Dies ist eine alte Version des Dokuments!

Inhaltsverzeichnis

Configuration protocol of the VAP 11G wireless bridge
- The ethnernet II packet format (ethertype 8888)
  - General structure of the 0x8888 packet (hex)
- Known Commands

Configuration protocol of the VAP 11G wireless bridge

This device, manufactured by vonets.com, is a simple ethernet to wlan bridge. It allows any device with a wired (cat5) network connection to connect to a wlan network. I.e. it is a small device that builds up a wlan connection and fowards everything received on its wlan interface to the wired interface (and vice versa). The computer behind the bridge does not have to support wlan at all, all wlan settings are done on the device itself!

The configuration is done via a custom ethernet II protocol (ethertype 0x8888), so the device itself does NOT get an IP address.
There are two types of (binary) commands:
- control commands (device detection, status request) and
- configuration submission/retrieval commands. Their payload is a pure-text configuration format and is used by other devices, too (e.g. the HP2101nw wireless G USB print server and some other print servers and network USB server devices). Those other devices do use other configuration transports, though (the hp2101nw uses a USB connection, some print servers use ftp to transfer those configuration files).

The ethnernet II packet format (ethertype 8888)

A sample packet:

  0000  00 17 13 11 fc d0 08 00 27 51 a4 a2 88 88 01 01   ........'Q......
  0010  01 00 00 00 00 00 07 00 39 31 30 37 3a 0d 0a 00   ........9107:...
  0020  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
  0030  00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................

The first 14 bytes are the Ethernet II header (destination MAC, source MAC, Ethernet II proto), the rest is the actual 0x8888 packet, which will be described below. Both outgoing and incoming packets use the same format.

General structure of the 0x8888 packet (hex)

 cc cc uu 00 00 00 rr rr ll ll [dd dd dd dd dd ...]

byte	description
0-1	command
2	: UNKNOWN
3-5	Always `0x00`
6-7	# of remaining packets
8-9	Length of the data (bytes 10-…), in lower endian
10-length	Data contents (in configuration file format)
length+1 - 63	padding with `0x00` to have at least 64 bytes.

Known Commands

Command	description	data content	return value	comment
0x00 0x00	Device information	NONE	0x38 bytes	also sent as broadcast
0x00 0x01	Get devic status	NONE	2 bytes (0=OK)
0x01 0x01	Send config data	cfg data	2 bytes (status, 0=OK)
0x02 0x01	Request return config data	NONE	config data (variable length)

USB packet data format

After this this 12/13 bytes header follows the actual content of the packet, which consists of \n-separated lines (i.e. 0x0a linefeed). Each entry has the form

OPTIONID [OPTIONNAME]:VALUE

The OPTIONID followed by an ordinary space (0x20). The OPTIONNAME is typically empty when sending data from the USB host to the device. VALUE can be empty or any other string describing the option value.

byte(s)	value	description
0	0x40 (@)	magic byte indicating a command from the device
1-2	0x0000 (\0\0)	Unknown, always 0
3-4	content length	Length of the packet contents (excluding this header), LITTLE ENDIAN (lower byte first)
5-12	sendername	boxname of the sending device (something like „PT9E2D2F“, „PT“ + last 6 bytes of MAC)

Device option ranges

Range	Command types
0xxx	General system settings (hostname, L1/L2/L3)
4xxx	IP-Address, dhcp, router, etc. settings
5xxx	Unknown (only set, but not returned with configuration
70xx	Infrastructure wireless settings
71xx	Ad-hoc wireless settings
9xxx	Device commands (sent to the device)

Device commands

To send a command (e.g. reset, retrieve config data, etc.) to the device, the same format is used as described above. All commands start with 9xxx and typically don't have any value.

Command	Description	Return value
9002	Reset device	Empty responses (only header) until device is shut down and does not return anything
9100	Request configuration from the device	full device config
9107	Start wlan scan	empty (only header)
9971	Unknown (only called for ad-hoc after network scan)	`1`

USB detection / device capabilities

One USB request (command 9100), returning all configuration options, each on a separate line (0x0a linefeed) character as described above. For a list of all options, see below.

