1
00:00:00,330 --> 00:00:01,290
In this lesson,

2
00:00:01,290 --> 00:00:02,582
we're going to discuss captive portals

3
00:00:02,582 --> 00:00:05,550
and some issues you may experience when you're using them.

4
00:00:05,550 --> 00:00:07,890
First, what is a captive portal?

5
00:00:07,890 --> 00:00:09,720
Well, a captive portal is a webpage

6
00:00:09,720 --> 00:00:11,550
that's accessed from your web browser,

7
00:00:11,550 --> 00:00:13,620
and it's going to be displayed to newly connected users

8
00:00:13,620 --> 00:00:16,440
of a wireless network before they're granted broader access

9
00:00:16,440 --> 00:00:18,030
to network resources.

10
00:00:18,030 --> 00:00:19,710
Captive portals are commonly going to be used

11
00:00:19,710 --> 00:00:21,990
to present a landing page or a login page,

12
00:00:21,990 --> 00:00:24,270
which is going to require authentication, payment,

13
00:00:24,270 --> 00:00:26,550
or acceptance of an end user license agreement

14
00:00:26,550 --> 00:00:28,470
or something like acceptable use policies,

15
00:00:28,470 --> 00:00:30,810
survey completion, or some other kind of information

16
00:00:30,810 --> 00:00:32,790
we're trying to collect from you before we allow you

17
00:00:32,790 --> 00:00:35,100
to get onto our network and our resources.

18
00:00:35,100 --> 00:00:37,020
Now, these captive portals are commonly used

19
00:00:37,020 --> 00:00:39,930
at places like hotels, restaurants, airports,

20
00:00:39,930 --> 00:00:41,490
and other places that give you free

21
00:00:41,490 --> 00:00:44,790
or paid wireless networks for you to connect to and use.

22
00:00:44,790 --> 00:00:46,408
In general, captive portals are implemented

23
00:00:46,408 --> 00:00:49,980
by using an HTTP redirect, an ICMP redirect,

24
00:00:49,980 --> 00:00:51,630
or a DNS redirect.

25
00:00:51,630 --> 00:00:54,270
We're going to talk about all three of those in this lesson.

26
00:00:54,270 --> 00:00:56,940
Now, when a user attempts to log into a wireless network

27
00:00:56,940 --> 00:00:59,370
and the captive portal doesn't redirect them properly,

28
00:00:59,370 --> 00:01:01,650
it can be a really frustrating experience.

29
00:01:01,650 --> 00:01:03,660
I personally had this happen to me a lot,

30
00:01:03,660 --> 00:01:06,540
but luckily, I know how to troubleshoot and fix this issue,

31
00:01:06,540 --> 00:01:08,850
and after this video, you will too.

32
00:01:08,850 --> 00:01:10,468
Now, for example, I was flying home recently

33
00:01:10,468 --> 00:01:13,920
on a Delta flight, and they use a captive portal system.

34
00:01:13,920 --> 00:01:16,380
When you connect to the Delta Wi-Fi network on the plane,

35
00:01:16,380 --> 00:01:17,460
it's supposed to redirect you

36
00:01:17,460 --> 00:01:19,140
to the captive portal's login page

37
00:01:19,140 --> 00:01:20,790
so you can enter your account information

38
00:01:20,790 --> 00:01:23,640
so you can access the internet if you're a SkyMiles member.

39
00:01:23,640 --> 00:01:25,620
Now, this didn't work on my MacBook Pro, though,

40
00:01:25,620 --> 00:01:27,840
so I had to begin troubleshooting this issue

41
00:01:27,840 --> 00:01:30,120
and figure out what was causing the problem.

42
00:01:30,120 --> 00:01:31,920
It could have been any of the three redirect methods,

43
00:01:31,920 --> 00:01:33,780
'cause I didn't know which one they were using.

44
00:01:33,780 --> 00:01:35,661
So let's say first I went and tried to see

45
00:01:35,661 --> 00:01:38,010
if they used an HTTP redirect.

