Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
toh:zte:mf286r [2022/09/09 12:52] – fin(except hardware images) pcislockedtoh:zte:mf286r [2024/11/04 10:22] (current) – [Basic configuration] andrewz
Line 5: Line 5:
 /* USE https://openwrt.org/meta/create_new_device_page */ /* USE https://openwrt.org/meta/create_new_device_page */
  
-{{page>meta:infobox:construction&noheader&nofooter&noeditbtn}}+ZTE MF286R is a wireless LTE router, capable of connecting to LTE networks at download speeds up to 300Mbps using carrier aggegation. It has 3x3 2.4GHz Wi-Fi 4 and 2x2 5GHz Wi-Fi 5 Wave 2 radios, four gigabit ethernet ports, one USB 2.0 port, two RJ-11 ports for connecting landline phones that lets you use the cellular network to make calls. It is commonly used by some European ISPs for FWA(Fixed Wireless Access) services, such as Windtre on Italy, Turkcell on Türkiye, and more. Some models of the MF286 family include battery or phone ports, as well as corresponding LEDs on the front.
  
-ZTE MF286 is a wireless LTE router, capable of connecting to LTE networks at speeds up to 300Mbps using carrier aggegation. It has tri-band 2.4GHz Wi-Fi 4 and dual-band 5GHz Wi-Fi 5 Wave 2 radios, four gigabit ethernet ports, one USB 2.0 port, two RJ-11 ports for connecting landline phones that lets you use the cellular network to make calls, and a battery slot on the back for a 3Ah battery. It is commonly used by some european ISPs for FWA(Fixed Wireless Access) services, by Windtre on Italy, Turkcell on Turkey, and more. Some models do not include battery or phone ports, as well as corresponding LEDs on the front. +{{media:zte:mf286r:mf286r-all-angles.jpg?512|ZTE MF286R from all angles.}}
- +
-{{media:zte:mf286r-all-angles.jpg?512|ZTE MF286R from all angles.}}+
  
 ===== Supported Versions ===== ===== Supported Versions =====
----- datatable ---- +<!-- ToH: { 
-cols    BrandModelVersions, Supported Current Rel, OEM device homepage URL_url, Forum Search_search-forumsDevice Techdata_pageid +  "source""json", 
-headers Brand, Model, Version, Current Release, OEM Info, Forum SearchTechnical Data +  "dom": "t", 
-align   c,c,c,c,c,c,c +  "paging": false
-filter  : Brand=ZTE +  "rotate"true
-filter  Model=MF286R +  "shownColumns"["brand""model""version""supportedcurrentrel""oemdevicehomepageurl""forumsearch", "deviceid"]
-----+  "filterColumns"{"brand": "^ZTE$", "model""^MF286R$"} 
 +-->
  
 /* If no unsupported functions known, comment out the following datatable or delete it. */ /* If no unsupported functions known, comment out the following datatable or delete it. */
----- datatable ---- +<!-- ToH: { 
-cols    Unsupported Functions_unsupporteds +  "source""json", 
-filter  : Brand=ZTE +  "dom""t", 
-filter  : Model=MF286R +  "paging"false, 
-----+  "shownColumns": ["unsupported_functions"], 
 +  "filterColumns": {"brand": "^ZTE$", "model": "^MF286R$"} 
 +-->
  
 ===== Experimental Versions ===== ===== Experimental Versions =====
Line 32: Line 33:
  
 ===== Hardware Highlights ===== ===== Hardware Highlights =====
----- datatable ---- +<!-- ToH: { 
-cols    ModelVersionsCPUCPU MHzCPU Cores_numcores, Flash MB_mbflashs, RAM MB_mbram, WLAN Hardware, WLAN 2.4GHz, WLAN 5.0GHz, Ethernet 100M ports_, Ethernet Gbit ports_, Modem, USB ports_ +  "source""json", 
-header  : ModelVersion,SoC,CPU MHz,CPU Cores,Flash MB,RAM MB,WLAN Hardware,WLAN2.4,WLAN5.0,100M ports,Gbit ports,Modem,USB +  "dom": "t", 
-align   : c,c,c,c,c,c,c,c,c,c,c,c,c +  "paging": false, 
-filter  : Brand=ZTE +  "rotate": true
-filter  Model=MF286R +  "shownColumns"["model""version""cpu""cpumhz""cpucores""flashmb""rammb""wlanhardware""wlan24ghz""wlan50ghz""ethernet100mports""ethernet1gports""modem""usbports"]
-----+  "filterColumns": {"brand""^ZTE$", "model""^MF286R$"} 
 +-->
  
