nanog mailing list archives
Re: WiFi - login page redirection not working
From: Josh Luthman <josh () imaginenetworksllc com>
Date: Thu, 30 Nov 2017 16:24:00 -0500
non-SSL requests are not the issue. SSL requests are. For example, Google cache's their 301 redirect from http://www.google.com to https://www.google.com which means clients that had access while that browser ps stays active will still attempt https instead of http, regardless of what you actually type. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Thu, Nov 30, 2017 at 1:08 PM, Owen DeLong <owen () delong com> wrote:
On Nov 30, 2017, at 08:20 , Josh Luthman <josh () imaginenetworksllc com>wrote:If TLS would somehow allow you to redirect...No but it would be nice to have a solution that redirects the userinsteadof "this page can't load" creating confusion.A well-known non-SSL (non-HSTS) URL that users could use for this purpose would serve the same purpose without producing the security problems mentioned. OwenJosh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Thu, Nov 30, 2017 at 2:02 AM, Jimmy Hess <mysidia () gmail com> wrote:On Wed, Nov 29, 2017 at 10:34 PM, Ramy Hashish <ramy.ihashish () gmail comwrote:Two points with this problem: 1)Is there a "non client" solution to the problem of the WiFi login notification not showing up on the clientsafterconnecting to the WiFi network?A Captive portal embedding WispR XML data for connections from browsers/OSes that request a test page upon network access. https://stackoverflow.com/questions/3615147/how-to- create-wifi-popup-login-page However if WPA2 authentication is not method used for access, thennetworktraffic is vulnerable and not secured. AP solutions that are non-standard being a "Non client" solution andusing"Open Wireless" mode SSIDs are likely so deficient in security as to be an unreasonable risk for users to actually connect to.Second, anything to be done from the AP to show the landing page evenifthe page requested is HTTPs?If TLS would somehow allow you to redirect or create a HTTPS connection from a domain name that is not yours, then this could obviously be exploitedforattacks..... -- -JH
Current thread:
- WiFi - login page redirection not working Ramy Hashish (Dec 01)
- Re: WiFi - login page redirection not working Jimmy Hess (Dec 01)
- Re: WiFi - login page redirection not working Josh Luthman (Dec 01)
- Re: WiFi - login page redirection not working Owen DeLong (Dec 01)
- Re: WiFi - login page redirection not working William Herrin (Dec 01)
- Re: WiFi - login page redirection not working Owen DeLong (Dec 01)
- Re: WiFi - login page redirection not working Josh Luthman (Dec 01)
- Re: WiFi - login page redirection not working Owen DeLong (Dec 01)
- Re: WiFi - login page redirection not working Vincent Bernat (Dec 01)
- Re: WiFi - login page redirection not working Nikolay Shopik (Dec 01)
- Re: WiFi - login page redirection not working Vincent Bernat (Dec 01)
- Re: WiFi - login page redirection not working Owen DeLong (Dec 01)
- RE: WiFi - login page redirection not working Edwin Pers (Dec 06)
- Re: WiFi - login page redirection not working Josh Luthman (Dec 01)
- Re: WiFi - login page redirection not working Jimmy Hess (Dec 01)