Online ista+ is completely out of question?

Short answer: no, not with a regular/leaked ISTA+ installation.

Security Level 2 (SL2) RSA tokens are tied to BMW's backend authentication. To actually use them you need:

• A valid dealer/partner account with BMW's connected-diagnostic infrastructure (KSD/ISTA-net).
• The ISTA instance must be registered and authenticated against BMW's servers — it checks certificates and machine binding.
• The RSA challenge-response is handled server-side; you can't just plug in a token file and go online.

With a standalone (offline) ISTA+ setup, the online connection to BMW's backend is blocked or simply not functional because the installation isn't provisioned on their side. Even if you allow internet access, BMW's servers will reject the handshake since your instance isn't a recognized endpoint.

What people actually do instead:

• Use offline token generator tools that bypass SL2 locally for coding/programming operations.
• For operations that strictly require online SL2 (like certain FRM replacements, DKM sync on newer G-series, or some flashing scenarios on newer ECUs), the realistic option is access through someone with a legitimate dealer setup.

Connecting your standalone ISTA+ to the internet won't enable SL2 — the authentication is account- and infrastructure-bound, not just network-bound.

This is what I got! I was stupidly connecting a random resistance to make bonnet appear closed while I was watching on ista the charge going to the 48 v battery. That is a crashed bmw X1 u11 sDrive 20i mild hybrid. Now I try to avoid having to go to the dealership, but...

How about those "offline token generator tools" ? Do we have any chance on my case?

Thanks for the answer.

That's a Component Protection message — "Used, non-activated component detected." This is BMW's anti-theft binding system on the U11 (FAAR platform). It means a module in the car doesn't match the vehicle's component protection database.

What likely happened:
On a crashed 48V mild hybrid, if parts were swapped or lost their pairing (starter-generator, DC-DC converter, 48V battery module, etc.), the car flags the non-paired component. The resistance trick on the bonnet switch wouldn't directly cause this — it's more likely a module was already unbound due to the crash/repair situation.

Can offline token generators help here?
Unfortunately, most likely not for this specific issue. Component Protection on FAAR platform requires online SL2 authentication through BMW's backend to release/re-bind components. The offline token generators that float around work for certain coding and programming SL2 challenges, but Component Protection activation is a different beast — it involves a server-side handshake where BMW verifies part number, serial, and VIN binding in their central database. This is exactly the type of operation that requires a legitimate dealer/ISTA-net connection.

What to do next:

• First, identify which module(s) are triggering the protection — run a full vehicle short test in ISTA+ and check which ECU shows the component protection fault. Is it the 48V battery (SME), starter-generator (SGE), BDC, or something else?
• Once you know the module, realistic options are: dealer visit, or finding someone with legitimate ISTA-net/KSD access who can perform the component protection release.

Can you post the full fault list from ISTA+? That will tell us exactly which module is locked and whether there's anything else going on from the crash damage.

I know what modules are locked, doesn't matter. Gear selector, bonnet close mechanism connector and head unit!

Good that you've identified them. Gear selector, bonnet latch module, and head unit — all three are Component Protection-bound on the U11 FAAR platform.

The bad news: Component Protection release/re-binding on FAAR is strictly online SL2. This isn't the same as a coding or programming token — BMW's backend needs to verify the part serial + VIN combination and issue a release. Offline token generators won't cover this.

Your realistic options:

• Dealer / independent with dealer access — Straightforward path. They run component protection activation through ISTA-net/KSD online. Usually a quick procedure per module.
• Remote services — Some people offer remote Component Protection release via TeamViewer + their legitimate dealer connection. You provide the ICOM/ENET access, they handle the online part. Search around the forum, there are members who do this for a fee.
• Used parts from same VIN — Only way to avoid re-binding, but on a crashed car rebuild with donor parts from a different vehicle, they will need re-binding. No workaround on FAAR.

The head unit showing that "Component Protection" screen on the iDrive is typical — it'll keep nagging until all flagged modules are properly activated.

Bottom line: for these three modules on a U11, you will need someone with online dealer access. No offline shortcut exists for FAAR component protection at this point.