 ===== Installation ===== ===== Installation =====
----- datatable ---- +<!-- ToH: { 
-cols    ModelVersionsSupported Current RelFirmware OpenWrt Install URL_url, Firmware OpenWrt Upgrade URL_urlFirmware OEM Stock URL_url +  "source""json", 
-headers ModelVersionCurrent ReleaseFirmware OpenWrt InstallFirmware OpenWrt UpgradeFirmware OEM Stock +  "dom": "t", 
-align   : c,c,c +  "paging": false, 
-filter  : Brand=ZTE +  "rotate": true
-filter  Model=MF286R +  "shownColumns"["model""version""supportedcurrentrel""firmwareopenwrtinstallurl""firmwareopenwrtupgradeurl""firmwareoemstockurl"]
-----+  "filterColumns"{"brand": "^ZTE$", "model""^MF286R$"} 
 +-->
  
 -> [[docs:guide-user:installation:generic.flashing|Install OpenWrt (generic explanation)]] -> [[docs:guide-user:installation:generic.flashing|Install OpenWrt (generic explanation)]]
-TL:DR; Get a TTL cable and connect to the serial(see ), boot the initramfs image, then apply the sysupgrade image.  + 
-If you don't have a TTL cable, you can use the known exploiot to gain a root shell and move from there. +TL:DR; Get a serial adapter and connect to the serial(see [[:toh:zte:mf286r#serial|Serial]]), boot the initramfs image, then apply the sysupgrade image.  
 +If you don't have a serial adapter, you can use the known exploit to gain a root shell and move from there. 
  
  
-STEP 1: Gaining root shell+====STEP 1: Gaining root shell====
  
-Method 1: +===Method 1=== 
-Use a serial cable. It might seem inconvenient to tear apart the device and get a TTL adapter for one job but it is way easier to do the install with it. Otherwise, feel free to follow the other methods mentioned below, which takes advantage of an URL RCE exploit within the Web UI. Some up-to-date firmwares patched this bug(such as T-Mobile.pl firmware.).+Use a serial cable. It might seem inconvenient to tear apart the device and get a serial adapter for one job but it is way easier to do the install with it. Otherwise, feel free to follow the other methods mentioned below, which takes advantage of an URL RCE exploit within the Web UI. Some up-to-date firmwares patched this bug(such as T-Mobile.pl firmware.). Physical connections for serial are shown [[:toh:zte:mf286r#serial|here.]]
  
-Method 2:+===Method 2===
 This works if busybox has telnetd compiled in the binary. If this does not work, try method 3.. This works if busybox has telnetd compiled in the binary. If this does not work, try method 3..
  
Line 69: Line 73:
 - After connecting to telnetd use "admin/admin" as credentials. - After connecting to telnetd use "admin/admin" as credentials.
  
-Method 3:+===Method 3===
 This works if busybox does not have telnetd compiled in. Notably, this is the case in DNA.fi firmware. This works if busybox does not have telnetd compiled in. Notably, this is the case in DNA.fi firmware.
  