0040  40 00 06 00 58 58 58 58 58 58 58 58 39 31 30 30   @...XXXXXXXX9100
0050  3a 0a                                             :.
    0040  40 00 00 e3 03 50 54 39 45 32 44 32 46 30 30 30   @....PT9E2D2F000
    0050  31 20 42 4f 58 5f 4e 41 4d 45 3a 57 50 54 39 45   1 BOX_NAME:WPT9E
    0060  32 44 32 46 0a 30 30 31 32 20 54 43 50 49 50 5f   2D2F.0012 TCPIP_
    0070  50 20 3a 45 6e 61 62 6c 65 0a 30 31 30 30 20 4c   P :Enable.0100 L
    0080  31 5f 50 52 4f 55 54 3a 50 31 0a 30 31 30 31 20   1_PROUT:P1.0101 
    0090  4c 31 5f 50 52 45 53 54 3a 0a 30 31 30 32 20 4c   L1_PREST:.0102 L
    00a0  31 5f 50 4f 53 54 52 3a 0a 30 31 30 33 20 4c 31   1_POSTR:.0103 L1
    00b0  5f 43 48 47 4c 46 3a 4e 6f 0a 30 31 32 30 20 4c   _CHGLF:No.0120 L
    00c0  32 5f 50 52 4f 55 54 3a 50 31 0a 30 31 32 31 20   2_PROUT:P1.0121 
    00d0  4c 32 5f 50 52 45 53 54 3a 0a 30 31 32 32 20 4c   L2_PREST:.0122 L
    00e0  32 5f 50 4f 53 54 52 3a 0a 30 31 32 33 20 4c 32   2_POSTR:.0123 L2
    00f0  5f 43 48 47 4c 46 3a 4e 6f 0a 30 31 34 30 20 4c   _CHGLF:No.0140 L
    0100  33 5f 50 52 4f 55 54 3a 50 31 0a 30 31 34 31 20   3_PROUT:P1.0141 
    0110  4c 33 5f 50 52 45 53 54 3a 0a 30 31 34 32 20 4c   L3_PREST:.0142 L
    0120  33 5f 50 4f 53 54 52 3a 0a 30 31 34 33 20 4c 33   3_POSTR:.0143 L3
    0130  5f 43 48 47 4c 46 3a 4e 6f 0a 34 30 30 30 20 49   _CHGLF:No.4000 I
    0040  50 5f 41 44 44 52 3a 30 2e 30 2e 30 2e 30 0a 34   P_ADDR:0.0.0.0.4
    0050  30 30 31 20 47 41 54 45 57 41 59 3a 30 2e 30 2e   001 GATEWAY:0.0.
    0060  30 2e 30 0a 34 30 30 32 20 4d 41 53 4b 20 20 20   0.0.4002 MASK   
    0070  3a 30 2e 30 2e 30 2e 30 0a 34 30 31 30 20 54 43   :0.0.0.0.4010 TC
    0080  50 5f 49 4e 54 3a 30 0a 34 30 31 31 20 54 43 50   P_INT:0.4011 TCP
    0090  5f 43 4e 54 3a 30 0a 34 30 31 32 20 57 49 4e 53   _CNT:0.4012 WINS
    00a0  5f 49 50 3a 30 2e 30 2e 30 2e 30 0a 34 30 32 30   _IP:0.0.0.0.4020
    00b0  20 44 48 43 50 5f 4d 4f 44 45 3a 45 6e 61 62 6c    DHCP_MODE:Enabl
    00c0  65 0a 37 30 30 30 20 53 53 49 44 3a 6b 61 69 6e   e.7000 SSID:kain
    00d0  68 6f 66 65 72 0a 37 30 30 31 20 44 4f 4d 41 49   hofer.7001 DOMAI
    00e0  4e 3a 31 30 0a 37 30 30 32 20 43 48 41 4e 4e 45   N:10.7002 CHANNE
    00f0  4c 3a 36 0a 37 30 30 33 20 53 45 43 4d 4f 44 45   L:6.7003 SECMODE
    0100  3a 32 0a 37 30 30 34 20 4b 45 59 5f 4c 45 4e 3a   :2.7004 KEY_LEN:
    0110  30 0a 37 30 30 35 20 44 45 46 41 55 4c 54 4b 45   0.7005 DEFAULTKE
    0120  59 3a 30 0a 37 30 30 36 20 4b 45 59 30 3a 0a 37   Y:0.7006 KEY0:.7
