CONTACT:+39 333-256-0339 | contact@wifigem.com

What is a Captive portal?

  • H ave you recently tried to log in with your smartphone to a Wifi network in a hotel or a large chain store? Probably you did, encouraged by the fact that these Wifi networks are open, i.e. without the padlock symbol, and you have tried to connect thinking of getting free Internet access. But here is the sad surprise: even if you logged on to the Wifi network, you do not have free access to your favorite sites and everything you try to do, you are redirected to a page that asks you for username and password. The most you can do, perhaps, is visit the hotel's website, watch the photo gallery of rooms, restaurant and swimming pool, and make a reservation. But this is not what you planned to do, you just want to surf the Internet. So what?

    Well, you just came across a Captive Portal, which is a system that allows you to connect to a Wifi network, but which leaves you confined to a sort of Walled Garden, with a restricted access to the web resources: those that the owner of the WiFi network decided to give you. And you can't get out of the Walled Garden until you have been recognized and accepted as a valid user. In the case of the hotel, you must be a guest, then you will have free access to the Internet for the period of your stay. But from the moment you leave the hotel, your login credentials will be canceled.

    So, with the Captive Portal
    -access to the Wifi network is open, but this does not automatically mean Internet access
    -to gain access to the Internet, you must be recognized by the system

    But if the Wifi network is open, how can the system capture the request to open a web page and show the login page? Well, this is exactly the task of the Captive Portal, which has a software component on the WiFi Access Point that can recognize users and behave differently depending on their status:
    -Unknown. In the Unknown state, the access point asks the server if the user is authenticated or unauthenticated.
    -Unauthenticated. The access point routes all Internet traffic to the server, which will display the login page.
    -Authenticated. After logging in, the user is authenticated. In this state, the access point sends all traffic to the Internet.

    Therefore, in order to work, a captive portal needs a server, which is in communication with the access point, and where the major functions of the system are located:
    -User authentication, authorization and accounting (AAA)
    -User profiling
    -Access point management
    -Guest login page
    -A web server with the system administration interface
    In the most advanced systems, such as WifiGem, the server also has the ability to operate as a virtual access point, so you might come across a Captive Portal even connecting to a wired network. WifiGem allows this through the Bridge Mode configuration.

    This explains why you haven't been able to surf the Internet through the hotel's Wifi network. Here's what happened: the access point has verified that your device was unknown, and has forwarded the request to the Captive Portal server. The server has redirected you to the login page on its web server. The credentials that you've probably typed in, just to give it a try ;-), were checked against the database and were not found. The server showed an error page.

    If you have time to get into the hotel lobby, you will definitely see other people, hotel guests, happily surfing the Internet and increasing your frustration. Things went differently for them: when they checked in, the receptionist created their own login credentials through the administration interface of the Captive Portal. She also configured other parameters, such as the range of validity dates of their account, the number of devices they can use simultaneously, how much they can download, how long they can stay connected every day etc. All parameters, in short, that the hotel management considers appropriate for a "normal" usage of their guest network. You are not in the list of authorized users unless you book a room or ... you know the receptionist.

    Now, what to do? Most likely if you move towards the nearest coffee shop, they will be glad to offer you Internet access in exchange for a coffee and some information on your social media accounts. In fact, a Captive Portal like WifiGem should also offer the possibility to sign in with one of your social media accounts (Facebook, Twitter, Linkedin, Google, etc.). Just give the shop owners some information about you, and they will be glad to give you a couple of hours of connection.

    Happy surfing.

    Published on August 22, 2019

    No part of this document may be reproduced without prior written permission of WifiGem.
    Share on