Require every user connecting via wireless access point to use their own captive portal account [closed]
up vote
1
down vote
favorite
I have a LAN cable that if I plug it into my computer and try to access the Internet a captive portal opens and asks for a username and password. I connected an access point to this LAN so everyone can connect wirelessly to this LAN. But the problem is if I connect to the access point through Wi-Fi and enter my username and password in the captive portal, any other user connecting to that Wi-Fi network can access the Internet using my account!
How can I prevent this? I want everyone to use their own account on the captive portal.
wireless-networking wireless-access-point captive-portal
edited Dec 5 at 20:05
Twisty Impersonator
17.5k136394
asked Dec 5 at 12:12
j doe
92
closed as unclear what you're asking by DavidPostill♦ Dec 5 at 14:19
Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
add a comment |
up vote
1
down vote
favorite
I have a LAN cable that if I plug it into my computer and try to access the Internet a captive portal opens and asks for a username and password. I connected an access point to this LAN so everyone can connect wirelessly to this LAN. But the problem is if I connect to the access point through Wi-Fi and enter my username and password in the captive portal, any other user connecting to that Wi-Fi network can access the Internet using my account!
How can I prevent this? I want everyone to use their own account on the captive portal.
wireless-networking wireless-access-point captive-portal
edited Dec 5 at 20:05
Twisty Impersonator
17.5k136394
asked Dec 5 at 12:12
j doe
92
closed as unclear what you're asking by DavidPostill♦ Dec 5 at 14:19
Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
1
Are you sure you have an Access Point? Because it sounds like you have a regular NAT router. // Also keep in mind that you are most likely not authorized to add a wireless extension to this protected network.
– Daniel B
Dec 5 at 12:21
1
Anyone able to comment on what is unclear about this question?
– Twisty Impersonator
Dec 5 at 14:58
@TwistyImpersonator What captive portal? How can we answer anything about the users configuration if we don't know what it is?
– Jan Doggen
Dec 5 at 15:29
The information in the question clearly implies the captive portal is performing IP or MAC based authentication. This is all one needs to know in order to answer the question. See the answer I posted to understand why this is all that is needed.
– Twisty Impersonator
Dec 5 at 15:34
add a comment |
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I have a LAN cable that if I plug it into my computer and try to access the Internet a captive portal opens and asks for a username and password. I connected an access point to this LAN so everyone can connect wirelessly to this LAN. But the problem is if I connect to the access point through Wi-Fi and enter my username and password in the captive portal, any other user connecting to that Wi-Fi network can access the Internet using my account!
How can I prevent this? I want everyone to use their own account on the captive portal.
wireless-networking wireless-access-point captive-portal
edited Dec 5 at 20:05
Twisty Impersonator
17.5k136394
asked Dec 5 at 12:12
j doe
92
I have a LAN cable that if I plug it into my computer and try to access the Internet a captive portal opens and asks for a username and password. I connected an access point to this LAN so everyone can connect wirelessly to this LAN. But the problem is if I connect to the access point through Wi-Fi and enter my username and password in the captive portal, any other user connecting to that Wi-Fi network can access the Internet using my account!
How can I prevent this? I want everyone to use their own account on the captive portal.
wireless-networking wireless-access-point captive-portal
wireless-networking wireless-access-point captive-portal
edited Dec 5 at 20:05
Twisty Impersonator
17.5k136394
asked Dec 5 at 12:12
j doe
92
edited Dec 5 at 20:05
Twisty Impersonator
17.5k136394
asked Dec 5 at 12:12
j doe
92
edited Dec 5 at 20:05
Twisty Impersonator
17.5k136394
edited Dec 5 at 20:05
Twisty Impersonator
17.5k136394
edited Dec 5 at 20:05
Twisty Impersonator
17.5k136394
17.5k136394
asked Dec 5 at 12:12
j doe
92
asked Dec 5 at 12:12
j doe
92
asked Dec 5 at 12:12
j doe
92
92
closed as unclear what you're asking by DavidPostill♦ Dec 5 at 14:19
Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
closed as unclear what you're asking by DavidPostill♦ Dec 5 at 14:19
Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question.
