Captive portal issue (DNS rebind)

lostdog · May 20, 2022, 12:25am

I just checked in to a Hyatt property and tried connecting to the Internet. They have Ethernet ports in the room so I’m hard wired.

When trying to log in, the captive portal page would time out. The DNS page showed DNS Rebind Protection as “off” but no matter what I tried I could not get to the captive portal page for the hotel network.

On a hunch, I went in to advanced options in luci and in the “DHCP and DNS” page I discover that despite showing “off” in the GUI interface, it was in fact “on” in luci. I was able to turn it off on luci and then connect to the hotel captive portal.

My next problem is figuring out why my wireguard client won’t connect now (despite it working if I connect to my cell phone hotspot).

alzhao · May 20, 2022, 8:45am

Yes. It is a bug.

Details or update?

lostdog · May 20, 2022, 10:47pm

I’m leaning towards the hotel blocking ports above a certain range. My wireguard was running on port 51820 while OpenVPN was port 1195. OpenVPN worked without issue but wireguard only timed out.

When I got to the airport today I connected to their wifi and wireguard connected and I used it successfully.

kennethrc · May 21, 2022, 12:34am

Yeah, a lot of sites block UDP (at least those not on 443) too. That happens frequently on Airport WiFi and I have to switch to OpenVPN.