This question already has an answer here:
DHCP Server to Redirect any url to landing page
(1 answer)
Closed 7 years ago.
I have a linux DHCP server which I need to redirect all web traffic to a landing page which will have instructions on how to register their computer on the network.
No matter what URL a user types in, the user needs to be redirected to a webpage (on the DHCP server).
ie: user types google.com they are immediately redirected to 192.168.10.1. This DHCP server will never be used to access the web. Once the user acquires the instructions to register their computer from the landing page, they will be blacklisted on this particular DHCP server and forced to request an IP from the main DHCP server.
How can I create such a redirect?
You are looking for a captive portal. See http://en.m.wikipedia.org/wiki/Captive_portal.
There are open source solutions that do just that. Lookup captive portal open source on google.
Note that the DHCP server assigns IP address and, mask, gateway, DNS config parameters. The captive portal needs to be implemented in the router box so as to prevent any trafic to the Internet until the user opens a web session and authenticates.
Related
i'm developing web-based system information for my company.my boss asked me to use LAN. i'm using CodeIgniter, xampp and phpmyadmin. my web works good on localhost. then i did setting my ip address to static ip address, i editted my xampp configuration so that ip address that i have allowed could access my web. but the issue is the only page that everyone can access is the landing page. I can't access the other page that connect to the database such as the login function,etc. Anyone can help me with this issue?
i did the setting, such as editting the xampp configuration, allow all ip address, then i tried to access the ip addess, it works good on another PC while accessing the landing page. But when i clicked on the login button the next page didn't come up. it says the page said "this site can't be reached" also it said "checking proxy and the firewall.
I expect that user can access the login page also the database can automatically updated everytime user input data to the web.
Dears,
Kindly note that I have a website deployed on IIS 8 in windows server 2012.
When trying to access the website using the host name, the login popup appears and when entering the windows credential, I can enter to the website successfully,
When trying to access the website using the IP address, the login popup appears and when entering the windows credential I cannot log in, and the pop appears again, trying more it returns the same behavior when canceling the popup it gives me the below error:
HTTP Error 401.1 - Unauthorized,
Please note that the "Anonymous Authentication" is enabled using the IUSR identity, and the Windows Authentication enabled with the NTLM and Negotiate providers and the NTLM is first.
I am trying to fix this issue by edit the registry value BackConnectionHostNames and DisableLoopbackCheck following steps in the below article from Microsoft
https://support.microsoft.com/en-us/help/896861/you-receive-error-401-1-when-you-browse-a-web-site-that-uses-integrate
and still not working
Thank you in advance
Consider the differences between navigating by hostname and navigating by IP to your server. Use command prompt and do a tracert IP vs tracert hostname. The difference is by hostname, it resolves your request through the domain name services (knows who you are and who the server is on the domain). By IP, it skips the domain name services and goes directly to the target computer. The network doesn't need the DNS if you use the actual IP address, as the DNS is used for resolving names into IP addresses.
I believe you can directly put the domain name in your code so it knows where to look without relying on the DNS to automatically authenticate (although I haven't done this). Otherwise, let the domain name services resolve the user automatically by authenticating the requestee (the user) to the host (by name) when using the hostname.
Let me know if that makes sense.
I have been experimenting how to bypass captive portal(e.g. wifis that without password but redirect users to a https payment gateway pages). I know that if they haven't configure the captive portal properly (e.g.only limit browsers requests in such a way that I can ssh to a server or ping to anything website without issues), in which case there is a "IP OVER icmp tunnel" method where one can set up a tunneling to access the internet.
However, I'm just wondering what if pinging any website resulting in timeout or not researchable
does it mean the configuration allows only https request to the redirect website(payment gateway) only and there is no ways to bypass captive portal (e.g.via tunneling)
with thanks,
I
I would like to do some tablet testing on a website I have. The website has two parts, both in separate projects.
Main site:
platform.local.samplesite.com
SSO site:
sso.local.samplesite.com
The issue:
I can access the main website remotely by ip. When redirected to the login, it tries to hit 'sso.local.samplesite.com', and cannot find that remotely, as it only knows the computer ip set to the main platform site.
General navigation would be:
Hit platform -> Get redirected to SSO site -> Sign in -> Get passed back and land on the main page of platform, all logged in
Currently I can hit the main platform site by adding a binding of HTTPS, IP Address all unassigned, using SSL certificate, and no host name. Then, from the mobile device, I hit the computer's IP address. This successfully gets me to the platform page, but then I am redirected and the tablet cannot see sso.local.samplesite.com.
Is there any way for me to have them both bound and successfully redirecting?
Would your redirect protocol on sso.local send you to the subsite once login was successful rather than redirecting back to the root site? This in theory would bypass your redirection, assuming you've set the redirection at server level bound to the domain?
I want to build a node js internet gateway/captive portal. So I can have a user 'authorize' his mac address or ip address if the mac address is not possible like used for wifi hotspots
So what I have in mind is node can have a dhcp server and it gives its ip address as the gateway. So if the user loads a page on the web browser it gives them an authentication screen and they can then log in and the gateway can then route its packets correctly.
How can I do the authorization step with node.js so if they're not logged in it presents a log in page & if they are to route the packets correctly?
You need couple of pieces to put this together.
#1: http proxy - If you can run a DHCP server and assign IP addresses, then you can run and http-proxy to capture all internet traffic.
#2: You'll then need to add authentication logic to this proxy which can check for a cookie, magic packet, token or something that verifies access and lets them through or redirects to login page.
node-http-proxy is a very popular and flexible node http proxy server that you can easily add your own logic to.
node-http-auth-proxy is another such project with an example of how to handle authentication built in.
Having a proxy also allows you to whitelist/blacklist sites/IPs, something you may wanna do based on your target audience.