1
Are you sure you have an Access Point? Because it sounds like you have a regular NAT router. // Also keep in mind that you are most likely not authorized to add a wireless extension to this protected network.
– Daniel B
Dec 5 at 12:21
1
Anyone able to comment on what is unclear about this question?
– Twisty Impersonator
Dec 5 at 14:58
@TwistyImpersonator What captive portal? How can we answer anything about the users configuration if we don't know what it is?
– Jan Doggen
Dec 5 at 15:29
The information in the question clearly implies the captive portal is performing IP or MAC based authentication. This is all one needs to know in order to answer the question. See the answer I posted to understand why this is all that is needed.
– Twisty Impersonator
Dec 5 at 15:34
add a comment |
1
Are you sure you have an Access Point? Because it sounds like you have a regular NAT router. // Also keep in mind that you are most likely not authorized to add a wireless extension to this protected network.
– Daniel B
Dec 5 at 12:21
1
Anyone able to comment on what is unclear about this question?
– Twisty Impersonator
Dec 5 at 14:58
@TwistyImpersonator What captive portal? How can we answer anything about the users configuration if we don't know what it is?
– Jan Doggen
Dec 5 at 15:29
The information in the question clearly implies the captive portal is performing IP or MAC based authentication. This is all one needs to know in order to answer the question. See the answer I posted to understand why this is all that is needed.
– Twisty Impersonator
Dec 5 at 15:34
1
1
Are you sure you have an Access Point? Because it sounds like you have a regular NAT router. // Also keep in mind that you are most likely not authorized to add a wireless extension to this protected network.
– Daniel B
Dec 5 at 12:21
Are you sure you have an Access Point? Because it sounds like you have a regular NAT router. // Also keep in mind that you are most likely not authorized to add a wireless extension to this protected network.
– Daniel B
Dec 5 at 12:21
1
1
Anyone able to comment on what is unclear about this question?
– Twisty Impersonator
Dec 5 at 14:58
Anyone able to comment on what is unclear about this question?
– Twisty Impersonator
Dec 5 at 14:58
@TwistyImpersonator What captive portal? How can we answer anything about the users configuration if we don't know what it is?
– Jan Doggen
Dec 5 at 15:29
@TwistyImpersonator What captive portal? How can we answer anything about the users configuration if we don't know what it is?
– Jan Doggen
Dec 5 at 15:29
The information in the question clearly implies the captive portal is performing IP or MAC based authentication. This is all one needs to know in order to answer the question. See the answer I posted to understand why this is all that is needed.
– Twisty Impersonator
Dec 5 at 15:34
The information in the question clearly implies the captive portal is performing IP or MAC based authentication. This is all one needs to know in order to answer the question. See the answer I posted to understand why this is all that is needed.
– Twisty Impersonator
Dec 5 at 15:34
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
accepted
Based on your description, the captive portal is configured on your network's Internet gateway, possibly your router. Further, it is performing IP-based (or MAC-based) authentication, meaning that when a device is authenticated, all further traffic from that device's IP address is permitted to the Internet.
This leads me to conclude that your wireless access point is using NAT to connect wireless clients to your LAN. In other words the AP makes all of the wireless clients appear as a single IP address on the LAN, hence the reason you are required to authenticate only once and also why all further Internet access from the wireless devices is associated with your portal account.
To resolve this, configure your wireless access point to place Wi-Fi clients directly on the LAN so that they each get their own IP address on its subnet. This will in turn require each wireless client to authenticate separately with the captive portal.
answered Dec 5 at 13:21
Twisty Impersonator
17.5k136394
It doesn't really matter here whether IP and/or MAC authentication is in use – a router+NAT will rewrite both, a pure bridge AP will rewrite neither. (The middle option of a router with no NAT is probably unlikely given the question.)
– grawity
Dec 5 at 13:57
Oh yes, I forgot about MAC based authentication. Thanks!
– Twisty Impersonator
Dec 5 at 14:57
@TwistyImpersonator Yes i think this is the correct answer. but is this configuration possible on most access points? and where is this kind of settings?
