spending hundreds of dollars on the blooming things?


    1. Can we keep this topic on point about unpairing the kit. Otherwise they'll close the thread.

    2. Message their support team, they'll send you instructions to unpair it and a link to the updated firmware.


  • @Shahin-Fard So what if they close the thread? A lot of unforgivable and irreparable damage has already been done.


  • Hi @ottme2 - kit mesh points are still (to our knowledge) hardcoded to their respective router at the time of manufacturing with a TPM allowing for an out-of-box pairing

    If either the router or the mesh point are reset, then they need to go through an automated re-pairing process in the order of resetting the mesh point(s) and then resetting the router, but the mesh points cannot be paired with any other router due to the hardcode

    Any process or method to bypass a TPM crypto-processor's one time certificate / encryption key set at manufacturing can colloquially be referred to as a 'hack', even if it is now implemented by the manufacturer

    You are obviously welcome to disagree just as I can and will continue to call it a hack, and in reality nobody cares what it is called

    The hack currently requires entry into Recovery mode (which I am very well familiar with), the installation of a new firmware, followed by going back into Recovery mode, and an unpairing process

    @UI-AmpliFi stated the hack will be rolled out into a future publicly available firmware release

    So my very sensible and in no way argumentative questions still remain...

    • Will the hacked firmware automatically be installed on all kit mesh points by default or will it still require entry into Recovery mode to install the hacked firmware?

    • Will entry into Recovery mode still be required to unpair a kit mesh point or can the unpairing be done from the app or the web UI?

    This is not a 'design change'
    A design change would be to remove the hardcode on future products
    This is a hack to bypass an arguably poor original design choice on shipping products

    We are talking about breaking a hardcode, not communication.

    What you're arguing about is the ability to use the mesh once in recovery mode.

    No, I am not
    I have used Recovery mode for years on a broad spectrum of AmpliFi products without issue or complaint
    If I wasn't able to access a device in Recovery mode then I would complaining to AmpliFi, not arguing

    If in recovery mode it is a useless piece of junk hardware that could be added back to one specific router.

    I have never mentioned or stated any AmpliFi device would become a 'useless piece of junk' if you enter into Recovery mode to install firmware or to perform any other function

    Where is the hack here?

    The hack is bypassing or breaking a secure TPM that hardcodes a mesh point to router

    Not true as indicated once connected this still remains unbreakable.

    To say this process cannot be used more than once, now that is nonsensical and poorly argued...so welcome to the club!


  • @ottme2
    Hello…..quick question since you got the unpair to work.

    I have an Instant Kit (router + 1 mesh) and would like to unpair the mesh and use an HD as the main router. Then I’ll add Instant as RAMP and add the mesh too.

    AMPLIFI sent the new firmware to unpair but didn’t specify if I need to install the firmware on both router + mesh?

    Wondering if you installed on router as well or just mesh. Thanks!

    Dave


  • @richfetcho Pretty much everything that needs to be done is in relation to the mesh point. The firmware is applied to the mesh.
    --Connect to the WiFi and in the browser enter amplifi.lan or 192.168.1.20-- This is the mesh that you must connect to.

    You're connecting to the router on the last step only.
    -- After a successful unpairing process you will be able to add this mesh point to the new kit by powering it on and taping on the new AmpliFi HD LCD display that will say "ADD TO MESH". --


  • @ottme2

    Thanks. I got it to work. Although support just wrote back and said I need to use firmware on BOTH devices.

    I unpaired the mesh. Easy.
    Unpaired the router. Easy.

    Where I tripped up is I set up the router again as the main router (before my HD arrived in the mail). After the HD arrived I tried to add it to the HD and it didn’t work.

    So I went back and “redid” the steps for the instant router only.

    Now I have HD as main router, Instant as RAMP and Instant mesh as, well, mesh.

    Working well so far!

    Dave


  • Just to let everyone know.

    I contacted support, they gave me instructions and links to download firmware. I unpaired my mesh points and router.

    Connected both unpaired meshpoints to my existing network, and added the unpaired router with backhaul to my existing network.

    So far so good! Very pleased.


  • Hi Shahin thanks for posting about this subject. I am not a techie. I have a HD Router with two mesh points. I have obtained another HD Router and two further mesh points and wanted to use the two additional mesh points and save the Router if needed later.
    Found that I can't pair the additional two mesh points due to the hardware code issue.
    I could not follow the solutions you outlined.

    Plugin the mesh point to the power
    Hold the reset button for 40 sec (until all of the LEDs are blinking fast)
    The WiFI with SSID will appear "AFi-P-HD-[end of the serial number]-Recovery"
    Connect to the WiFi and in the browser enter amplifi.lan or 192.168.1.20
    ******* After a successful update (mesh points LED will do an inside-out pattern), hold the Reset button again for 40 sec.*****
    The WiFI with SSID will appear "AFi-P-HD-[end of the serial number]-Recovery"
    Connect to the WiFi and in the browser enter amplifi.lan or 192.168.1.20
    In the Web interface tap on the button "Remove factory pairing from the kit device" to unpair the mesh point
    After a successful unpairing process you will be able to add this mesh point to the new kit by powering it on and taping on the new AmpliFi HD LCD display that will say "ADD TO MESH".
    It works and just a matter of time before released... hopefully.

    I get the five blue flashing lights but then don't follow the next steps-sorry.! I believe I need the new firmware in order to implement the above?

    Any help you can give me would be very much appreciated.

    UPDATE: SUPPORT HAVE ESCALATED MY QUERY TO SOMEONE WHO WILL BE SENDING ME THE NEW FIRMWARE

    Thanks in advance
    Mike


  • Hey Mike,

    I'll try to help you as best I can. Firstly, I don't think the chat/support are the right people to talk to - they are probably Tier 1, and you will need to speak to someone in Tier 3 Support. I raised a ticket which was escalated to someone called Becky who was great and helpful.

    She provided me with instructions and links to the binary files to update the firmware. In her message, she asked me not to share the firmware online, so if you'd like the firmware I would recommend raising a ticket with their support team.

    Just in case you aren't sure how to do this, If you go to: [https://help.amplifi.com/hc/en-us](link URL) and click on the "Submit Request" button. Fill in your details and explain to them that you have a 2nd kit and would like the firmware to unpair it so you can use it I wrote this:

    "I read recently that you are providing alpha firmware to unpair the router and meshpoints, allowing me to finally use this extra kit! This is great news, can you provide me with a link to the firmware, please?"

    Hopefully they will get back to you in a few days with instructions and the binary files so you can put your devices in recovery mode and install the new firmware and unpair it.

    You will not be able to unpair the devices without the new firmware.

    Best of luck, let me know how you got on!


  • Wow - very happy to have this working.

    Merged my two previously independent networks. Now have a single place to manage the network.

    Really great to see this from Ubiquiti.


Log in to reply