 - Set IP of your computer to 192.168.0.22/24. - Set IP of your computer to 192.168.0.22/24.
 - Have a TFTP server running at that address - Have a TFTP server running at that address
-- Download MIPS build of busybox including telnetd, for example from [[https://busybox.net/downloads/binaries/1.21.1/busybox-mips|here]] and put it in it's root directory. Rename it as "telnetd".+- Download MIPS build of busybox including telnetd, for example from [[https://busybox.net/downloads/binaries/1.16.1/busybox-mips|here]] and put it in it's root directory. Rename it as "telnetd".
 - As previously, login to router's web UI and navigate to "URL filtering" - As previously, login to router's web UI and navigate to "URL filtering"
 - Using "Inspect" feature, extend "maxlength" property of the input field named "addURLFilter", so it looks like this: - Using "Inspect" feature, extend "maxlength" property of the input field named "addURLFilter", so it looks like this:
Line 82: Line 86:
 - Save the settings. This will download the telnetd binary over tftp and execute it. You should be able to log in at port 23, using "admin/admin" as credentials. - Save the settings. This will download the telnetd binary over tftp and execute it. You should be able to log in at port 23, using "admin/admin" as credentials.
  
-STEP 2: Backing up original software:+====STEP 2: Backing up original software====
 As the stock firmware may be customized by the carrier and is not officially available in the Internet, **IT IS IMPERATIVE** to back up the stock firmware, if you ever plan to returning to stock firmware. It is highly recommended to perform backup using both methods, to avoid hassle of reassembling firmware images in future, if a restore is needed. As the stock firmware may be customized by the carrier and is not officially available in the Internet, **IT IS IMPERATIVE** to back up the stock firmware, if you ever plan to returning to stock firmware. It is highly recommended to perform backup using both methods, to avoid hassle of reassembling firmware images in future, if a restore is needed.
  
-Method 1: after booting OpenWrt initramfs image via TFTP+===Method 1 - After booting OpenWrt initramfs image via TFTP===
 PLEASE NOTE: YOU CANNOT DO THIS IF USING INTERMEDIATE FIRMWARE FOR INSTALLATION. PLEASE NOTE: YOU CANNOT DO THIS IF USING INTERMEDIATE FIRMWARE FOR INSTALLATION.
 - Dump stock firmware located on stock kernel and ubi partitions and keep them in a safe place, should a restore be needed in future. - Dump stock firmware located on stock kernel and ubi partitions and keep them in a safe place, should a restore be needed in future.
Line 92: Line 96:
   ssh root@192.168.1.1: cat /dev/mtd9 > mtd9_ubi.bin   ssh root@192.168.1.1: cat /dev/mtd9 > mtd9_ubi.bin
  
-Method 2using stock firmware: +===Method 2 using stock firmware=== 
-- Connect an external USB drive formatted with FAT or ext4 to the USB port.+After booting into the stock frimware and connecting to the console either via serial or telnet, Connect an external USB drive formatted with FAT or ext4 to the USB port.
 - The drive will be auto-mounted to /var/usb_disk - The drive will be auto-mounted to /var/usb_disk
 - Check the flash layout of the device: - Check the flash layout of the device:
  
 +<WRAP BOX>
   cat /proc/mtd   cat /proc/mtd
 +</WRAP>
  
 It should show the following: It should show the following:
 +
   mtd0: 000a0000 00010000 "u-boot"   mtd0: 000a0000 00010000 "u-boot"
   mtd1: 00020000 00010000 "u-boot-env"   mtd1: 00020000 00010000 "u-boot-env"
Line 118: Line 125:
   mtd16: 01d00000 00020000 "firmware"   mtd16: 01d00000 00020000 "firmware"
  
-Differences might indicate that this is NOT a MF286A device but one of other variants.+ 
 +//Differences might indicate that this is NOT a MF286A device but one of other variants.//
 - Copy over all MTD partitions, for example by executing the following: - Copy over all MTD partitions, for example by executing the following:
  