– j doe
Dec 5 at 20:02
You're asking a new question there. Please do so by posting a new question.
– Twisty Impersonator
Dec 5 at 20:03
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
accepted
Based on your description, the captive portal is configured on your network's Internet gateway, possibly your router. Further, it is performing IP-based (or MAC-based) authentication, meaning that when a device is authenticated, all further traffic from that device's IP address is permitted to the Internet.
This leads me to conclude that your wireless access point is using NAT to connect wireless clients to your LAN. In other words the AP makes all of the wireless clients appear as a single IP address on the LAN, hence the reason you are required to authenticate only once and also why all further Internet access from the wireless devices is associated with your portal account.
To resolve this, configure your wireless access point to place Wi-Fi clients directly on the LAN so that they each get their own IP address on its subnet. This will in turn require each wireless client to authenticate separately with the captive portal.
answered Dec 5 at 13:21
Twisty Impersonator
17.5k136394
It doesn't really matter here whether IP and/or MAC authentication is in use – a router+NAT will rewrite both, a pure bridge AP will rewrite neither. (The middle option of a router with no NAT is probably unlikely given the question.)
– grawity
Dec 5 at 13:57
Oh yes, I forgot about MAC based authentication. Thanks!
– Twisty Impersonator
Dec 5 at 14:57
@TwistyImpersonator Yes i think this is the correct answer. but is this configuration possible on most access points? and where is this kind of settings?
– j doe
Dec 5 at 20:02
You're asking a new question there. Please do so by posting a new question.
– Twisty Impersonator
Dec 5 at 20:03
add a comment |
up vote
1
down vote
accepted
Based on your description, the captive portal is configured on your network's Internet gateway, possibly your router. Further, it is performing IP-based (or MAC-based) authentication, meaning that when a device is authenticated, all further traffic from that device's IP address is permitted to the Internet.
This leads me to conclude that your wireless access point is using NAT to connect wireless clients to your LAN. In other words the AP makes all of the wireless clients appear as a single IP address on the LAN, hence the reason you are required to authenticate only once and also why all further Internet access from the wireless devices is associated with your portal account.
To resolve this, configure your wireless access point to place Wi-Fi clients directly on the LAN so that they each get their own IP address on its subnet. This will in turn require each wireless client to authenticate separately with the captive portal.
answered Dec 5 at 13:21
Twisty Impersonator
17.5k136394
It doesn't really matter here whether IP and/or MAC authentication is in use – a router+NAT will rewrite both, a pure bridge AP will rewrite neither. (The middle option of a router with no NAT is probably unlikely given the question.)
– grawity
Dec 5 at 13:57
Oh yes, I forgot about MAC based authentication. Thanks!
– Twisty Impersonator
Dec 5 at 14:57
@TwistyImpersonator Yes i think this is the correct answer. but is this configuration possible on most access points? and where is this kind of settings?
– j doe
Dec 5 at 20:02
You're asking a new question there. Please do so by posting a new question.
– Twisty Impersonator
Dec 5 at 20:03
add a comment |
up vote
1
down vote
accepted
up vote
1
down vote
accepted
Based on your description, the captive portal is configured on your network's Internet gateway, possibly your router. Further, it is performing IP-based (or MAC-based) authentication, meaning that when a device is authenticated, all further traffic from that device's IP address is permitted to the Internet.
This leads me to conclude that your wireless access point is using NAT to connect wireless clients to your LAN. In other words the AP makes all of the wireless clients appear as a single IP address on the LAN, hence the reason you are required to authenticate only once and also why all further Internet access from the wireless devices is associated with your portal account.
To resolve this, configure your wireless access point to place Wi-Fi clients directly on the LAN so that they each get their own IP address on its subnet. This will in turn require each wireless client to authenticate separately with the captive portal.
answered Dec 5 at 13:21
Twisty Impersonator
17.5k136394
Based on your description, the captive portal is configured on your network's Internet gateway, possibly your router. Further, it is performing IP-based (or MAC-based) authentication, meaning that when a device is authenticated, all further traffic from that device's IP address is permitted to the Internet.