46
00:01:38,010 --> 00:01:40,950
With an HTTP redirect, all traffic is redirected

47
00:01:40,950 --> 00:01:42,750
to a web server that they control,

48
00:01:42,750 --> 00:01:45,120
and then this web server redirects the clients

49
00:01:45,120 --> 00:01:49,620
to the captive portal using an HTTP status code of 302.

50
00:01:49,620 --> 00:01:51,300
In the case of this in-flight Wi-Fi,

51
00:01:51,300 --> 00:01:52,620
that is not what they were using,

52
00:01:52,620 --> 00:01:55,260
and so I moved on in my troubleshooting efforts.

53
00:01:55,260 --> 00:01:58,033
Second, I looked to see if they were using ICMP packets

54
00:01:58,033 --> 00:02:00,450
to redirect me to a captive portal.

55
00:02:00,450 --> 00:02:02,026
Now, ICMP is a network protocol

56
00:02:02,026 --> 00:02:03,900
that's used to send error messages

57
00:02:03,900 --> 00:02:06,420
and operational information indicating the success

58
00:02:06,420 --> 00:02:09,360
or failure of communicating with another IP address.

59
00:02:09,360 --> 00:02:12,030
With an ICMP redirect, it's not a very common way

60
00:02:12,030 --> 00:02:14,730
to do captive portals these days, at least in my experience,

61
00:02:14,730 --> 00:02:17,040
and again, I found that they were not using that

62
00:02:17,040 --> 00:02:18,930
inside of the in-flight Wi-Fi,

63
00:02:18,930 --> 00:02:21,120
and so I moved on to step three.

64
00:02:21,120 --> 00:02:23,430
Step three is probably your most common type,

65
00:02:23,430 --> 00:02:26,220
and this is what's known as a DNS redirection.

66
00:02:26,220 --> 00:02:28,740
Now, when the client joins the in-flight Wi-Fi

67
00:02:28,740 --> 00:02:31,260
onboard the aircraft, the client gets an IP address,

68
00:02:31,260 --> 00:02:32,910
a subnet mask, a gateway,

69
00:02:32,910 --> 00:02:35,460
and a DNS server IP from the network.

70
00:02:35,460 --> 00:02:37,050
Now, this is all handed out to you

71
00:02:37,050 --> 00:02:38,940
from the onboard DHCP server

72
00:02:38,940 --> 00:02:40,770
when you connect to the network.

73
00:02:40,770 --> 00:02:42,900
Now, when the client opens up a web browser

74
00:02:42,900 --> 00:02:46,530
to connect to a website, like diontrain.com or google.com,

75
00:02:46,530 --> 00:02:49,320
the client is going to be redirected to the onboard DNS server

76
00:02:49,320 --> 00:02:52,410
and then redirected to that captive portal page.

77
00:02:52,410 --> 00:02:53,912
This is exactly what the in-flight Wi-Fi

78
00:02:53,912 --> 00:02:55,380
is attempting to use,

79
00:02:55,380 --> 00:02:58,050
but it wasn't working on my MacBook Pro.

80
00:02:58,050 --> 00:02:59,490
Now, why is that?

81
00:02:59,490 --> 00:03:02,010
Well, the issue was my client was already configured

82
00:03:02,010 --> 00:03:05,010
to use DNS from a static server that I assigned

83
00:03:05,010 --> 00:03:07,770
and not the onboard Wi-Fi's DNS server.

84
00:03:07,770 --> 00:03:11,700
Instead, I always use my DNS server as 8.8.8.8,

85
00:03:11,700 --> 00:03:14,580
which is Google's DNS server, because I trust that one.

86
00:03:14,580 --> 00:03:17,340
So I was configured to use Google's DNS server,

87
00:03:17,340 --> 00:03:19,680
not the onboard DNS server, and therefore,

88
00:03:19,680 --> 00:03:22,170
it couldn't redirect me to their captive portal.

89
00:03:22,170 --> 00:03:24,690
So I quickly disconnected from Wi-Fi,

90
00:03:24,690 --> 00:03:27,870
I cleared out my saved DNS setting of 8.8.8.8,

91
00:03:27,870 --> 00:03:30,780
and I set to automatically be configured over DHCP,

92
00:03:30,780 --> 00:03:33,330
then I reconnected to the onboard Wi-Fi.

