Scribd Logo
Cargar

¡Te damos la bienvenida a Scribd!

  • Captive Flow1

    Cargado por

    Vishesh Badhadra
    8 vistas3 páginas
    Captive portal which is used in enterprise WiFi solutions.

    Derechos de autor

    © © All Rights Reserved

    Formatos disponibles

    PDF, TXT o lea en línea desde Scribd

    ¿Le pareció útil este documento?

    ¿Este contenido es inapropiado?

    Denunciar este documento
    Captive portal which is used in enterprise WiFi solutions.

    Copyright:

    © All Rights Reserved
    Descargue como PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    8 vistas3 páginas

    Captive Flow1

    Cargado por

    Vishesh Badhadra
    Captive portal which is used in enterprise WiFi solutions.

    Copyright:

    © All Rights Reserved
    Descargue como PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    de 3

    Captive Portal Flow

    By Raj Vinod Kumar


    Client associates to SSID, gets IP and is assigned the CP initial user-role

    • Client start browsing a URL (e.g: google.com)


    • DNS query/response for the requested URL

    Client initiates TCP connection to port 80 of the goolge.com

    Controller intercepts and spoofs the initial TCP handshake of the HTTP process. Client browser thinks that it is communicating to google.com

    Controller intercepts all HTTP/HTTPS traffic of the client via DST-NAT ACL in the
    user initial user-role (user any svc-http/https dst-nat 8080/8081)

    HTTP Get
    TCP Conversation IPs:
    -User IP
    -Requested URL IP HTTP 302 Temporarily moved message with controller's CP login URL) or HTTPs;//securelogin.arubanetworks.com

    Browser Terminates TCP connection

    DNS query/response for CP Login URL (For the URL mentioned or to default securelogin.arubanetworks.com)

    Controller intercepts DNS response which would have not resolved for securelogin and spoof the DNS reply resolving to its own IP address

    Spoof the DNS reply resolving to its own IP address (for internal captive portal)/ If its external captive portals then the DNS should
    TCP Conversation IPs:
    -User IP
    -Controller IP HTTP/HTTPS connection request to the controller/external captive portal

    HTTP/HTTPS response form from Captive portal with the login page, from controller or from CCPM for external captive portal

    Client puts in Username/Password and HTTP/HPPTS post to CPPM for external captive portal or to controller for internal captive portal

    CPPM responds with Login message and hidden script, which would help the client to post the login form to controller without user interaction

    TCP Conversation IPs:


    -User IP
    -Requested URL IP

    The controller sends RADIUS request to CPPM


    The client posts the form to the controller (No user interaction needed) This is the controller initiated WEB login

    • Redirected to user requested URL, Client is assigned post-auth user-role in the controller RADIUS ACCEPT

    • Finishes CP login process


    • HTTP/HTTPS session is terminated
    Client traffic is redirected to the requested URL initially with the help of the stored cookie

    Client send DNS query to resolve the original URL .

    DNS response to the original url


    • Store the originally requested URL in a cookie so that once the user
    has authenticated, they are automatically redirected to its original
    page.

    También podría gustarte