Line 131: Line 139:
   umount /var/usb_disk; sync   umount /var/usb_disk; sync
      
-- Store the files in safe place if you ever plan to return to stock +- Store the files in safe place if you ever plan to return to stock firmware. **This is especially important, because stock firmware for this device is not available officially, and is usually customized by the mobile providers.** 
-  firmware. This is especially important, because stock firmware for + 
-  this device is not available officially, and is usually customized by + 
-  the mobile providers.+Alternatively, you can use the TFTP server you are already going to use for the openwrt initramfs image, as a storage for the MTD dumps, by using something similar to: (Thanks to cicibird at discord for this tip) 
 + 
 +  tftp -l /dev/mtd0ro -r mtd0ro_uboot.img -p 192.168.1.144 
 +  tftp -l /dev/mtd1ro -r mtd1ro_uenv.img -p 192.168.1.144 
 +  tftp -l /dev/mtd2ro -r mtd2ro_reseved1.img -p 192.168.1.144 
 +  tftp -l /dev/mtd3ro -r mtd3ro_foto-flag.img -p 192.168.1.144 
 +  tftp -l /dev/mtd4ro -r mtd4ro_art.img -p 192.168.1.144 
 +  tftp -l /dev/mtd5ro -r mtd5ro_mac.img -p 192.168.1.144 
 +  tftp -l /dev/mtd6ro -r mtd6ro_reserved2.img -p 192.168.1.144 
 +  tftp -l /dev/mtd7ro -r mtd7ro_cfg-param.img -p 192.168.1.144 
 +  tftp -l /dev/mtd8ro -r mtd8ro_log.img -p 192.168.1.144 
 +  tftp -l /dev/mtd9ro -r mtd9ro_oops.img -p 192.168.1.144 
 +  tftp -l /dev/mtd10ro -r mtd10ro_reserved3.img -p 192.168.1.144 
 +  tftp -l /dev/mtd11ro -r mtd11ro_web.img -p 192.168.1.144 
 +  tftp -l /dev/mtd12ro -r mtd12ro_kernel.img -p 192.168.1.144 
 +  tftp -l /dev/mtd13ro -r mtd13ro_rootfs.img -p 192.168.1.144 
 +  tftp -l /dev/mtd14ro -r mtd14ro_data.img -p 192.168.1.144 
 +  tftp -l /dev/mtd15ro -r mtd15ro_foto.img -p 192.168.1.144 
 +  tftp -l /dev/mtd16ro -r mtd16ro_frimware.img -p 192.168.1.144 
 + 
 +Change the IP accordingly, of course.
  
-STEP 3: Booting initramfs image:+====STEP 3: Booting initramfs image====
  
-Method 1: using serial console (RECOMMENDED): +===Method 1: using serial console (RECOMMENDED):=== 
-- Have TFTP server running, exposing the OpenWrt initramfs image, and set your computer's IP address as 192.168.0.22. This is the default expected by U-boot. You may wish to change that, and alter later commands accordingly.+- Have TFTP server running, exposing the OpenWrt initramfs image, and set your computer's IP address as 192.168.0.22 (/24, subnet mask 255.255.255.0). This is the default expected by U-boot. You may wish to change that, and alter later commands accordingly.
 - Connect the serial console if you haven't done so already, - Connect the serial console if you haven't done so already,
-- Interrupt boot sequence by pressing any key in U-boot when prompted "Hit any key to stop autoboot"+- Interrupt boot sequence by pressing any key in U-boot when prompted "Hit any key to stop autoboot". You might need to power cycle the device to get the prompt again.
 - Use the following commands to boot OpenWrt initramfs through TFTP: - Use the following commands to boot OpenWrt initramfs through TFTP:
   setenv serverip 192.168.0.22   setenv serverip 192.168.0.22
   setenv ipaddr 192.168.0.1   setenv ipaddr 192.168.0.1
-  tftpboot 0x81000000 openwrt-ath79-nand-zte_mf286a-initramfs-kernel.bin +  tftpboot 0x82000000 openwrt-ath79-nand-zte_mf286a-initramfs-kernel.bin 
-  bootm 0x81000000+  bootm 0x82000000
  
 (Replace server IP and router IP as needed).  (Replace server IP and router IP as needed). 
Line 153: Line 181:
 - When OpenWrt initramfs finishes booting, proceed to actual installation. - When OpenWrt initramfs finishes booting, proceed to actual installation.
  
