>Connect to free wifi
>Get IP through DHCP
>Try to access the internet
>AND THIS NEXT PART IS THE IMPORTANT BIT
>Please login
>Try playing around with static IP/DNS settings
>Please login
>connect to VPN
>Surf the web
Can someone explain how the routers block you from a networking perspective?
My best guess is that they just whitelist MAC addresses and logging in gets you on the white list temporarily?
But then how do they manage to keep that login screen up after you change DNS settings?
How is it still redirecting me?
depends
usually a radius server is involved
sometimes dynamic vlans are involved too
>>54557775
>usually a radius server is involved
Iv deployed a few microsoft radius servers and I don't ever remember seeing that detailed an option menu.
>>54557817
idk about microsoft radius but usually the way it works is that the gateway for the wireless interface manages the login stuff and radius is mainly used for accounting information
>>54557750
>But then how do they manage to keep that login screen up after you change DNS settings?
because you're still connecting to port 80/443
>>54557850
>gateway for the wireless interface manages the login stuff
Yea but it has to assign you an IP to collect the password. Theoretically I should be able to just change the DNS to something generic and be good to go. But it does not work out that way.
>>54557885
>because you're still connecting to port 80/443
Could you explain a little more? You mean they are routing all traffic on port 80 to the login page?
>>54557910
simple just block other dns servers
most of these hotspots dont block dns hence you use stuff like iodine to bypass
>>54557910
also its not difficult to run a dhcp server on an interface
>>54557750
i have this, it runs hot
>>54557934
>iodine
Never knew that existed. That is kind of amazing.
> just block other dns servers
Isn't that really flawed though? Can't you just use any (or your own) unlisted DNS server and get around it instantly?
Thanks for all the info btw
>>54557969
afaik you cant set a custom port for a dns server in most clients
just ban port 53 and you are done
>>54557946
Of course it runs hot. Did you even look at the thing? It was made to summon demons not route packets.
>>54558305
Whats even the point of having so many omni-directional antennas so close together? I can't see how that would improve range.
>>54558318
it's not for range, it's for speed afaik
https://en.wikipedia.org/wiki/MIMO