Not with a redirect…..that’s why I don’t do it anymore. There’s a method to proxy HTTPS traffic, and I’d have to assume that Mediacom thing you’re referring to is using a proxy to work that magic. Proxies are not a thing I’ve really messed with so I’m not terribly clear on how they do it with HTTPS, but apparently they can. Maybe it only works with domain validated certificates?
From: AF <af-boun...@af.afmug.com> On Behalf Of Steve Jones Sent: Monday, February 28, 2022 11:21 AM To: AnimalFarm Microwave Users Group <af@af.afmug.com> Subject: Re: [AFMUG] The weirdest coincidence On that note, is there any way to get cusomers to see a redirect on https without the security page? I assume no, since it would defeat the security principle purpose. Mediacom has the ability to inject a banner at the top of the page to deliver a message if youre nearing your usage. I assume they can put whatever message they want. On Mon, Feb 28, 2022, 9:33 AM Josh Luthman <j...@imaginenetworksllc.com <mailto:j...@imaginenetworksllc.com> > wrote: This is how I did it with Mikrotik back in the 2000's. It's how Powercode has done it since at least 2008. With SSL grabbing anything and everything, you typically get the bad cert page but when customers see that they call to complain rather than unplug things. A "Error no internet" makes people move wires. Any more it's a tool to avoid a truck roll because the customer did something they shouldn't after they didn't pay their bill (I believe "these people" often go together like PBnJ). As far as captive portals, phones do a great job these days with their internet check to msft/Google/Apple. On Mon, Feb 28, 2022 at 10:12 AM Carl Peterson <cpeter...@portnetworks.com <mailto:cpeter...@portnetworks.com> > wrote: We use QinQ per customer SVLAN/CVLAN which is easy to set on cambium. If the account isn't valid, radius returns reject to the BNG and the circuit isn't authorized. Never bothered to do a splash page with it but it would be easy enough to put disabled accounts into a routing instance that directed to a splash page. For people who do this, how effective is it? It feels like half our customers don't use their laptops more than occasionally unless they work from home. It's mostile apps on the phone and you need to deliberately go to a http site on a web browser if you want to catch a splash page. Back when we did tons of MDU Wi-Fi we pretty much had someone spending 1/4 of their time keeping up with captive portal stuff to make it work with every new OS / web browser version. On Mon, Feb 28, 2022 at 8:32 AM Josh Luthman <j...@imaginenetworksllc.com <mailto:j...@imaginenetworksllc.com> > wrote: VLAN sounds great for Cambium. Not sure about Ubnt, I don't think the interface is ready for that. On Sat, Feb 26, 2022 at 2:27 PM Forrest Christian (List Account) <li...@packetflux.com <mailto:li...@packetflux.com> > wrote: We set up a special van 404 for this. Customers get assigned to this vlan for any reason that necessitates action before being turned back on. At the headend there is a tik set up on this vlan which gives a splash page asking them to call the office. It also gives them an option to pay their bill through the (whitelisted) billing portal. On Wed, Feb 23, 2022, 12:05 PM Josh Luthman <j...@imaginenetworksllc.com <mailto:j...@imaginenetworksllc.com> > wrote: I'd also not turn customers off by disabling ethernet ports. This is a small example but a bigger one still would be when the customer starts changing cables because their internet doesn't work. Having a redirect page (SSL errors be damned) is way better. On Wed, Feb 23, 2022 at 9:04 AM <dmmoff...@gmail.com <mailto:dmmoff...@gmail.com> > wrote: I absolutely understand being busy and having multiple windows open and the dangers that can occur if you mix up which window is for which task. Anybody can have an issue in those conditions with any kind of hardware. The fact this person did it 6 times in quick succession means someone gave them access they shouldn’t have to devices they didn’t understand. And yeah 6 total. There were 5 when I first wrote the bewildered email about it. That does make me consider which person might deserve the proposed the knee breaking accident. Two were the 450i which have the very convenient recovery mode feature. Three of the others we got back by getting in through the wireless side with an SM. The last was a 3.5ghz 450 (not 450i). So no recovery mode, and you know since the AP can’t talk to the SAS no SM could be authorized and an SM without a SAS grant doesn’t bridge traffic. That one was a tower climb with a default plug…….no other choice. I don’t know what individual did it, but I hope they are mercilessly heckled by their coworkers. And I do appreciate the mafioso knee breaking jokes, but I don’t actually wish them any injury. -Adam From: AF <af-boun...@af.afmug.com <mailto:af-boun...@af.afmug.com> > On Behalf Of castarritt Sent: Tuesday, February 22, 2022 6:06 PM To: AnimalFarm Microwave Users Group <af@af.afmug.com <mailto:af@af.afmug.com> > Subject: Re: [AFMUG] The weirdest coincidence There are rumors that I might on occasion reboot the 450 AP when I mean to reboot an SM, but nothing proven... I also came this >< close to rebooting core NAT router once before I realized the winbox session I was looking at wasn't the one I had open for that customer's managed wi-fi router. On Tue, Feb 22, 2022 at 2:22 PM Steve Jones <thatoneguyst...@gmail.com <mailto:thatoneguyst...@gmail.com> > wrote: Sounds like maybe you send me an address and maybe a noob takes a few weeks off to let a knee injury heal. Just sayin, noobs are clumsy On Tue, Feb 22, 2022, 1:21 PM Colin Stanners <cstann...@gmail.com <mailto:cstann...@gmail.com> > wrote: That brings up big questions of why the noob thought they'd have permission to do that, and why someone gave them a password with AP control access. On Tue, Feb 22, 2022 at 12:23 PM <dmmoff...@gmail.com <mailto:dmmoff...@gmail.com> > wrote: Nevermind. Some noob was shutting off Aps trying to disable users. From: dmmoff...@gmail.com <mailto:dmmoff...@gmail.com> <dmmoff...@gmail.com <mailto:dmmoff...@gmail.com> > Sent: Tuesday, February 22, 2022 1:07 PM To: 'AnimalFarm Microwave Users Group' <af@af.afmug.com <mailto:af@af.afmug.com> > Subject: The weirdest coincidence I just had five different PMP450 AP’s go down at the same time at five different towers. In all cases the switch reports link, but I get zero Rx traffic. Power cycle doesn’t bring any of them back up. WTF just happened? Some kind of bug? -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com -- AF mailing list AF@af.afmug.com <mailto:AF@af.afmug.com> http://af.afmug.com/mailman/listinfo/af_af.afmug.com
-- AF mailing list AF@af.afmug.com http://af.afmug.com/mailman/listinfo/af_af.afmug.com
