01-27-2021 05:59 PM
When connecting to my open ssid the cwp will not load. tried all the normal tricks. If I manually type in the local IP for the portal 198.***etc. the portal loads and I can accept it. Any ideas why this is happening all of the sudden? A complete update to the AP did not resolve the issue.
Also I found this KB article - https://extremeportal.force.com/ExtrArticleDetail?an=000091612&q=captive%20web%20portal
and I’m not understanding why this internal IP would need to be resolvable by DNS. What would happen if a publid DNS is used such as googles 8.8.8.8?
02-11-2021 12:05 PM
Bit late to the party, but I had a bit of a look at this a couple of months ago. Not 100% got my head around it, so some of the below may be incorrect but hopefully some of it may make sense
So first a bit of a history lesson, in older firmwares the CWP address used to be 1.1.x.x. This used to be fine until Cloudflare came along and started using 1.1.1.1 I believe 🙂 But as this became unavailable it got switched to 198.18.x.x in later firmwares- important to note this is not a typo and is meant to be 198., not 192.! Still a private IP though, that when combined with a DNS entry allows the client/AP to resolve to the Captive portal (as we can’t directly hook the client due to it being HTTPS rather than http).
Why the IPs and where do they come from? Well, easiest if you go into one of your APs CLI and run the below:
First of all “show interface”. In the list you’ll see all of your SSIDs twice, one for WiFi0 and another for WiFi1 on a specific interface. Find the SSID that has the captive web portal. Lets say for example it was on WiFi0.6 and WiFi1.6.
Next command is to run “show ip route” and you’ll get something like the below
0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 mgt0
127.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 lo
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 mgt0
198.18.12.0 0.0.0.0 255.255.254.0 U 0 0 0 wifi0.6
198.18.44.0 0.0.0.0 255.255.254.0 U 0 0 0 wifi1.6
Our two CWP interfaces have got assigned an IP, which is what the DNS record will need to be (if you have more than one SSID with a CWP you’ll see more of course).
As far as I’m aware the DNS record should only be needed if you’re using HTTPS on captive portals.
01-29-2021 08:51 PM
I’m not finding anything but I have put in a request to get something written up, I’ll pass that on as soon as we have it.
01-28-2021 06:32 PM
It was DNS… It’s always DNS 🙂
If anyone can point me to any documentation regarding the technical details of the CWP process and why DNS is required please send them my way.