Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
710
Views
0
Helpful
1
Replies

Prevent Captive portal bypass

nemenciobeberu
Level 1
Level 1

‎02-23-2020 05:08 AM - edited ‎07-05-2021 11:45 AM

Hi Folks,

 

im new in wireless security portion and i have question regarding the behaviour of captive portal (Guest Wifi). Since it is an open authentication, i have case where an intruder  run a script, perform IP scan, then later on acquire a mac which is already authenticated, then after wards, this intruder already connected to internet even without entering anything from captive portal.  How can we prevent this type of attack?  Can anyone enlighten me if moving from open to WPA2 authentication can solve this issue.. authentication via enterprise (ISE) is not feasible due to budget constraint and the SSID is for Guest Network in hotel. thanks 

 

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Scott Fella
Hall of Fame
Hall of Fame

‎02-23-2020 11:04 AM

I don’t think there is much you can do there. A person can use a tool to scan the air and also collect Mac addresses, they don’t have to connect and run a script to collect that data. If guest WiFi is free, I don’t see how this would be a use case to solve unless you have a free one and one that they register with last name and room number for example. Either way, only one MAC address is allowed to connect at a time from the controllers perspective. So the device has to go away first before the person can use that Mac to access the guest network.
-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card