-Method 2: using initramfs image as temporary boot kernel+===Method 2: using initramfs image as temporary boot kernel===
 This exploits the fact, that kernel and rootfs MTD devices are consecutive on NAND flash, so from within stock image, an initramfs can be written to this area and booted by U-boot on next reboot, because it uses "nboot" command which isn't limited by kernel partition size. This exploits the fact, that kernel and rootfs MTD devices are consecutive on NAND flash, so from within stock image, an initramfs can be written to this area and booted by U-boot on next reboot, because it uses "nboot" command which isn't limited by kernel partition size.
 - Download the initramfs-kernel.bin image - Download the initramfs-kernel.bin image
Line 161: Line 189:
   /var/usb_disk/openwrt-ath79-zte_mf286a-initramfs-kernel.bin   /var/usb_disk/openwrt-ath79-zte_mf286a-initramfs-kernel.bin
  
-- If write is OK, reboot the device, it will reboot to OpenWrt +- If the write fails with "Permission denied", then the flash can be unlocked using this hidden command: 
-  initramfs:+ 
 +  cat /proc/driver/sensor_id 
 +   
 +Retry the write afterwards. 
 + 
 +- If write is OK, reboot the device, it will reboot to OpenWrt initramfs:
  
   reboot -f   reboot -f
  
-- After rebooting, SSH into the device and use sysupgrade to perform +- After rebooting, SSH into the device and use sysupgrade to perform proper installation.
-  proper installation.+
  
-Method 3: using built-in TFTP recovery (LAST RESORT):+===Method 3: using built-in TFTP recovery (LAST RESORT)===
 - With that method, ensure you have complete backup of system's NAND flash first. It involves deliberately erasing the kernel. - With that method, ensure you have complete backup of system's NAND flash first. It involves deliberately erasing the kernel.
 - Download "-initramfs-kernel.bin" image for the device. - Download "-initramfs-kernel.bin" image for the device.
Line 184: Line 216:
      
   flash_erase /dev/mtd12   flash_erase /dev/mtd12
 +  
 +- If the erase fails with "Permission denied", then the flash can be unlocked using this hidden command:
 +
 +  cat /proc/driver/sensor_id
 +
 +Retry erasing afterwards.
      
 Replace mtd12 with kernel partition if differrent. **THIS IS POINT OF NO RETURN.** Replace mtd12 with kernel partition if differrent. **THIS IS POINT OF NO RETURN.**
 +
 - Restart the device. U-boot will attempt flashing the recovery initramfs image, which will let you perform actual installation using sysupgrade. This might take a considerable time, sometimes the router doesn't establish Ethernet link properly right after booting. **Be patient.** - Restart the device. U-boot will attempt flashing the recovery initramfs image, which will let you perform actual installation using sysupgrade. This might take a considerable time, sometimes the router doesn't establish Ethernet link properly right after booting. **Be patient.**
 - After U-boot finishes flashing, the LEDs of switch ports will all light up. At this moment, perform power-on reset, and wait for OpenWrt initramfs to finish booting. Then proceed to actual installation. - After U-boot finishes flashing, the LEDs of switch ports will all light up. At this moment, perform power-on reset, and wait for OpenWrt initramfs to finish booting. Then proceed to actual installation.
  
-STEP 4: Actual installation:+====STEP 4: Actual installation====
 - Set your computer IP to 192.168.1.22/24 - Set your computer IP to 192.168.1.22/24
 - scp the sysupgrade image to the device: - scp the sysupgrade image to the device:
Line 204: Line 243:
 ==== Flash Layout ==== ==== Flash Layout ====
 <WRAP BOX> <WRAP BOX>
-FIXME //[[:docs:techref:flash.layout#discovery_how_to_find_out|Find out flash layout]], then add the flash layout table here (copy, paste, modify the [[docs:techref:flash.layout#partitioning_of_the_flash|example]]).// 
- 
-Please check out the article [[docs:techref:flash.layout|Flash layout]]. It contains examples and explanations that describe how to document the flash layout. 
   mtd0: 000a0000 00010000 "u-boot"   mtd0: 000a0000 00010000 "u-boot"
   mtd1: 00020000 00010000 "u-boot-env"   mtd1: 00020000 00010000 "u-boot-env"
Line 250: Line 286:
  
 ===== Debricking ===== ===== Debricking =====
--> [[docs:guide-user:troubleshooting:generic.debrick]]+See [[docs:guide-user:troubleshooting:generic.debrick]]
  
