Dear,

I am Hyunwoo Lee. I am a newbie to configure the custom SIM card.

I have one question in configuring sysmoISIM-SJA2 to enable VoWiFi on COTS UEs. The UEs that I am working on are Samsung Galaxy A21, OnePlus 7T, and Motorola G Power.

I tried to make the UEs discover the ePDG by sending the DNS query and establish the IPsec channel with my IPsec server. I ran my own DNS server to reply with the IP address of my IPsec server on the DNS query. I tried to make it similar to the T-mobile setting since all of the UEs work well with the T-mobile SIM card. Unfortunately, I could not succeed in enabling VoWiFi on the UEs and I do not know why they do not work and what I can do further.

I would appreciate it if someone could help me with this. I described what I did in detail below the line.

Thank you in advance for your help!

Sincerely,

Hyunwoo Lee.

------------------------------

What I did is as follows:

1) Equipments

- Two sysmoISIM-SJA2

- PC/SC CCID ISO7816 USB Smart Card Reader

- UEs: Samsung Galaxy A21, OnePlus 7T, and Motorola G Power (all of them work well with the T-mobile SIM card)

2) Environment

- Ubuntu 18.04 LTS

- python 3.6.9

- pySim 1.0

3) Configuration of the SIM cards with pysim

- The command that I used to configure the SIM cards (to T-mobile) was:

: python3 pySim-prog.py -p 0 -a <adm value> -n name -x 310 -y 260 --imsi=3102601234567890 --msisdn=<telephone number> --epdgid=epdg.epc.mnc260.mcc310.pub.3gppnetwork.org --epdgSelection=310260 --ims-hdomain=ims.mnc260.mcc310.3gppnetwork.org --impi=sip:3102601234567890@ims.mnc260.mcc310.3gppnetwork.org --impu=sip:3102601234567890@ims.mnc260.mcc310.3gppnetwork.org --iccid=<ICCID value>

- The mnclen value is set to 3

4) UE behavior with the SIM card

- Samsung Galaxy A21

: It sends the DNS query for the ePDG, but does not execute the IKE protocol to establish the IPsec channel with the T-mobile core network.

- OnePlus 7T and Motorola G Power

: It does not send the DNS query for the ePDG.

5) Configuration result

- The command that I used to read the SIM card

: python3 pySim-read.py -p 0

- The result of the command

Using PC/SC reader interface

Reading ...

Autodetected card type: sysmoISIM-SJA2

ICCID: 8988211000000459514

IMSI: None

GID1: ffffffffffffffffffff

GID2: ffffffffffffffffffff

SMSP: ffffffffffffffffffffffffffffffffffffffffffffffffe1ffffffffffffffffffffffff0581005155f5ffffffffffff000000

SPN: name

Show in HPLMN: True

Hide in OPLMN: True

PLMNsel: 130062ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff

PLMNwAcT:

130062ffff # MCC: 310 MNC: 260 AcT: UTRAN, E-UTRAN WB-S1, E-UTRAN NB-S1, GSM, GSM COMPACT, cdma2000 HRPD, cdma2000 1xRTT

ffffff0000 # unused

OPLMNwAcT:

130062ffff # MCC: 310 MNC: 260 AcT: UTRAN, E-UTRAN WB-S1, E-UTRAN NB-S1, GSM, GSM COMPACT, cdma2000 HRPD, cdma2000 1xRTT

ffffff0000 # unused

HPLMNAcT:

130062ffff # MCC: 310 MNC: 260 AcT: UTRAN, E-UTRAN WB-S1, E-UTRAN NB-S1, GSM, GSM COMPACT, cdma2000 HRPD, cdma2000 1xRTT

ffffff0000 # unused

ACC: 0002

MSISDN (NPI=1 ToN=3): 17657759216

Administrative data: 00000003

MS operation mode: normal

Ciphering Indicator: disabled

SIM Service Table: ff33ffff3f003f0f300cf0c3f00000

Service 1 - CHV1 disable function

Service 2 - Abbreviated Dialling Numbers (ADN)

Service 3 - Fixed Dialling Numbers (FDN)

Service 4 - Short Message Storage (SMS)

Service 5 - Advice of Charge (AoC)

Service 6 - Capability Configuration Parameters (CCP)

Service 7 - PLMN selector

Service 8 - RFU

Service 9 - MSISDN

Service 10 - Extension1

Service 13 - Last Number Dialled (LND)

Service 14 - Cell Broadcast Message Identifier

Service 17 - Service Provider Name

Service 18 - Service Dialling Numbers (SDN)

Service 19 - Extension3

Service 20 - RFU

Service 21 - VGCS Group Identifier List (EFVGCS and EFVGCSS)

Service 22 - VBS Group Identifier List (EFVBS and EFVBSS)

Service 23 - enhanced Multi-Level Precedence and Pre-emption Service

Service 24 - Automatic Answer for eMLPP

Service 25 - Data download via SMS-CB

Service 26 - Data download via SMS-PP

Service 27 - Menu selection

Service 28 - Call control

Service 29 - Proactive SIM

Service 30 - Cell Broadcast Message Identifier Ranges

Service 31 - Barred Dialling Numbers (BDN)

Service 32 - Extension4

Service 33 - De-personalization Control Keys

Service 34 - Co-operative Network List

Service 35 - Short Message Status Reports

Service 36 - Network's indication of alerting in the MS

Service 37 - Mobile Originated Short Message control by SIM

Service 38 - GPRS

Service 49 - MExE

Service 50 - Reserved and shall be ignored

Service 51 - PLMN Network Name

Service 52 - Operator PLMN List

Service 53 - Mailbox Dialling Numbers

Service 54 - Message Waiting Indication Status

Service 57 - Multimedia Messaging Service (MMS)

Service 58 - Extension 8

Service 59 - MMS User Connectivity Parameters

EHPLMN:

130062 # MCC: 310 MNC: 260

ffffff # unused

USIM Service Table: beff9f9de73e0408400170330006002e00000000

Service 2 - Fixed Dialling Numbers (FDN)

Service 3 - Extension 2

Service 4 - Service Dialling Numbers (SDN)

Service 5 - Extension3

Service 6 - Barred Dialling Numbers (BDN)

Service 8 - Outgoing Call Information (OCI and OCT)

Service 9 - Incoming Call Information (ICI and ICT)

Service 10 - Short Message Storage (SMS)

Service 11 - Short Message Status Reports (SMSR)

Service 12 - Short Message Service Parameters (SMSP)

Service 13 - Advice of Charge (AoC)

Service 14 - Capability Configuration Parameters 2 (CCP2)

Service 15 - Cell Broadcast Message Identifier

Service 16 - Cell Broadcast Message Identifier Ranges

Service 17 - Group Identifier Level 1

Service 18 - Group Identifier Level 2

Service 19 - Service Provider Name

Service 20 - User controlled PLMN selector with Access Technology

Service 21 - MSISDN

Service 24 - Enhanced Multi-Level Precedence and Pre-emption Service

Service 25 - Automatic Answer for eMLPP

Service 27 - GSM Access

Service 28 - Data download via SMS-PP

Service 29 - Data download via SMS-CB

Service 32 - RUN AT COMMAND command

Service 33 - shall be set to 1

Service 34 - Enabled Services Table

Service 35 - APN Control List (ACL)

Service 38 - GSM security context

Service 39 - CPBCCH Information

Service 40 - Investigation Scan

Service 42 - Operator controlled PLMN selector with Access Technology

Service 43 - HPLMN selector with Access Technology

Service 44 - Extension 5

Service 45 - PLMN Network Name

Service 46 - Operator PLMN List

Service 51 - Service Provider Display Information

Service 60 - User Controlled PLMN selector for I-WLAN access

Service 71 - Equivalent HPLMN

Service 73 - Equivalent HPLMN Presentation Indication

Service 85 - EPS Mobility Management Information

Service 86 - Allowed CSG Lists and corresponding indications

Service 87 - Call control on EPS PDN connection by USIM

Service 89 - eCall Data

Service 90 - Operator CSG Lists and corresponding indications

Service 93 - Communication Control for IMS by USIM

Service 94 - Extended Terminal Applications

Service 106 - ePDG configuration Information support

Service 107 - ePDG configuration Information configured

Service 122 - 5GS Mobility Management Information

Service 123 - 5G Security Parameters

Service 124 - Subscription identifier privacy support

Service 126 - UAC Access Identities support

ePDGId:

657064672e6570632e6d6e633236302e6d63633331302e7075622e336770706e6574776f726b2e6f7267 # epdg.epc.mnc260.mcc310.pub.3gppnetwork.org

ePDGSelection:

130062000100 # MCC: 310 MNC: 260 ePDG Priority: 0001 ePDG FQDN format: Operator Identifier FQDN

ffffffffffff # unused

P-CSCF:

Not available

Home Network Domain Name: ims.mnc260.mcc310.3gppnetwork.org

IMS private user identity: sip:3102601234567890@ims.mnc260.mcc310.3gppnetwork.org

IMS public user identity:

sip:3102601234567890@ims.mnc260.mcc310.3gppnetwork.org

Not available

UICC IARI:

Not available

ISIM Service Table: 190200

Service 1 - P-CSCF address

Service 4 - GBA-based Local Key Establishment Mechanism

Service 5 - Support of P-CSCF discovery for IMS Local Break Out

Service 10 - Support of UICC access to IMS

Done !

Hyunwoo Lee, Ph. D.

Network Security Researcher

E-mail: hw5773@gmail.com

Homepage: https://hw5773.github.io