93
00:03:33,330 --> 00:03:35,580
Immediately, I was forwarded to the captive portal,

94
00:03:35,580 --> 00:03:37,590
and I was able to get online and surf the web

95
00:03:37,590 --> 00:03:40,230
at 36,000 feet over the Atlantic Ocean.

96
00:03:40,230 --> 00:03:42,690
Isn't modern technology just wonderful?

97
00:03:42,690 --> 00:03:45,330
So what are some other common captive portal issues

98
00:03:45,330 --> 00:03:46,980
that you might experience?

99
00:03:46,980 --> 00:03:48,570
Well, if you're dealing with a smartphone,

100
00:03:48,570 --> 00:03:50,310
like an Apple or an Android device,

101
00:03:50,310 --> 00:03:51,840
especially with Apple devices,

102
00:03:51,840 --> 00:03:54,030
sometimes these things don't automatically load up

103
00:03:54,030 --> 00:03:56,850
the captive page upon connecting to the wireless network.

104
00:03:56,850 --> 00:03:59,490
If this occurs, you should first open up a web browser

105
00:03:59,490 --> 00:04:02,820
and try to go to any site, like google.com or facebook.com,

106
00:04:02,820 --> 00:04:05,100
something you know should always be up and available.

107
00:04:05,100 --> 00:04:07,680
This should cause the captive portal's HTTP

108
00:04:07,680 --> 00:04:09,720
or DNS redirects to take over

109
00:04:09,720 --> 00:04:12,420
and then present you with a captive portal login page.

110
00:04:12,420 --> 00:04:13,860
Now, if this doesn't work,

111
00:04:13,860 --> 00:04:15,606
then you're going to need to check your IP configuration

112
00:04:15,606 --> 00:04:19,019
of your smartphone and determine what the default gateway is

113
00:04:19,019 --> 00:04:21,000
for that wireless network you're connected to.

114
00:04:21,000 --> 00:04:24,510
Then you could type that IP address into your web browser.

115
00:04:24,510 --> 00:04:25,767
This will force load the captive portal

116
00:04:25,767 --> 00:04:27,660
in most cases as well.

117
00:04:27,660 --> 00:04:30,240
Now, the same thing can happen on your laptops as well,

118
00:04:30,240 --> 00:04:32,191
and if it does, I tend to follow the same

119
00:04:32,191 --> 00:04:34,320
three-step troubleshooting process.

120
00:04:34,320 --> 00:04:36,122
First, I open up a web browser and I try

121
00:04:36,122 --> 00:04:40,110
to go to any website, like google.com or facebook.com.

122
00:04:40,110 --> 00:04:41,910
Second, if that doesn't work,

123
00:04:41,910 --> 00:04:43,260
I determine what the default gateway

124
00:04:43,260 --> 00:04:47,370
for the wireless network is and I enter http://

125
00:04:47,370 --> 00:04:49,860
and the IP address for that default gateway.

126
00:04:49,860 --> 00:04:51,510
Then I hit enter.

127
00:04:51,510 --> 00:04:55,380
Third, if that doesn't work, I verify my DNS server IPs

128
00:04:55,380 --> 00:04:56,550
and I make sure that it's not set

129
00:04:56,550 --> 00:04:59,130
to something like 8.8.8.8 manually,

130
00:04:59,130 --> 00:05:01,680
and instead, I turn on DHCP for it to allow me

131
00:05:01,680 --> 00:05:04,230
to auto-configure my DNS on my laptop

132
00:05:04,230 --> 00:05:06,090
to connect to their wireless network.

133
00:05:06,090 --> 00:05:07,950
Then I re-attempt step number one

134
00:05:07,950 --> 00:05:10,740
by opening up a web browser and going to any website again.

135
00:05:10,740 --> 00:05:12,120
Usually, these three steps

136
00:05:12,120 --> 00:05:14,040
will solve most of the issues you're going to come across

137
00:05:14,040 --> 00:05:15,153
with captive portals.