 ===== Failsafe mode ===== ===== Failsafe mode =====
--> [[docs:guide-user:troubleshooting:failsafe_and_factory_reset]]+See [[docs:guide-user:troubleshooting:failsafe_and_factory_reset]]
  
 ===== Basic configuration ===== ===== Basic configuration =====
-Since the router is equipped with LTE modem as its main WAN interface, it might be useful to connect to the Internet right away after installation. To do so, you first need to install NCM protocol. To do that, you need to connect the router to the internet via Wi-Fi or Ethernet, configure the IP, gateway and DNS settings, then use the System > Software section in LuCI to install the **luci-proto-ncm** package. For more info about installing [[:packages:start|packages]], see [[:docs:guide-user:additional-software:managing_packages]]+Since the router is equipped with LTE modem as its main WAN interface, it might be useful to connect to the Internet right away after installation. To do so over Luci, you'need to connect to Internet via other means (Ethernet or Wi-Fi STA) and then install ''luci-proto-ncm'' package. 
  
-/* Offine install is possible but I couldn'find a way to get a link to the luci-proto-ncm. */+You can also add the necessary packages when building a new image with [[https://firmware-selector.openwrt.org/|Firmware Selector]] or download the package as well as its missing dependencies after installation via OpenWrt's website, upload them to the router and install them manually, which doesn'require the router to be connected to Internet. 
 +As of this writing, the package and its dependencies can be found from the following page (check and update the version accordingly): 
 +  * https://downloads.openwrt.org/releases/23.05.5/packages/mips_24kc/luci
 +  * https://downloads.openwrt.org/releases/23.05.5/targets/ath79/nand/packages/ 
 +  https://downloads.openwrt.org/releases/23.05.5/packages/mips_24kc/base/
  
-After installing NCM, you can either put the following entries in /etc/config/network, replacing the specific configuration entries with one needed for your ISP, or add the interface through LuCı.+If you can't access the Internet via other means or you want to set it up via console or SSH, you can put the following entries in ''/etc/config/network'', replacing the specific APN with one needed for your ISP.
  
 <code> <code>
-config interface 'lte'+config interface 'wwan'
         option proto 'ncm'         option proto 'ncm'
         option device '/dev/ttyACM0'         option device '/dev/ttyACM0'
-        option pdptype 'IPV4V6'+        option pdptype 'IP'
         option apn 'internet'         option apn 'internet'
-        option ipv6 'auto' 
-        option pincode '1234' 
 </code> </code>
  
-  * If you don't know your APN, you can either consult with your operator, or delete the line "option apn ...", in which case the modem will use the last known APN(not recommended). +Please refer to [[:docs:guide-user:network:wan:wwan:ethernetoverusb_ncm#network_configuration|NCM modem configuration]] for further details.
-  * If your SIM card doesn't have a PIN code, remove the line containing "option pincode ...."+
-  * If your operator doesn't support IPv6, replace IPV4V6 with IPV4.+
    
