CONTACT:+39 06 710 72015 | contact@wifigem.com

What is a Captive portal?

  • H ave you recently tried to log in with your smartphone to a Wifi network in a hotel or a large chain store? Probably you did, also encouraged by the fact that these Wifi networks are open, i.e. without the padlock symbol, and you have tried to connect thinking of getting free Internet access. But here is the sad surprise: even if you logged on to your Wifi network, you do not have free access to your favorite sites and everything you try to do, you are redirected to a page that asks you for username and password. The most you can do, perhaps, is visit the hotel's website, watch the photo gallery of rooms, restaurant and swimming pool, and make a reservation. But this is not what you planned to do, you just want to surf the Internet. So what?

    Well, you just came across a Captive Portal, which is a system that allows you to connect to a Wifi network, but which leaves you confined to a sort of Walled Garden without any unrestricted access to all resources of the web, but only to those that the owner of the WiFi network decided to grant you. And you can't get out of the Walled Garden until you have been recognized. In the case of the hotel, to be recognized, you must be a customer, then you will have free access to the Internet as long as you stay there. But from the moment you leave the hotel, your login credentials will be definitely canceled.

    So, with the Captive Portal
    -access to the Wifi network is open, but this does not automatically mean Internet access
    -to gain access to the Internet, you must be recognized by the system

    But if the Wifi network is open, how can the system capture the request to open a web page and show the login page? Well, this is exactly the task of the Captive Portal, which has a software component on the WiFi Access Point that can recognize customers and behave differently depending on their status:
    -Unknown. In the Unknown state, the access point asks the server if the user is authenticated or unauthenticated.
    -Unauthenticated. The access point routes all Internet traffic to the server, which will display the login page.
    -Authenticated. After logging in, the user is authenticated. In this state, the access point sends all traffic to the Internet.

    Therefore, in order for the captive portal to work, you need a server component, with which the access point must be in communication, and where the major functions of the system are grouped:
    -User authentication
    -User profiling
    -Access point control
    -A web server with the full system administration interface
    In the most advanced systems, such as WifiGem, the server also has the ability to operate as a Wifi access point, so you might come across a Captive Portal even connecting to a wired network. WifiGem allows this through the Bridge Mode configuration.

    This explains why you haven't been able to surf the Internet through the hotel's Wifi network. Here's what happened: the access point has verified that your device was unknown, and has forwarded the request to the server. The server has directed you to the login page on its web server. The credentials that you've probably typed in, just to give it a try ;-), were checked against the database on the server and were not found. The server showed the error page.

    If you have time to get into the hotel lobby, you will definitely see other people, hotel guests, happily surfing the Internet and increasing your frustration. Things went differently for them: when they checked in, the receptionist created their own login credentials through the administration interface of the Captive Portal. He also configured other parameters, such as the range of validity dates of the account, the number of devices they can connect, how much the account can download, how long they can stay connected every day etc. All parameters, in short, that the hotel management considers appropriate for a "normal" guest network usage. You are not in the list of authorized users unless you book a room or ... you know the receptionist.

    Now, what to do? Most likely if you move towards the nearest coffee shop, they will be glad to offer you Internet access in exchange for a coffee and some information on your social media accounts. In fact, a Captive Portal like WifiGem should also offer the possibility to sign in with one of your social media accounts (Facebook, Twitter, Linkedin, Google, etc.). The very fact of offering the café owners some information about yourself will be enough to grant you a couple of hours of connection.

    Happy surfing.

    Published on December 22, 2018

    No part of this document may be reproduced without prior written permission of WifiGem.