    0130  30 30 37 20 4b 45 59 31 3a 0a 37 30 30 38 20 4b   007 KEY1:.7008 K
    0040  45 59 32 3a 0a 37 30 30 39 20 4b 45 59 33 3a 0a   EY2:.7009 KEY3:.
    0050  37 30 31 32 20 41 55 54 48 45 4e 3a 31 0a 37 30   7012 AUTHEN:1.70
    0060  31 33 20 4d 4f 44 45 3a 30 0a 37 30 31 34 20 4c   13 MODE:0.7014 L
    0070  49 4e 4b 49 4e 46 4f 3a 53 54 41 54 45 3a 44 69   INKINFO:STATE:Di
    0080  73 63 6f 6e 6e 65 63 74 65 64 3b 43 48 41 4e 4e   sconnected;CHANN
    0090  45 4c 3a 36 3b 54 58 52 41 54 45 3a 30 3b 54 58   EL:6;TXRATE:0;TX
    00a0  3a 30 3b 52 58 3a 30 3b 51 55 41 4c 49 54 59 3a   :0;RX:0;QUALITY:
    00b0  4e 6f 74 20 41 70 70 6c 69 63 61 62 6c 65 3b 53   Not Applicable;S
    00c0  54 52 45 4e 47 54 48 3a 4e 6f 74 20 41 70 70 6c   TRENGTH:Not Appl
    00d0  69 63 61 62 6c 65 3b 0a 37 30 31 37 20 57 50 41   icable;.7017 WPA
    00e0  3a 57 50 41 32 0a 37 30 31 38 20 50 53 4b 41 4c   :WPA2.7018 PSKAL
    00f0  53 45 54 3a 30 0a 37 30 31 39 20 50 53 4b 4b 45   SET:0.7019 PSKKE
    0100  59 3a 72 65 69 6e 68 6f 6c 64 0a 37 30 32 30 20   Y:reinhold.7020 
    0110  50 53 4b 41 4c 3a 54 4b 49 50 3b 41 45 53 3b 0a   PSKAL:TKIP;AES;.
    0120  37 30 32 31 20 53 55 52 56 45 59 3a 0a 37 30 32   7021 SURVEY:.702
    0130  33 20 57 50 41 32 41 4c 3a 54 4b 49 50 3b 41 45   3 WPA2AL:TKIP;AE
    0040  53 3b 0a 37 30 32 34 20 53 54 41 4d 4f 44 45 3a   S;.7024 STAMODE:
    0050  30 0a 37 30 32 35 20 41 50 43 48 41 4e 4e 45 4c   0.7025 APCHANNEL
    0060  3a 36 0a 37 30 32 36 20 43 48 4d 4f 44 45 3a 31   :6.7026 CHMODE:1
    0070  0a 37 30 33 30 20 57 4c 4d 4f 44 45 3a 30 0a 37   .7030 WLMODE:0.7
    0080  31 30 30 20 41 50 53 53 49 44 3a 57 50 54 5f 35   100 APSSID:WPT_5
    0090  30 34 35 35 41 0a 37 31 30 33 20 41 50 53 45 43   0455A.7103 APSEC
    00a0  4d 4f 44 45 3a 30 0a 37 31 30 34 20 41 50 4b 45   MODE:0.7104 APKE
    00b0  59 5f 4c 45 4e 3a 30 0a 37 31 30 35 20 41 50 44   Y_LEN:0.7105 APD
    00c0  45 46 41 55 4c 54 4b 45 3a 30 0a 37 31 30 36 20   EFAULTKE:0.7106 
    00d0  41 50 4b 45 59 30 3a 0a 37 31 30 37 20 41 50 4b   APKEY0:.7107 APK
    00e0  45 59 31 3a 0a 37 31 30 38 20 41 50 4b 45 59 32   EY1:.7108 APKEY2
    00f0  3a 0a 37 31 30 39 20 41 50 4b 45 59 33 3a 0a 37   :.7109 APKEY3:.7
    0100  31 31 32 20 41 50 41 55 54 48 45 4e 3a 31 0a 37   112 APAUTHEN:1.7
    0110  31 31 38 20 41 50 50 53 4b 41 4c 53 45 54 3a 30   118 APPSKALSET:0
    0120  0a 37 31 31 39 20 41 50 50 53 4b 4b 45 59 3a 0a   .7119 APPSKKEY:.

