loading...

Explain Required Sign In Forms For Wifi Access Like I'm Five

edwinthinks profile image Edwin Mak ・1 min read

Hello there!

I've always wondered how some wifi connections require you to sign in or fill out a form on a page before you can freely access the internet. How is this effect implemented?

I know little about the actual hardware and the networking that may or may not be involved.

Thanks!

Discussion

markdown guide
 

In the case of the captive portal I made for a local cafe, the "Guest Network" allows a certain range of IP addresses. This would contain the web page/app that lets you "sign in" to the AP. After signing into the AP you now have a different range of IP addresses you can access (or be denied from!)

I used Unifi in my implementation. The interface to configure this via unity can be seen here (I just binged "unifi guest" this is not my config)

community.ubnt.com/ubnt/attachment...

 

Thanks damian! This was a good explanation!

 

Captive portal logins, it's such a pain not only because I have to do this with almost every cafe I work out of daily, but also because my wifi at home requires this for all my devices, and some devices don't have the cookies/cache to save my login info..

 
 

I spent hundreds of dollars a year to use Wi-Fi outdoors, but save money for home use hehe

 

Originally they used a bunch of tricks to intercept traffic. But with the up-rise of HTTPS and HSTS these tricks fail a lot. The solution has move however, OS and browsers perform a special DNS lookup to a domain withing their control. If this does not return the expected response the OS/Browser assumes it is the host of the portal.

Here is a more detailed explanation for Windows 7 and probably later version.

And this one is for Firefox.

 
 

Captive portals should be killed with fire.

 

Hehe yeh. I've never really had the experience saying "Ahh I really love these forms". However, I do realize the benefits of data collection by doing these things. I just personally never been in a position like that :P