★ Wireless Portal authentication, the authentication page does not automatically pop up after the Windows PC terminal is connected to the SSID
- 0 Followed
- 0Collected ,4486Browsed
Network Topology
AC-Switch-AP, centralized forwarding mode
Problem Description
Apple and Android mobile terminals, as well as Macbook, can automatically pop up the portal authentication page after connecting to the SSID. PCs using the Windows 10 operating system cannot automatically open the browser and pop up the authentication page after connecting to the SSID. You need to manually open the browser before you can be redirected to the portal authentication page.
Process Analysis
After Android and Apple terminals connect to the SSID, they will send http sniffing messages to detect the reachability of the current network. After receiving the http messages, the AC will fake the address detected by the terminal and push the portal authentication page to the wireless terminal to implement the redirection function. To implement redirection on a windows PC terminal, the sniffing packets sent by the windows PC need to be redirected.
Windows systems also have automatic detection functions. The currently commonly used default sniffing packets from window 7 to window 11 terminals are as follows:
Window 11:
http://www.msftconnecttest.com/connecttest.txt
Windows 10.0.15063 (1703) ~ 10.0.07134 (1803) :
http://www.msftconnecttest.com/redirect
Windows 10.0.14393 (1607):
http://www.msftconnecttest.com/connecttest.txt
Windows 8/8.1 ~ 10.0.15063 (1511):
http://www.msftncsi.com/ncsi.txt
Windows 7 :
http://www.msftncsi.com/ncsi.txt
The automatic detection function of Windows system can be turned on or off through the registry, and the detection address can also be modified.
The Windows 7 system registry is HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet.
Therefore, you need to add the redirect command of the above windows sniffing URL to the portal web-server to redirect to the portal authentication page.
Solution
Add the following configuration to the portal web-server:
#
portal web-server imc
if-match original-url http://www.msftconnecttest.com/redirect redirect-url http://10.35.16.156:8080/portal
if-match original-url http://www.msftconnecttest.com/connecttest.txt redirect-url http://10.35.16.156:8080/portal
if-match original-url http://www.msftncsi.com/ncsi.txt redirect-url http://10.35.16.156:8080/portal
#
After testing, it was found that the Windows PC automatically launched the browser after connecting to the SSID, and the portal authentication page popped up.
Additional notes: If portal safe-redirect enable is configured, the above three redirect commands must be added to the portal web-server.
If portal safe-redirect enable is not configured, there is no need to add the above three redirect commands to the portal web-server. The authentication page can pop up directly after the windows PC is connected to wifi.