The configuration data in human-readable form:

0001 BOX_NAME:WPT9E2D2F
0012 TCPIP_P :Enable
0100 L1_PROUT:P1
0101 L1_PREST:
0102 L1_POSTR:
0103 L1_CHGLF:No
0120 L2_PROUT:P1
0121 L2_PREST:
0122 L2_POSTR:
0123 L2_CHGLF:No
0140 L3_PROUT:P1
0141 L3_PREST:
0142 L3_POSTR:
0143 L3_CHGLF:No
4000 IP_ADDR:0.0.0.0
4001 GATEWAY:0.0.0.0
4002 MASK   :0.0.0.0
4010 TCP_INT:0
4011 TCP_CNT:0
4012 WINS_IP:0.0.0.0
4020 DHCP_MODE:Enable
7000 SSID:kainhofer
7001 DOMAIN:10
7002 CHANNEL:6
7003 SECMODE:2
7004 KEY_LEN:0
7005 DEFAULTKEY:0
7006 KEY0:
7007 KEY1:
7008 KEY2:
7009 KEY3:
7012 AUTHEN:1
7013 MODE:0
7014 LINKINFO:STATE:Disconnected;CHANNEL:6;TXRATE:0;TX:0;RX:0;QUALITY:Not Applicable;STRENGTH:Not Applicable;
7017 WPA:WPA2
7018 PSKALSET:0
7019 PSKKEY:reinhold
7020 PSKAL:TKIP;AES;
7021 SURVEY:
7023 WPA2AL:TKIP;AES;
7024 STAMODE:0
7025 APCHANNEL:6
7026 CHMODE:1
7030 WLMODE:0
7100 APSSID:WPT_50455A
7103 APSECMODE:0
7104 APKEY_LEN:0
7105 APDEFAULTKE:0
7106 APKEY0:
7107 APKEY1:
7108 APKEY2:
7109 APKEY3:
7112 APAUTHEN:1
7118 APPSKALSET:0
7119 APPSKKEY:

Example when print server is connected to a WLAN:

@....PT9E2D2F
0001 BOX_NAME:WPT9E2D2F
0012 TCPIP_P :Enable
0100 L1_PROUT:P1
0101 L1_PREST:
0102 L1_POSTR:
0103 L1_CHGLF:No
0120 L2_PROUT:P1
0121 L2_PREST:
0122 L2_POSTR:
0123 L2_CHGLF:No
0140 L3_PROUT:P1
0141 L3_PREST:
0142 L3_POSTR:
0143 L3_CHGLF:No
4000 IP_ADDR:128.131.192.44
4001 GATEWAY:128.131.192.1
4002 MASK   :255.255.248.0
4010 TCP_INT:0
4011 TCP_CNT:0
4012 WINS_IP:0.0.0.0
4020 DHCP_MODE:Enable
7000 SSID:tunet
7001 DOMAIN:10
7002 CHANNEL:5
7003 SECMODE:0
7004 KEY_LEN:0
7005 DEFAULTKEY:0
7006 KEY0:
7007 KEY1:
7008 KEY2:
7009 KEY3:
7012 AUTHEN:1
7013 MODE:0
7014 LINKINFO:STATE:Associated - BSS ID = B4:A4:E3:B4:F7:23;SSID:tunet;CHANNEL:5;TXRATE:48;TX:0;RX:1440;QUALITY:Low(20%);STRENGTH:Low(20%);
7017 WPA:WPA2
7018 PSKALSET:0
7019 PSKKEY:
7020 PSKAL:TKIP;AES;
7021 SURVEY:
7023 WPA2AL:TKIP;AES;
7024 STAMODE:0
7025 APCHANNEL:5
7026 CHMODE:1
7030 WLMODE:0
7100 APSSID:WPT_50455A
7103 APSECMODE:0
7104 APKEY_LEN:0
7105 APDEFAULTKE:0
7106 APKEY0:
7107 APKEY1:
7108 APKEY2:
7109 APKEY3:
7112 APAUTHEN:1
7118 APPSKALSET:0
7119 APPSKKEY:

Retrieving WLAN access points

A 9107 command initiates a WIFI scan on the device
- after 5 seconds, the full configuration is requested (9100 command).
- The results of the scan are stored in the 7021 SURVEY variable.
- If that variable is empty, the 9107 wifi scan and the 9100 are repeated
Break when the survey returns results.

