> > I just find it highly irregular that they would specify a DNS server that > is external to the network, and then give a domain name that would require > a call to that DNS server, before you are allowed to pass traffic through > the gateway. These networks have to have their own DNS server, or at least > a proxy DNS server to redirect traffic until you've accepted the T&C. > Otherwise, the whole security model breaks down. > > Russel - This was my suspicion where things were breaking down too. But, consider this. When Rich's DHCP client receives a quarantined ip addr from the local subnet there's no tcp/ip communication per se. An DHCP request goes out and then an ip address and additional info is assigned. At that point a tcp/ip redirect should happen via the DHCP server on the WAP to send any ip and/or http traffic to the captive portal page
But if the first ip packets from Rich's computer go out eth0, they will never make in to the WAP DHSP server and be redirected to the captive portal. It's possible, depending on how the captive portal works and how it's configured that a call to an internal DNS server doesn't need to happen. I'm curious if Russell Senior or anyone else involved with Personal Telco wifi ap setup can weigh in on how the the captive portal works for their WAPs and if a local DNS call is made or not. _______________________________________________ PLUG mailing list PLUG@lists.pdxlinux.org http://lists.pdxlinux.org/mailman/listinfo/plug
