The captive portal technique forces an HTTP client on a network to see a special web page (usually for authentication purposes) before using the Internet normally.
A captive portal turns a Web browser into an authentication device.
This is done by intercepting most packets, regardless of address or port, until the user opens a browser and tries to access the web.
At that time the browser is redirected to a web page which may require authentication and/or payment, or simply display an acceptable use policy and require the user to agree.
Captive portals are used at many Wi-Fi hotspots, and can be used to control wired access (e.g. apartment houses, hotel rooms, business centers, “open” Ethernet jacks) as well.
Since the login page itself must be presented to the client, either that login page is locally stored in the gateway, or the web server hosting that page must be “whitelisted” via a walled garden to bypass the authentication process.
Depending on the feature set of the gateway, multiple web servers can be white-listed (say for iframes or links within the login page).
In addition to white-listing the URLs of web hosts, some gateways can white-list TCP ports.
The MAC address of attached clients can also be set to bypass the login process.
The revision 4 of the HotSpot allows the following features:
The HotSpot rev 4 is available with Artica v2.17.080114 or above
- Guest user names in proxy logs: A guest account is logged in proxy events and available in statistics.
- Allow to create multiple rules: You can create several skins and authentication methods according subnets or IP addresses.
- Fully customizable HotSpot templates:You can change many items in the Splash screen (logo, text, colors).
- Self-register method: You can enable a self register features that allows guests to access to Internet during a period in order to click on a link received by a confirmation eMail.
- Active Directory authentication: You can define several Active Directory servers and Active Directory groups in order to allow guest sessions.
- Limit sessions by downloaded size: You ca define a limit of each session by the downloaded size