This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

Captive portal redirection does not work

Captive portal redirection does not work

Go to solution
Georg
New Contributor

ā€Ž06-18-2020 09:48 AM

I have the problem that unauthenticated clients are not automatically redirected to the internal captive portal page of the XCA, but they can access the page when they type in the IP address of the XCA.

I already tried this with many different clients.

What can be the cause of this problem?

In the Identify world there were several options to trigger the automatic redirection, but on the XCA i have no clue what is required to let this work.

The Setup is:

VE6120 Small

Version 04.76.04.0005

AP310i Access-Points

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
SantM
New Contributor III

ā€Ž06-19-2020 07:00 AM

@Georg I did upgrade to the version 04.76.04.0005, created new network and new CP. It worked fine for me. Captured packets in AP and checked how it works in general. Seems that AP does some checks with DNS and does temporary redirection before it contacts XCA.

Client ip: 192.168.201.27

DNS : 192.168.100.115

XCA : 192.168.100.131

 

16c8be149e594f669ac7fe80eb850b68_ab2bda53-5b59-4771-b149-a9cd5f3f43c6.png

 

View solution in original post

0 Kudos
26 REPLIES 26

Go to solution
SantM
New Contributor III

ā€Ž06-23-2020 12:26 PM

@Georg Nice to hear that your problem is resolved. šŸ™‚

@Tomasz Thanks for the article. It clarifies the issue.

0 Kudos

Go to solution
Tomasz
Valued Contributor II

ā€Ž06-23-2020 12:12 PM

Hi Georg,

 

For future reference, if you care about automatic redirection to a captive portal, itā€™s about man-in-the-middle: https://success.tanaza.com/s/article/How-Automatic-Detection-of-Captive-Portal-works

Otherwise, a browser can be opened and some FQDN or IP can be issued. For IP itā€™s straightforward, HTTP Request gets HTTP Redirect in return as you see on Santoshā€™s screenshot. For FQDN it will require DNS access as an underlying IP address has to be known before generating HTTP request to some IP address.

From what I see you have B@AP and thatā€™s how it works then (see a redirect in Santoshā€™s example came from another IP than XCA).

 

Hope that helps,

Tomasz

0 Kudos

Go to solution
Georg
New Contributor

ā€Ž06-19-2020 08:12 AM

Santosh you are awesome!

It works now! I didnt know that the AP needs to have Access to the DNS-Server.

In the Identify world, only the controller needs to have internet connection.

Thank you so much!

0 Kudos

Go to solution
SantM
New Contributor III

ā€Ž06-19-2020 07:00 AM

@Georg I did upgrade to the version 04.76.04.0005, created new network and new CP. It worked fine for me. Captured packets in AP and checked how it works in general. Seems that AP does some checks with DNS and does temporary redirection before it contacts XCA.

Client ip: 192.168.201.27

DNS : 192.168.100.115

XCA : 192.168.100.131

 

16c8be149e594f669ac7fe80eb850b68_ab2bda53-5b59-4771-b149-a9cd5f3f43c6.png

 

0 Kudos
GTM-P2G8KFN