"WiFi Login Page Not Showing Up ..."
-
A common and sometimes underestimated problem by those who manage a public WiFi network is how to force the splash or login page to show up. We focus on the content of the splash page, to make our business stand out, and we forget that often, very often, the content of the splash page is ignored by our customers, because what they are interested in is connect to the Internet as quick as possible. And even more often, the biggest problem is to make the login page appear. So all our efforts to make it elegant, attractive, professional are frustrate: we wasted time building an invisible splash page ...
No part of this document may be reproduced without prior written permission of WifiGem.
Picture the situation. A new customer comes to us, we provide him with the login credentials, we tell him how to use them: "Connect to our WiFi network, a page will appear asking to enter these credentials. Enter these codes and you're done. Straightforward." Count to 10 and the customer will come back complaining because it doesn't work. Panic.
Here's what happened: the customer connected to our WiFi network and his device, like all devices with a recent version of the operating system, automatically opened a web browser. If the customer had previously set a home page on that browser, the browser tries to open the home page (Google, Facebook, ...), but what the customer gets is just a blank page.
Indeed, operating system manufacturers have become aware of this issue and have made changes to their systems. The changes consist of this: if, once you are connected to a WiFi or wired network, you have no Internet access, the system assumes you are behind a captive portal and tries to open the login page. Unfortunately, this is not always the case. For example, when the home page (Google, Facebook ...) has been added to the Walled Garden of the captive portal, or when a 4G/5G connection is active at the same time, or when the customer does not have an operating system with these features, or even if the sequence of events that magically leads from connecting to WiFi to opening the login page, breaks for an external cause of any kind.
As those who have been dealing with IT for a long time know, if anything can go wrong, it will. So let's not just trust in good luck. Let's get ready for the worst case, let's prepare an answer for the poor customer, but above all let's find out why this happened.
Right. Why did this happen?
The mechanism behind captive portals is that of the "man-in-the-middle", which is typical of a connection hijacking. The captive portal is a piece of software located on the path between the user device (a computer, tablet or smartphone) and the Internet, and its main task is to check all the traffic that passes through. The traffic coming from a known device (a device that had already logged in or that's on the white list), is authorized to proceed to the Internet. The traffic coming from an unknown device, is redirected to the captive portal login page, which is not the page that the user was trying to open. In terms of security, this is called connection hijacking: the user is diverted to a different destination than the one he wanted. Even if this is done without malicious intent.
All of this works seamlessly for the HTTP protocol, but with HTTPS things are quite different.
The HTTPS protocol was created precisely to solve problems such as connection hijacking. If we try to redirect an HTTPS connection to another domain, the browser detects the action as malicious and blocks it. It is something that has to do with domain certificates, but I won't explore this matter right now. So, redirecting an HTTPS request to the captive portal splash page becomes impossible. And here's why the splash page doesn't appear: hijacking doesn't occur, the browser cannot open the required page, and keeps showing a blank page.
The explanation is certainly quite simple on a technical level, so the solution seems at hand, but there is still a lot of confusion on the web about this topic. The reason is that this situation is disarming for those who don't know how to deal with it, and misleading or complicated answers don't help clarify one's ideas. There are hundreds of pages on the web on this topic. Here are some Google searches that lead to pages with the most disparate solutions.
Questions from those who do not know how to solve the problem:
WiFi Login Page Not Showing Up
Captive Portal / Login Page does not load
Not getting login page when I connect to public WiFi
Hotel wifi login page not showing
WiFi sign-in screen on public networks never appears
Answers from those who think they have the solution:
How to Force a Public Wi-Fi Network Login Page to Open
How to get a public WiFi login page to appear
How to fix public WiFi login page not showing up
How to Force a Wifi Login Page to open
Force public wifi login page
Here is an example of an answer found on the web. Will it solve the problem? (spoiler: NO)
1 Restart your PC
2 Use a different browser
3 Disable pop-up blocking
4 Reset the network connection
5 Open the router's default page
6 Turn off third-party DNS servers
7 Enable incognito mode
8 Flush the DNS cache via Command Prompt
9 Renew the DHCP lease
10 Disable Firewall temporarily
11 Update your network adapter driver
Unfortunately, in addition to not solving the problem, such a list gets an average user into trouble whith things like "Renew the DHCP lease". I challenge anyone to know how to renew a DHCP lease (in Windows, open a command prompt, type "ipconfig /release" and then "ipconfig /renew"). It is clear that whoever provided this list did not understand the question, or never faced this issue. This is a comprehensive answer to another problem, not ours.
Then? Coming back to our topic, once we know the problem, the answer is simple. Use the HTTP protocol.
Obviously the answer we should give to the poor customer who doesn't know what to do, must be a little more understandable, if we don't want him to look at us like Martians. But in the end, the solution is "Try to open a website that only supports the HTTP protocol". Maybe it's more understandable, but you can do even better. At WifiGem, although we cannot automate the process of showing the login page, we have developed a method to make it appear in a simple way: the "Login Helper".
The Login Helper is simply a method of forcing the user to open a HTTP domain. WifiGem has created the domain "login.wifigem.com" which requires access via the HTTP protocol. Even if the user types "https://login.wifigem.com", the request is redirected to HTTP. When you are behind a captive portal, any captive portal, this URL will force the opening of the captive portal login page. This method requires online access, so it becomes necessary to add the domain login.wifigem.com to the Walled Garden. WifiGem installations in Cloud Mode can only use this method.
Another method is the "offline" Login Helper, which can only be used by WifiGem installations in Bridge Mode. There are keywords that inform WifiGem that the user is trying to open the login page. After connecting to WiFi and when the browser has shown a blank page, the user must type any combination of two of these keys on the browser URL bar, the first from the list on the left, the second from the list on the right, separated by a dot:
---------------------- ----------------------
| List 1 | | List 2 |
---------------------- ----------------------
| go | | online |
| get | | on |
| wifi | | me |
| internet | | wifi |
| connect | | |
| open | | |
---------------------- ----------------------
For example: "get.online", "open.wifi", "connect.me", "wifi.on", etc. are valid combinations. The user's request will be understood by WifiGem, that will immediately redirected the browser to the captive portal login page. These domains should not be added to the Walled Garden.
I hope I've given a clear and ultimate answer to the question of why the captive portal login page on a public WiFi does not open. I also hope I helped you stop wasting time trying to... renew your DHCP lease.
Published on May 24, 2020