From 14d2d2303a871372eaad9cfaa1ffb51860dd1f5c Mon Sep 17 00:00:00 2001 From: astromech73 Date: Thu, 21 May 2026 09:39:03 -0500 Subject: [PATCH] Add calix_home_network.txt from Google Drive --- calix_home_network.txt | 132 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 132 insertions(+) create mode 100644 calix_home_network.txt diff --git a/calix_home_network.txt b/calix_home_network.txt new file mode 100644 index 0000000..6969e86 --- /dev/null +++ b/calix_home_network.txt @@ -0,0 +1,132 @@ +Calix Home Network +May 21, 2026 + +=== MAIN ROUTER (192.168.1.1) === +Role: Primary Calix 4220E gateway (mesh controller) +Model: u6.1 GS4220E (100-05413) +Serial: 422208213826 +SSID: CXNK010F208F +WPA Key: 2f9f432281fdc198 +ONU MAC: B89470467D4B +MTA MAC: B89470467D4C +Ports: 443 (HTTPS web UI), 53 (DNS) +Web UI: https://192.168.1.1/ (login page, Calix Admin SPA) +Credentials (admin): admin / 5e05068d +Credentials (support): support / 5e05068d!5upporT + -> Web UI accessible, all .cmd API endpoints return #ERROR_019 (support-level restriction) + +=== BACK HALLWAY SATELLITE (192.168.1.109) === +Role: Calix 4220E mesh satellite AP +Model: u6.1 GS4220E (100-05413) +Serial: 422208213783 +SSID: CXNK010F2064 +WPA Key: a4de3dfa91dd0129 +ONU MAC: B89470467B72 +MTA MAC: B89470467B73 +Credentials (admin): admin / db90529d + -> AP mode, HTTPS login page responds but nonce endpoint returns redirect HTML + (bridge/AP mode — mesh APs don't accept standard web login flow) +ICMP: Responds (u6.1 mesh APs reply to ping) +DNS port 53: OPEN + +=== OFFICE SATELLITE (192.168.1.155) === +Role: Calix 4220E mesh satellite AP +Model: u6.1 GS4220E (100-05413) +Serial: 422208213919 +SSID: CXNK010F20EC +WPA Key: 82c01c4b563af393 +ONU MAC: B8947046814A +MTA MAC: B8947046814B +Credentials (admin): admin / efe93f1d + -> AP mode, same behavior as Back hallway sat (bridge/AP, login nonce blocked) +ICMP: Responds (u6.1 mesh APs reply to ping) +DNS port 53: OPEN + +=== GENIESPIRE SATELLITES (EXOS / GenieACS managed) === +These are separate devices from the 4220E mesh — managed via TR-069/GenieACS +No local web UI (EXOS firmware does not expose a web management interface on satellites) + +Device: CXNK010F20EC (Back hallway sat — GenieACS confirmed IP 192.168.1.109) + GenieACS ID: b89470-GigaSpire-CXNK010F20EC + IP: 192.168.1.109 + Hardware Version: 3000286517 + Software: 25.2.0.0.44 + MAC (Base): b8:94:70:46:81:4a + TR-069 ConnectionRequest URL: http://192.168.1.109:60002/z7n5I5V4 + TR-069 ConnectionRequest Username: b89470-GigaSpire-CXNK010F20EC + TR-069 ConnectionRequest Password: 1b46b5lceui + +Device: CXNK010F2064 (Office sat — GenieACS confirmed IP 192.168.1.155) + GenieACS ID: b89470-GigaSpire-CXNK010F2064 + IP: 192.168.1.155 + Hardware Version: 3000286517 + Software: 25.2.0.0.44 + MAC (Base): b8:94:70:46:7b:72 + TR-069 ConnectionRequest URL: http://192.168.1.155:60002/nMB8ZP6l + TR-069 ConnectionRequest Username: b89470-GigaSpire-CXNK010F2064 + TR-069 ConnectionRequest Password: 1s3syufqcp1 + +Device: CXNK010F208F (Living room — was primary, currently offline/NAT'd) + GenieACS ID: b89470-GigaSpire-CXNK010F208F + IP: 173.21.51.61 (public, NAT'd — not locally reachable) + Hardware Version: 3000286517 + Software: 25.2.0.0.44 + MAC (Base): b8:94:70:46:7d:4b + TR-069 ConnectionRequest URL: http://173.21.51.61:60002/c22kzfhk + TR-069 ConnectionRequest Username: b89470-GigaSpire-CXNK010F208F + TR-069 ConnectionRequest Password: oja2voe4hy + +Note: IP assignments confirmed from GenieACS live data (ConnectionRequestURL field). + The 4220E mesh and GenieSpire satellites share the same local IPs but are + separate devices. The 4220E APs (109, 155) handle WiFi for the mesh. + The GenieSpire satellites are the EXOS-based GigaSpire units that were + firmware-upgraded via GenieACS NBI API. + +=== CONNECTED CLIENTS (live scan, May 2026) === +192.168.1.1 router/gateway Calix Inc (b8:94:70:46:7d:4e) [gateway] +192.168.1.102 Chromecast "Living Room TV" Google Inc (dc:e5:5b:86:47:d1) + Ports: 8008 (DIAL/Cast), 8443, 10001 | Latency: ~79ms +192.168.1.109 Back hallway AP Calix Inc (b8:94:70:46:81:4a) [mesh sat] +192.168.1.110 Unknown Amazon Technologies (10:ce:02:5b:7a:4b) + No open ports detected (wireless client or firewall) +192.168.1.155 Office AP Calix Inc (b8:94:70:46:7b:72) [mesh sat] +192.168.1.159 Unknown Intel Corporate (c8:58:b3:6b:d9:60) + No open ports detected (WiFi client) +192.168.1.164 Unknown Amazon Technologies (48:5f:2d:3a:ae:fa) + No open ports detected (wireless client or firewall) +192.168.1.185 Unknown CANON INC (50:03:cf:af:22:7c) + No open ports detected (Canon printer?) +192.168.1.195 Unknown Amazon Technologies (44:d5:cc:cd:dd:b8) + No open ports detected +192.168.1.226 Unknown Amazon Technologies (1c:12:b0:4b:7e:4d) + Port 8888 open (protocol unknown, non-responsive to HTTP) +192.168.1.227 Unknown TP-Link Systems (5c:62:8b:a2:ec:1f) + No open ports detected +192.168.1.241 media-server [self] (eno1 interface) +192.168.1.248 Unknown Hon Hai (Foxconn) (00:24:2c:3a:61:ae) + No open ports detected (likely TV, streaming device) + +=== CALIX 4220E DEFAULT CREDENTIAL PATTERN === +- Each Calix 4220E has a unique per-device default admin password (printed on label or in docs) +- admin username is always "admin" +- The support password is the admin default password + "!5upporT" appended + + Applied to our units: + Main router (192.168.1.1): admin / 5e05068d | support / 5e05068d!5upporT + Back hallway (192.168.1.109): admin / db90529d | support / db90529d!5upporT + Office (192.168.1.155): admin / efe93f1d | support / efe93f1d!5upporT + +- Satellite APs (109, 155) in bridge/AP mode — nonce endpoint returns redirect HTML, + blocking web login entirely. Mesh APs only accept admin CLI or OMCI management, + not the standard HTTPS login flow. +- Main router web UI: admin account works with password 5e05068d; support account + works but all .cmd API endpoints return #ERROR_019 (read-only/monitor only) + +=== GENIEACS SERVER === +URL: https://genieacs.yoda.ddnsgeek.com +NBI port: 7557 (for API tasks) +ACS port: 7547 (CWMP/TR-069 — blocked by firewall, not externally accessible) +Admin UI: https://genieacs.yoda.ddnsgeek.com +Admin credentials: admin / 966QPr@*rCTMrWE9xSGm +Version: v1.2.16+26052038e9 +VPS: root@161.97.153.158 \ No newline at end of file