0040  40 00 07 00 58 58 58 58 58 58 58 58 39 31 30 37   @...XXXXXXXX9107
0050  3a 0d 0a                                          :..
    0040  40 00 00 00 00 50 54 39 45 32 44 32 46            @....PT9E2D2F
[5 seconds pause]
0040  40 00 07 00 58 58 58 58 58 58 58 58 39 31 30 30   @...XXXXXXXX9100
0050  3a 0d 0a                                          :..
    0040  40 00 00 e3 03 50 54 39 45 32 44 32 46 30 30 30   @....PT9E2D2F000
    0050  31 20 42 4f 58 5f 4e 41 4d 45 3a 57 50 54 39 45   1 BOX_NAME:WPT9E
    [...]
    0120  37 30 32 31 20 53 55 52 56 45 59 3a 65 64 75 72   7021 SURVEY:edur
    0130  6f 61 6d 0c 62 34 61 34 65 33 62 34 66 37 32 30   oam.b4a4e3b4f720
    0040  2c 35 2c 47 2c 38 2c 31 30 2c 30 0b 77 6c 61 6e   ,5,G,8,10,0.wlan
    0050  69 70 73 65 63 0c 62 34 61 34 65 33 62 34 66 37   ipsec.b4a4e3b4f7
    0060  32 31 2c 35 2c 47 2c 30 2c 32 30 2c 30 0b 61 6d   21,5,G,0,20,0.am
    0070  61 63 69 2e 61 74 0c 30 30 31 64 37 65 33 30 64   aci.at.001d7e30d
    0080  38 30 62 2c 36 2c 47 2c 34 2c 31 30 2c 30 0b 55   80b,6,G,4,10,0.U
    0090  50 43 30 31 31 30 32 35 0c 30 30 31 65 36 39 36   PC011025.001e696
    00a0  32 64 31 66 61 2c 31 2c 47 2c 31 2c 31 30 2c 30   2d1fa,1,G,1,10,0
    00b0  0b 74 75 6e 65 74 0c 62 34 61 34 65 33 62 34 66   .tunet.b4a4e3b4f
    00c0  37 32 33 2c 35 2c 47 2c 30 2c 31 30 2c 30 0b 0a   723,5,G,0,10,0..
    [...]

Format of the 7021 SURVEY variable:

SSID[formfeed 0x0c]MAC-address,channel,A/B/G,encryption,signal,AP/Adhoc[linetab 0x0b]

where

variable
SSID	String containing the SSID of the access point or ad-hoc network
MAC-address	hex-string of AP MAC address (lower-case) without : delimiters
channel	wifi channel (0-11)
A/B/G	Wifi version (A, B, G)
encryption	0=None, 1=WEP, 4=WPA2-PSK, 6=WPA2-PSK, 7=WPA-PSK, 8=WPA2
signal	0/10/20/30/40/50 (max.50)
AP/Adhoc	o=AP, 1=Ad-hoc network

Above example in human-readable format:

eduroam[formfeed]b4a4e3b4f720,5,G,8,10,0[linetab]
wlanipsec[formfeed]b4a4e3b4f721,5,G,0,20,0[linetab]
amaci.at[formfeed]001d7e30d80b,6,G,4,10,0[linetab]
UPC011025[formfeed]001e6962d1fa,1,G,1,10,0[linetab]
tunet[formfeed]b4a4e3b4f723,5,G,0,10,0[linetab]

Ad-hoc network

Network discovery works with the same 9100 and 9107 commands, but afterwards one additional 9971 command is sent:

0040  40 00 06 00 58 58 58 58 58 58 58 58 39 39 37 31   @...XXXXXXXX9971
0050  3a 0a                                             :.
    0040  40 00 00 01 00 50 54 39 45 32 44 32 46 31         @....PT9E2D2F1

