AC50 - Web Authentication vs Voucher
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
AC50 - Web Authentication vs Voucher
Posts: 6
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-11-21
2017-12-08 19:06:19
Posts: 6
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-11-21
AC50 - Web Authentication vs Voucher
2017-12-08 19:06:19
Tags:
Model :
Hardware Version :
Firmware Version :
ISP :
Hi,
As far as I understand Web Authentication doesn't allow web redirect in https so basically users not logged in can anyway use internet in https... http becoming obsolete I hope to find a solution.
Is it the same issue with "Vouchers"? I'd like to block unregistred users or without a valid voucher.
Regards,
Ced
Hardware Version :
Firmware Version :
ISP :
Hi,
As far as I understand Web Authentication doesn't allow web redirect in https so basically users not logged in can anyway use internet in https... http becoming obsolete I hope to find a solution.
Is it the same issue with "Vouchers"? I'd like to block unregistred users or without a valid voucher.
Regards,
Ced
#1
Options
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Thread Manage
Announcement Manage
5 Reply
Posts: 4334
Helpful: 1045
Solutions: 173
Stories: 3
Registered: 2015-12-05
Re:AC50 - Web Authentication vs Voucher
2017-12-08 21:32:56
CedricB wrote
As far as I understand Web Authentication doesn't allow web redirect in https so basically users not logged in can anyway use internet in https... http becoming obsolete I hope to find a solution.
First of all, any Captive Portal which uses interception works by redirecting HTTP requests, so yes, it is the case with "Vouchers" authorization, too.
And no, clients using HTTPS can not access the Internet without prior authorization. They may have to use a HTTP request to make the portal page appear, but they cannot circumvent authorization. Read on for a solution how to avoid the user to manually request a webpage by HTTP to force the portal page to appear.
Next, HTTP is not becoming "obsolete", what makes you think so? This might be the dream of companies selling SSL certificates, but dreaming is ok.
Every modern mobile device still uses HTTP to see wether it is connected to the Internet or blocked by a Captive Portal at a public hotspot. This technique is known as "Connectivity Tests" or "Network Location Awareness" and it still requires HTTP. Those devices will open the portal page even if the user didn't request a web page at all.
So, HTTP will not become "obsolete", at least not in our lifetime.
༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#2
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 6
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-11-21
Re:AC50 - Web Authentication vs Voucher
2017-12-08 22:13:02
Hi, Thanks for your quick reply!
Do you have any recommandation how to force the portal page to appear whether users request http or https webpage? I must have set up something wrongly as a user not logged in can anyway bypass the portal and use https webpages...
I have a simple (too simple for that need?) installation with fiber connection, L2 switch and AC50 (along with APs).
Thanks for those clarifications.
Do you have any recommandation how to force the portal page to appear whether users request http or https webpage? I must have set up something wrongly as a user not logged in can anyway bypass the portal and use https webpages...
I have a simple (too simple for that need?) installation with fiber connection, L2 switch and AC50 (along with APs).
Thanks for those clarifications.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#3
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 4334
Helpful: 1045
Solutions: 173
Stories: 3
Registered: 2015-12-05
Re:AC50 - Web Authentication vs Voucher
2017-12-08 22:49:46
CedricB wrote
Do you have any recommandation how to force the portal page to appear whether users request http or https webpage?
That's why the "Connectivity Test" aka "Network location awareness" has been introduced by Google, Apple and Mickeysoft for devices using their OSes. It is even implemented on laptop/PC OSes nowadays.
On older device not supporting CT or NLA you must request a HTTP webpage to force the portal page to appear. Anyway, all traffic (HTTP and also HTTPS) should be blocked as long as the user has not been authorized through the portal.
༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#4
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 6
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-11-21
Re:AC50 - Web Authentication vs Voucher
2017-12-09 00:03:39
Ok but how can they bypass the portal without login in and access https websites?
Thanks!
Thanks!
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#5
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 6
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-11-21
Re:AC50 - Web Authentication vs Voucher
2017-12-09 04:47:16
CedricB wrote
Ok but how can they bypass the portal without login in and access https websites?
Thanks!
could it be because IPV6? I've tried disabling it and it seems to work now
update: http and https are indeed blocked but on my Android Phone Facebook app is passing through!?
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
0
We appreciate your feedback. Feel free to let us know more. Log in to submit feedback.
#6
Options
- Copy Link
- Report Inappropriate Content
Thread Manage
Announcement Manage
Posts: 6
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-11-21
2017-12-08 19:06:19
Posts: 6
Helpful: 0
Solutions: 0
Stories: 0
Registered: 2017-11-21
Information
Helpful: 0
Views: 1278
Replies: 5
Voters 0
No one has voted for it yet.
Tags
Report Inappropriate Content
Transfer Module
New message