 After configuring your LTE modem, you can follow [[docs:guide-user:base-system:start|Basic configuration]] to proceed with other configuration steps, such as [[:docs:guide-user:network:wifi:start|setting up your Wi-Fi]]. After configuring your LTE modem, you can follow [[docs:guide-user:base-system:start|Basic configuration]] to proceed with other configuration steps, such as [[:docs:guide-user:network:wifi:start|setting up your Wi-Fi]].
Line 314: Line 350:
 ===== Hardware ===== ===== Hardware =====
 ==== Info ==== ==== Info ====
----- datatemplatelist dttpllist ---- +<!-- ToH: { 
-templatemeta:template_datatemplatelist +  "source""json", 
-cols    BrandModelVersionsDevice TypeAvailabilitySupported Since Commit_gitSupported since RelSupported current RelUnsupportedBootloaderCPUTargetCPU MHzFlash MBsRAM MBSwitchEthernet 100M ports_Ethernet Gbit ports_Comments network ports_ModemVLANWLAN 2.4GHzWLAN 5.0GHzWLAN HardwaresWLAN Comments_Detachable Antennas_USB ports_SATA ports_Comments USB SATA ports_SerialJTAGLED countButton countPower supplyDevice Techdata_pageidForum topic URL_urlwikidevi URL_urlOEM Device Homepage URL_urlFirmware OEM Stock URL_urlFirmware OpenWrt Install URL_urlFirmware OpenWrt Upgrade URL_urlComments_ +  "dom""t", 
-filter  : Brand=ZTE +  "paging"false, 
-filter  Model=MF286R +  "rotate": true, 
-----+  "shownColumns": ["brand""model""version""devicetype""availability""supportedsincecommit""supportedsincerel""supportedcurrentrel""unsupported_functions""bootloader""cpu""target""cpumhz""flashmb""rammb""switch""ethernet100mports""ethernet1gports""commentsnetworkports""modem""vlan""wlan24ghz""wlan50ghz""wlanhardware""wlancomments""detachableantennas""usbports""sataports""commentsusbsataports""serial""jtag""ledcount""buttoncount""powersupply""deviceid""owrt_forum_topic_url""wikideviurl""oemdevicehomepageurl""firmwareoemstockurl", "firmwareopenwrtinstallurl", "firmwareopenwrtupgradeurl", "comments"]
 +  "filterColumns": {"brand""^ZTE$", "model""^MF286R$"} 
 +-->
  
 ==== Photos ==== ==== Photos ====
-/* =====>>>>> Standard size for photos: add ?400 to the medialink                                */ 
-/* When uploading photos, **name them** intelligently. Nobody knows what 20100930_000602.jpg is! */ 
-/* e.g. {{:media:yourbrand:yourbrand_yourmodel_front.jpg?400|}}                                  */ 
-/* Thanks, your wiki administration - Oct. 2015 */ 
  
 //Front://\\ //Front://\\
-**Insert photo of front of the casing**+{{media:zte:mf286r:mf286r-superbox-front.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-1.jpg?400|}}
  
 //Back://\\ //Back://\\
-**Insert photo of back of the casing**+{{media:zte:mf286r:mf286r-superbox-back.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-2.jpg?400|}}
  
-//Backside label://\\ +//Top://\\ 
-**Insert photo of backside label**+{{:media:zte:mf286d:mf286d-3.jpg?400|}} 
 + 
 +//Right://\\ 
 +{{:media:zte:mf286d:mf286d-4.jpg?400|}} 
 + 
 +//Under device label://\\ 
 +{{:media:zte:mf286d:mf286d-5.jpg?400|}} 
 + 
 +//Disassembled case://\\ 
 +{{:media:zte:mf286d:mf286d-6.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-7.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-8.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-9.jpg?400|}}
  
 ==== Opening the case ==== ==== Opening the case ====
Line 340: Line 388:
 **Note:** This will void your warranty! **Note:** This will void your warranty!
  
-<WRAP BOX> +  - Take of battery lid (no battery support for this modelbattery cage is dummy). 
-FIXME //Describe what needs to be done to open the devicee.gremove rubber feet, adhesive labels, screws...// +  - Unscrew screw placed behind battery lid. 
-  * To remove the cover and open the device, do a/b/c +  - Take off back cover. It attached with multiple plastic clamps. 
-</WRAP>+  - Unscrew four more screws hidden behind back case. 
 +  - Remove front panel from blue chassisThere are more plastic 
 +   clamps
 +  - Unscrew two boards, which secures the PCB in the chassis. 
 +  - Extract board from blue chassis.
  
 //Main PCB://\\ //Main PCB://\\
-**Insert photo of PCB**+{{:media:zte:mf286d:mf286d-10.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-11.jpg?400|}} 
 + 
 +//PCB Board Details and modem photo://\\ 
 +{{:media:zte:mf286d:mf286d-12.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-13.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-14.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-15.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-16.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-17.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-18.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-19.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-20.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-21.jpg?400|}} 
 +{{:media:zte:mf286d:mf286d-22.jpg?400|}}
  
 ==== Serial ==== ==== Serial ====
  • Last modified: 2022/09/09 12:52
  • by pcislocked