What to do when no HTTP request?!!!



  • I have Captive Portal + Freeradius workin perfect…

    for most clients it works great....
    but for some reason... when the device is a mobile pohone (mostly blackberries and cheap phones, not iphone or good android phones,)
    they do not authenticate.... most likely they're not making an http request when using facebook or whatsapp like applications...

    So newbie question is...  Is there any way.. to direct or redirect trafic to port 80 from unauthenticated IPs to the captive portal...
    thats my problem with mobile phones mostly...

    Thanks in advance...



  • Hi,

    That not 'how it should work'.

    On a (Wifi) Portal network,  the user can not use the Internet - but, he, as a person, received an access code to unlock his (private, unique) controlled access.
    The user, as a person, should identify itself with this code, using a well defined interface that he can access (put together by a html web server) and type of program, the navigator in the device he is using. Every interactive user device that can connects to the net has normally a web client interface.

    It is impossible that all kind of programs like a Twitter app, a mail client, an FTP program, a FB app, etc etc speak 'html' - they don't. They can't show you an interface, neither give ypu the options to code-in the access code for a wifi portal.

    IF a user needs Internet access then he should:
    Accept the (Wifi ) portal network, normally done by hooking up to the Wifi radio network  or hooking up the cable..
    His device will accept an IP from that network - mostly, the device MUST work with DHCP.
    The user should open a navigator and visit whatever he want on the Internet, the preference a http page, not an https page - typically a home page of a known search engine.
    The user, as a person, should authenticate.
    The connection will be unlocked.
    And then, and only then, others apps can use the net in a transparent way.

    As said by yourself, some device will test 'the network' when establishing a wifi internet connection. They do not use a magic tric: they just get a basic web page, somewhere on the net.
    If the reply isn't "Ok" or somethiong like that, a browser wil popup and show the result to the user.
    This is typicaly a portal interface tio login.

    Of course, go ask the constructors off Twitter app, a mail client, an FTP program, a FB app, etc etc to build in Web Portal awareness for every type of portal software that exists.
    They won't.
    Its a user-browser solution.



  • @hardy_rafael17:

    So newbie question is…  Is there any way.. to direct or redirect trafic to port 80 from unauthenticated IPs to the captive portal...

    That's precisely how captive portal works. The problem is those apps aren't web browsers so when you intercept their traffic and serve them a portal page, the app just flakes out. Have to open a browser. People should be used to that. Gertjan's explanation provides more detail.


Log in to reply