Click Through Splash Page Too Demanding

SOLVED
LibraryGirl
Here to help

Click Through Splash Page Too Demanding

I work for a public Library and We have a handful of mostly MR42s with a couple of MR34s and an MR18 in the mix. We have a splash page that I configured to require clicking through and accepting terms once a day. Staff are complaining that they're being required to click through numerous times. We have 2 SSIDs that Staff have access to, with a few others for other purposes. Could the multiple SSIDs be causing a problem?

1 ACCEPTED SOLUTION

(assuming your based in the USA)

 

For the 'employee' one I agree as well, remove the splash page if your already using a PSK for that. Should solve that issue at least.

 

First let me say that I am not a lawyer. What I am is passionate about seamless wireless =P

 

If your legal department for the library says you need one then by all means, follow their instructions accordingly.

 

However because your going to have a splash page your going to run into issues like you've stated, which is why myself, and other wireless people in the industry are so against them.

 

 

 

 

As for the whole captive portal/splash page thing.

 

 

I use to do work at a large university, many thousands of students, very large, thousands of access points. They would get a letter in the mail almost weekly about mis-use and users downloading content and tormenting etc.  First time I saw this happen, the guy opened up the letter, realized what it was, and walked over and tossed it in the trash.

 

From all the discussions I have had with other wireless people, the captive portal apparently doesn't serve any real legal purpose. It might make management/legal department feel at ease, but otherwise from all I've talked and read about, that's about it (other than cause issues for IT department lol).

 

It certainly is a debatable topic, with people on both sides of the fence, but that fence has been leaning more and more towards getting rid of them as time passes, and wireless becomes a staple everywhere.

 

I would certainly advice that it might be in your best interest to implement content filtering at a minimum, to avoid people from being able to torrent and what not. That I do recommend.

 

Bottom line is anyone can TRY to sue for this, but winning the case is another story. Has yet to be done as far as I've been able to find online. AUP/ToS page isn't going to stop it from happening, so your legal department is going to get good at throwing crumpled up paper into the trash like a basketball unless you start blocking it   😃

 

Large companies have done away with them, like Apple, Disney, Google, major international airports etc., so that the guest experience is trouble free. If those legal teams concluded it ain't necessary, then the rest should follow their lead haha.

 

Here are some links on the topic:

 

I'll point you to this link here, which is worth a read (maybe send this to your legal team lol).
 
 
 
Some interesting links:
 
 
 
 
Example of how this topic is still a debatable one:

 

Nolan Herring | nolanwifi.com
TwitterLinkedIn

View solution in original post

10 REPLIES 10
NolanHerring
Kind of a big deal

Are the devices connecting to both SSID's?

Do both SSID's have splash page configured? (If so why? if they do the same thing why not just use one etc.)

How do you have your splash page configured (screenshot here would help), to see frequency etc.

Are all the access points on the same VLAN/subnet for authentication purposes or are they going from one L3 network to another?

Assuming we are talking just a single network correct? Or is one building network-1 and another building network-2 etc. type of deal.

What version firmware is the network operating on?
Nolan Herring | nolanwifi.com
TwitterLinkedIn

Also, because I like to poke the bear, is the splash page there for any real reason?

Going to assume people see 'Library Free Wi-Fi' and they click it, pulls up a splash page with a bunch of stuff nobody reads, and a button that says 'Accept' and then they click it and now they are 'on the line' etc.

If you could convince management to do away with it, oh what a wonderful world it would be. People connect to that 'Library Free Wi-Fi' SSID and WHABAM ! they are on and done and nobody has any issues ever again WHIPPIE !

Tell your boss they don't need a splash page telling them they are in the library. They are the ones physically there, they should already know where they are lol. Don't make it any harder =P
Nolan Herring | nolanwifi.com
TwitterLinkedIn

Hi Nolan,

 

Whew! Thanks for the response. I see you're kind of a big deal so... I'll do my best here. 🙂

 

I think that staff do connect to both SSIDs, arbitrarily. One SSID is called "encrypted," and has a password, the other is just "free." I know that the worst reason to keep doing something is because that's the way it's always been done, but, to be honest, that's the reason why we still have two public SSIDs. I'm happy to do away with the encrypted SSID.

 

All APs are on the same VLAN.

 

This is a single network.

