WiFi - login page redirection not working

Owen DeLong owen at delong.com
Thu Nov 30 18:08:44 CST 2017


> On Nov 30, 2017, at 08:20 , Josh Luthman <josh at imaginenetworksllc.com> wrote:
> 
>> If TLS  would somehow allow you to redirect...
> 
> No but it would be nice to have a solution that redirects the user instead
> of "this page can't load" creating confusion.

A well-known non-SSL (non-HSTS) URL that users could use for this purpose would
serve the same purpose without producing the security problems mentioned.

Owen

> 
> 
> Josh Luthman
> Office: 937-552-2340
> Direct: 937-552-2343
> 1100 Wayne St
> Suite 1337
> Troy, OH 45373
> 
> On Thu, Nov 30, 2017 at 2:02 AM, Jimmy Hess <mysidia at gmail.com> wrote:
> 
>> On Wed, Nov 29, 2017 at 10:34 PM, Ramy Hashish <ramy.ihashish at gmail.com>
>> wrote:
>> 
>> 
>>> Two points with this problem: 1)Is there a "non client" solution to the
>>> problem of the WiFi login notification not showing up on the clients
>> after
>>> connecting to the WiFi network?
>>> 
>> 
>> A  Captive portal  embedding WispR  XML data
>> for connections from browsers/OSes that request a test page upon network
>> access.
>> https://stackoverflow.com/questions/3615147/how-to-
>> create-wifi-popup-login-page
>> 
>> However if WPA2 authentication is not method used for access,  then network
>> traffic is
>> vulnerable and not secured.
>> 
>> AP solutions that are non-standard being a "Non client" solution and using
>> "Open Wireless" mode SSIDs are likely so deficient in security as to be
>> an unreasonable risk for users to actually connect to.
>> 
>> 
>>> Second, anything to be done from the AP to show the landing page even if
>>> the page requested is HTTPs?
>>> 
>> 
>> If TLS  would somehow allow you to redirect or create a HTTPS connection
>> from
>> a domain name that is not yours, then this could obviously be exploited for
>> attacks.....
>> 
>> --
>> -JH
>> 



More information about the NANOG mailing list