Hi there,
I'm new to hotspot world I have some questions.
I have setup a hostpot with external webiste login page with Socials (Facebook/Google) ex: company.mydomain.com
Also I have created wildcard certificated with let's encyrpt and is trusted.
My DNS name is login.mydomain.com
So all working great about HTTPS.
Some questions / problems
1) I use wallgarden to allow the traffic to facebook and google to able to allow clients to login, so I have allowed
*fbcdn.*, *facebook.*, *google*,*gstatic.com ( In reallity I have more strict rules using deny for video/playstore/facebook content, using the deny rule)
The problem is some times when the user visits a domain like https://ebay.com is not reditrected to login page (Untrusted SSL) and some times with other websites (https) is redirected
This strange right? On an other router using only facebook login, this (redirect to login.mydomain.com) works great on any website. Any clue?
2) On airports when you connect to wifi it automaticaly pop-ups you to login page or message to go to login. As I know google uses connectivitycheck.gstatic.com or clients3.google.com
This should be blocked or not. There is different behaviour on android / desktop (chrome/firebox reacts differently). How you have solved this issue?
3) Can i block all traffic from 443 (excluding google/facebook/mydomain.com) and force them to reditrected to login.mydomain.com?
I think with his way users will never see again untrusted SSL for websites