 

Firmware MR 25.13

 

So, we only recently implemented the splash page, and we HAD to, because we received a whole slew of Copyright Infringement notices. Somebody was doing some peer-to-peer activities here in our free wifi. I did block peer to peer in the firewall, but to satisfy the copyright office I had to post the compliance agreement.  =D

 

Thank you Nolan!!

 

 

 

splash.JPG

Actually, what I had planned on doing to keep Staff happy is just create a non-splash SSID for them.

jdsilva
Kind of a big deal


@LibraryGirl wrote:

One SSID is called "encrypted," and has a password


I would suggest that implementing both a pre-shared key and a splash page is unnecessary and makes for a poor user experience. My preference here would be to remove the splash page off the encrypted SSID, and direct your staff to use the encrypted SSID and not the "Free" SSID. 

Bossnine
Building a reputation

I agree with the solution of removing the splash page from the password protected SSID; however, it doesn't really solve the issue of why the splash page is causing so many issues.   I also have a splash page on my BYOD or guest use wifi and even though I have it set for 90 days it still bothers the users all too often. 

 

I also want to just remove it, but then again we have a legal department that isn't too happy about that.

(assuming your based in the USA)

 

For the 'employee' one I agree as well, remove the splash page if your already using a PSK for that. Should solve that issue at least.

 

First let me say that I am not a lawyer. What I am is passionate about seamless wireless =P

 

If your legal department for the library says you need one then by all means, follow their instructions accordingly.

 

However because your going to have a splash page your going to run into issues like you've stated, which is why myself, and other wireless people in the industry are so against them.

 

 

 

 

As for the whole captive portal/splash page thing.

 

 

I use to do work at a large university, many thousands of students, very large, thousands of access points. They would get a letter in the mail almost weekly about mis-use and users downloading content and tormenting etc.  First time I saw this happen, the guy opened up the letter, realized what it was, and walked over and tossed it in the trash.

 

From all the discussions I have had with other wireless people, the captive portal apparently doesn't serve any real legal purpose. It might make management/legal department feel at ease, but otherwise from all I've talked and read about, that's about it (other than cause issues for IT department lol).

 

It certainly is a debatable topic, with people on both sides of the fence, but that fence has been leaning more and more towards getting rid of them as time passes, and wireless becomes a staple everywhere.

 

I would certainly advice that it might be in your best interest to implement content filtering at a minimum, to avoid people from being able to torrent and what not. That I do recommend.

 

Bottom line is anyone can TRY to sue for this, but winning the case is another story. Has yet to be done as far as I've been able to find online. AUP/ToS page isn't going to stop it from happening, so your legal department is going to get good at throwing crumpled up paper into the trash like a basketball unless you start blocking it   😃

 

Large companies have done away with them, like Apple, Disney, Google, major international airports etc., so that the guest experience is trouble free. If those legal teams concluded it ain't necessary, then the rest should follow their lead haha.

 

Here are some links on the topic:

 

I'll point you to this link here, which is worth a read (maybe send this to your legal team lol).
 
 
 
Some interesting links:
 
 
 
 
Example of how this topic is still a debatable one:

 

Nolan Herring | nolanwifi.com
TwitterLinkedIn

Sorry also for going on that rant. As for the original issue, see how it goes after you remove it from the employee SSID and then double check your settings.
 
 
 
 
The Splash Page Appears More Frequently than Expected
 
For the best splash page experience, users should have their web browsers configured to accept cookies. Failure to do so may result in the user seeing the splash page on a more frequent basis than is required by Dashboard configuration. For example, a user who clears their web cache or has their browser configured to not accept cookies they will only see the Splash page at the configured interval as long as the gateway AP is not rebooted. If the gateway AP reboots, they will be required to authenticate again or present the cookie to the splash server. 
 
When Captive portal strength is set to Allow non-HTTP traffic prior to sign-on a user will not notice any loss of network access except HTTP (TCP port 80).  When the user attempts browse to a new HTTP web page in their web browser, they will be redirected to the splash page. If the browser cookie is present in their web browser cache, the user will be authenticated in the background - they will not see the splash page because the cookie identifies them as authenticated.  
 
If Captive portal strength is set to Block all network access the user will lose network connectivity until they authenticate again, by opening a web browser.
Nolan Herring | nolanwifi.com
TwitterLinkedIn

Guys. This is great. Thank you. I have some homework to do. I appreciate all of these answers. Off to do some recommended reading!

I have some homework to do " I see what you did there @LibraryGirl good to see a sense of humour!

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels