Jump to content
  • EN

Bootstrap guide for eSIM

From Teltonika Networks Wiki
Revision as of 14:58, 17 September 2025 by TomasV (talk | contribs)

(diff) ← Older revision | Approved revision (diff) | Latest revision (diff) | Newer revision → (diff)

Introduction

As part of the recent PCN (Product Change Notification) updates for the eSIM devices, we are introducing a new feature - Bootstrap.

When an eSIM-enabled device is powered on for the first time, it requires a way to connect to the network server that manages its subscription. The bootstrap profile makes this possible by providing the initial credentials needed for network access.

In simple terms, the bootstrap profile is preloaded onto the eSIM during manufacturing. Once the device is activated, this profile allows the IoT device to connect to the mobile network and supported roaming partners, as defined in the profile.

Device configuration

Topology

Firstboot with bootstrap device

Devices with a bootstrap profile have limited internet access, specifically configured for the initial setup. Upon first boot, the device checks for a bootstrap profile. If one exists, it automatically generates a configuration that only allows connections to the RMS (Remote Management System) and the SM-DP server. All other traffic and ports are blocked, except for RMS, DNS (53), DHCP (68), and NTP (123).

During the device’s first boot with the default configuration, the limited data allocation should be sufficient for approximately one month. If the device is not added to the RMS system, the RMS service will continuously attempt to connect by sending requests, which consumes data. Conversely, if the device is added to the system, data will be used for communication between the device and RMS, including sending updates about the device’s status.

Note that the firewall rules controlling eSIM traffic limits can be edited; however, we strongly recommend not disabling these rules. Limiting bootstrap device traffic is critical, as the allocated data for the bootstrap profile can be quickly exhausted.

Note: On first boot, the device may take up to 10 minutes for the roaming operator to establish a session with the profile provider. Subsequent sessions will be established more quickly.

Setting up the device

The setup procedure for an eSIM device with a bootstrap profile follows the same steps as a standard eSIM configuration. For detailed guidance, please refer to our eSIM Configuration Example article.

Once a new eSIM profile is successfully downloaded, the bootstrap profile and all related configurations including the bootstrap eSIM zone with its preconfigured traffic-blocking rules are automatically removed. The newly downloaded eSIM profile is then set as the default primary SIM.

Alternatively, the configuration can be performed through RMS using zero-touch deployment. This allows you to remotely configure the device and initiate the download of the full eSIM profile from the SM-DP server, which manages eSIM profiles. To access the eSIM configuration in RMS, navigate to Management → Devices and select the device you want to configure by checking the corresponding box in the main Devices table. Then, click the Actions button and go to the Configuration submenu, where you will find the eSIM Configuration option.

More details on the RMS eSIM management can be found in the RMS eSIM configuration article.

SIM Switch

The devices also come with preconfigured SIM switch rules designed to manage connectivity between the physical SIM (Primary SIM) and the eSIM bootstrap profile.

If no physical SIM is detected within 1 hour of startup, the device automatically switches to the eSIM bootstrap profile. Once the eSIM establishes a connection, the system switches back to the physical SIM after 15 minutes. This SIM switching cycle continues until a full eSIM profile is successfully downloaded. If a physical SIM card is present, the switching does not occur at all.

Additional information

Each device with eSIM support comes with a preinstalled bootstrap profile that includes 10 MB of data. This is sufficient to download a dedicated eSIM profile from your service provider.

Note: The bootstrap profile is valid for 1 year starting from the manufacturing date of the device. After the 1 year, profile will no longer be available meaning that you will have to follow the default procedure of activating the eSIM, which requires internet connection from other sources.

This feature is especially useful for deploying devices in remote locations where no alternative internet connection is available, simplifying the setup process.

Supported country list

EMEA APAC AMERICAS Territories / Special Regions
Albania Austria Belgium Bulgaria China Brazil Gibraltar
Croatia Cyprus Czech Republic Denmark Hong Kong Canada Guadeloupe
Estonia Finland France Georgia India Colombia Northern Mariana Islands
Germany Greece Hungary Iceland Indonesia Costa Rica Réunion
Ireland Italy Latvia Liechtenstein Malaysia Mexico
Lithuania Luxembourg Malta Montenegro Singapore United States of America
Netherlands Norway Poland Portugal Sri Lanka
Romania Slovakia Slovenia South Africa Taiwan
Spain Sweden Switzerland United Kingdom Vietnam
Egypt Saudi Arabia Kuwait Qatar Australia
Turkey Tunisia

See also

What IP addresses and ports are used by RMS?
ESIM Configuration example
Requirements for embedded-SIM (eSIM)
What IP addresses and ports are used by RMS?
RMS Configuration eSIM
How to configure eSIM profiles in RMS?

Retrieved from "https://wiki.teltonika-networks.com/index.php?title=Bootstrap_guide_for_eSIM&oldid=157130"