Setting the wlan access point

Changing settings on the device works by simply sending a new configuration file containing only those options that should be changed. Example: WLAN settings: ESSID „tunet“, no encryption or authentication, addresses via DHCP

0040  40 00 09 01 58 58 58 58 58 58 58 58 34 30 30 30   @...XXXXXXXX4000
0050  20 3a 30 2e 30 2e 30 2e 30 0a 34 30 30 31 20 3a    :0.0.0.0.4001 :
0060  30 2e 30 2e 30 2e 30 0a 34 30 30 32 20 3a 30 2e   0.0.0.0.4002 :0.
0070  30 2e 30 2e 30 0a 34 30 32 30 20 3a 45 6e 61 62   0.0.0.4020 :Enab
0080  6c 65 0a 34 30 32 31 20 3a 45 6e 61 62 6c 65 0a   le.4021 :Enable.
0090  34 30 32 32 20 3a 45 6e 61 62 6c 65 0a 35 30 30   4022 :Enable.500
00a0  30 20 3a 0a 35 30 30 33 20 3a 0a 35 31 30 31 20   0 :.5003 :.5101 
00b0  3a 0a 35 31 30 32 20 3a 0a 35 31 30 34 20 3a 0a   :.5102 :.5104 :.
00c0  35 31 30 33 20 3a 0a 37 30 30 30 20 3a 74 75 6e   5103 :.7000 :tun
00d0  65 74 0a 37 30 30 31 20 3a 0a 37 30 30 32 20 3a   et.7001 :.7002 :
00e0  35 0a 37 30 30 33 20 3a 30 0a 37 30 30 34 20 3a   5.7003 :0.7004 :
00f0  30 0a 37 30 30 35 20 3a 30 0a 37 30 30 36 20 3a   0.7005 :0.7006 :
0100  0a 37 30 30 37 20 3a 0a 37 30 30 38 20 3a 0a 37   .7007 :.7008 :.7
0110  30 30 39 20 3a 0a 37 30 31 32 20 3a 31 0a 37 30   009 :.7012 :1.70
0120  31 33 20 3a 30 0a 37 30 31 38 20 3a 30 0a 37 30   13 :0.7018 :0.70
0130  31 39 20 3a 0a 37 30 32 34 20 3a 30 0a 37 30 32   19 :.7024 :0.702
0040  35 20 3a 35 0a 37 30 32 36 20 3a 31 0a 37 30 33   5 :5.7026 :1.703
0050  30 20 3a 30 0a                                    0 :0.
    [empty response]
0040  40 00 06 00 58 58 58 58 58 58 58 58 39 30 30 32   @...XXXXXXXX9002
0050  3a 0a                                             :.
    1.) 0040  40 00 00 00 00 50 54 39 45 32 44 32 46            @....PT9E2D2F
    2.) 0040  40 00 00 00 00 50 54 39 45 32 44 32 46            @....PT9E2D2F
    3.) [empty]

Human-readable form of the config data sent to the device:

@...XXXXXXXX
4000 :0.0.0.0
4001 :0.0.0.0
4002 :0.0.0.0
4020 :Enable
4021 :Enable
4022 :Enable
5000 :
5003 :
5101 :
5102 :
5104 :
5103 :
7000 :tunet
7001 :
7002 :5
7003 :0
7004 :0
7005 :0
7006 :
7007 :
7008 :
7009 :
7012 :1
7013 :0
7018 :0
7019 :
7024 :0
7025 :5
7026 :1
7030 :0