This leads me to conclude that your wireless access point is using NAT to connect wireless clients to your LAN. In other words the AP makes all of the wireless clients appear as a single IP address on the LAN, hence the reason you are required to authenticate only once and also why all further Internet access from the wireless devices is associated with your portal account.
To resolve this, configure your wireless access point to place Wi-Fi clients directly on the LAN so that they each get their own IP address on its subnet. This will in turn require each wireless client to authenticate separately with the captive portal.
answered Dec 5 at 13:21
Twisty Impersonator
17.5k136394
edited Dec 5 at 14:56
answered Dec 5 at 13:21
Twisty Impersonator
17.5k136394
answered Dec 5 at 13:21
Twisty Impersonator
17.5k136394
answered Dec 5 at 13:21
Twisty Impersonator
17.5k136394
17.5k136394
It doesn't really matter here whether IP and/or MAC authentication is in use – a router+NAT will rewrite both, a pure bridge AP will rewrite neither. (The middle option of a router with no NAT is probably unlikely given the question.)
– grawity
Dec 5 at 13:57
Oh yes, I forgot about MAC based authentication. Thanks!
– Twisty Impersonator
Dec 5 at 14:57
@TwistyImpersonator Yes i think this is the correct answer. but is this configuration possible on most access points? and where is this kind of settings?
– j doe
Dec 5 at 20:02
You're asking a new question there. Please do so by posting a new question.
– Twisty Impersonator
Dec 5 at 20:03
add a comment |
It doesn't really matter here whether IP and/or MAC authentication is in use – a router+NAT will rewrite both, a pure bridge AP will rewrite neither. (The middle option of a router with no NAT is probably unlikely given the question.)
– grawity
Dec 5 at 13:57
Oh yes, I forgot about MAC based authentication. Thanks!
– Twisty Impersonator
Dec 5 at 14:57
@TwistyImpersonator Yes i think this is the correct answer. but is this configuration possible on most access points? and where is this kind of settings?
– j doe
Dec 5 at 20:02
You're asking a new question there. Please do so by posting a new question.
– Twisty Impersonator
Dec 5 at 20:03
It doesn't really matter here whether IP and/or MAC authentication is in use – a router+NAT will rewrite both, a pure bridge AP will rewrite neither. (The middle option of a router with no NAT is probably unlikely given the question.)
– grawity
Dec 5 at 13:57
It doesn't really matter here whether IP and/or MAC authentication is in use – a router+NAT will rewrite both, a pure bridge AP will rewrite neither. (The middle option of a router with no NAT is probably unlikely given the question.)
– grawity
Dec 5 at 13:57
Oh yes, I forgot about MAC based authentication. Thanks!
– Twisty Impersonator
Dec 5 at 14:57
Oh yes, I forgot about MAC based authentication. Thanks!
– Twisty Impersonator
Dec 5 at 14:57
@TwistyImpersonator Yes i think this is the correct answer. but is this configuration possible on most access points? and where is this kind of settings?
– j doe
Dec 5 at 20:02
@TwistyImpersonator Yes i think this is the correct answer. but is this configuration possible on most access points? and where is this kind of settings?
– j doe
Dec 5 at 20:02
You're asking a new question there. Please do so by posting a new question.
– Twisty Impersonator
Dec 5 at 20:03
You're asking a new question there. Please do so by posting a new question.
– Twisty Impersonator
Dec 5 at 20:03
add a comment |
1
Are you sure you have an Access Point? Because it sounds like you have a regular NAT router. // Also keep in mind that you are most likely not authorized to add a wireless extension to this protected network.
– Daniel B
Dec 5 at 12:21
1
Anyone able to comment on what is unclear about this question?
– Twisty Impersonator
Dec 5 at 14:58
@TwistyImpersonator What captive portal? How can we answer anything about the users configuration if we don't know what it is?
– Jan Doggen
Dec 5 at 15:29
The information in the question clearly implies the captive portal is performing IP or MAC based authentication. This is all one needs to know in order to answer the question. See the answer I posted to understand why this is all that is needed.
– Twisty Impersonator
Dec 5 at 15:34