Ad-hoc network settings

0040  40 00 79 00 58 58 58 58 58 58 58 58 37 30 32 34   @.y.XXXXXXXX7024
0050  20 3a 31 0a 37 30 32 35 20 3a 36 0a 37 30 32 36    :1.7025 :6.7026
0060  20 3a 31 0a 37 30 33 30 20 3a 31 0a 37 31 30 30    :1.7030 :1.7100
0070  20 3a 72 65 69 6e 68 6f 63 0a 37 31 30 33 20 3a    :reinhoc.7103 :
0080  30 0a 37 31 30 34 20 3a 30 0a 37 31 30 35 20 3a   0.7104 :0.7105 :
0090  30 0a 37 31 30 36 20 3a 0a 37 31 30 37 20 3a 0a   0.7106 :.7107 :.
00a0  37 31 30 38 20 3a 0a 37 31 30 39 20 3a 0a 37 31   7108 :.7109 :.71
00b0  31 32 20 3a 31 0a 37 31 31 38 20 3a 30 0a 37 31   12 :1.7118 :0.71
00c0  31 39 20 3a 0a                                    19 :.
    [empty response]
0040  40 00 06 00 58 58 58 58 58 58 58 58 39 30 30 32   @...XXXXXXXX9002
0050  3a 0a                                             :.
    1.) 0040  40 00 00 00 00 50 54 39 45 32 44 32 46            @....PT9E2D2F
    2.) 0040  40 00 00 00 00 50 54 39 45 32 44 32 46            @....PT9E2D2F
    3.) [empty]

Human-readable form of the config data sent to the device:

@.y.XXXXXXXX
7024 :1
7025 :6
7026 :1
7030 :1
7100 :reinhoc
7103 :0
7104 :0
7105 :0
7106 :
7107 :
7108 :
7109 :
7112 :1
7118 :0
7119 :

Resetting the device

The device is reset with the 9002 command, but the timing is extremely relevant to prevent USB errors and/or USB interface being still held open.

0040  40 00 06 00 58 58 58 58 58 58 58 58 39 30 30 32   @...XXXXXXXX9002
0050  3a 0a                                             :.
    1.) 0040  40 00 00 00 00 50 54 39 45 32 44 32 46            @....PT9E2D2F
    2.) 0040  40 00 00 00 00 50 54 39 45 32 44 32 46            @....PT9E2D2F
    3.) [empty]

All configuration variables

Var.ID	Var.Name	value	comments
0001	„BOX_NAME“	WPT9E2D2F
0012	„TCPIP_P „	Enable
0100	„L1_PROUT“	P1
0101	„L1_PREST“
0102	„L1_POSTR“
0103	„L1_CHGLF“	No
0120	„L2_PROUT“	P1
0121	„L2_PREST“
0122	„L2_POSTR“
0123	„L2_CHGLF“	No
0140	„L3_PROUT“	P1
0141	„L3_PREST“
0142	„L3_POSTR“
0143	„L3_CHGLF“	No
4000	„IP_ADDR“	128.131.192.44
4001	„GATEWAY“	128.131.192.1
4002	„MASK „	255.255.248.0
4010	„TCP_INT“	0
4011	„TCP_CNT“	0
4012	„WINS_IP“	0.0.0.0
4020	„DHCP_MODE“	Enable
4021	-	Enable	: Unknown
4022	-	Enable	: Unknown
5000	-		: Unknown
5003	-		: Unknown
5101	-		: Unknown
5102	-		: Unknown
5103	-		: Unknown
5104	-		: Unknown
7000	„SSID“	tunet
7001	„DOMAIN“	10
7002	„CHANNEL“	5
7003	„SECMODE“	0
7004	„KEY_LEN“	0
7005	„DEFAULTKEY“	0
7006	„KEY0“
7007	„KEY1“
7008	„KEY2“
7009	„KEY3“
7012	„AUTHEN“	1
7013	„MODE“	0
7014	„LINKINFO“	STATE:Associated - BSS ID = B4:A4:E3:B4:F7:23;SSID:tunet;CHANNEL:5;TXRATE:48;TX:0;RX:1440;QUALITY:Low(20%);STRENGTH:Low(20%);
7017	„WPA“	WPA2
7018	„PSKALSET“	0
7019	„PSKKEY“
7020	„PSKAL“	TKIP;AES;
7021	„SURVEY“
7023	„WPA2AL“	TKIP;AES;
7024	„STAMODE“	0
7025	„APCHANNEL“	5
7026	„CHMODE“	1
7030	„WLMODE“	0
7100	„APSSID“	WPT_50455A
7103	„APSECMODE“	0
7104	„APKEY_LEN“	0
7105	„APDEFAULTKE“	0
7106	„APKEY0“
7107	„APKEY1“
7108	„APKEY2“
7109	„APKEY3“
7112	„APAUTHEN“	1
7118	„APPSKALSET“	0
7119	„APPSKKEY“