Hello Meraki peeps, I have an issue with the click-trough captive portal. I wanted to setup a page where I can ask the user to enter a voucher code. This code is generated on my web-server in a small voucher management system. Once the user inserts this code and submits the form, the DB is checked for the voucher validity and then authenticates the user/client on the AP, granting network/internet access.   This works beautifully, BUT I've just found out that you can completely bypass the form by editing the url a bit. Here is how: - Once connected to the AP the following appears in the browser url: http://myexcapwebsite.com/voucher.php?base_grant_ url=https%3A%2F%2FnXXX.network-auth.com%2Fsplash%2Fgrant&user_continue_ url=http%3A%2F%2Fgoogle.com%2F&node_mac=00:18:0a:xx:xx:xx&client_ ip=10.128.128.120&client_mac=xx:xx:xx:xx:xx:xx - here is where the voucher form appears - And now here's the magic, by modifying the base_grant_url and decoding the special chars we get the following url: https://nXXX.network-auth.com/splash/grant?continue_url=http://google.com - Entering this (using the XXX written in the real url) into the url will grant you immediate access no password, voucher or form input needed!   Has anyone ever comme across this issue? I looked into using sign-on, but none of the options are as flexible as I need it to be. I've already started developing my voucher management system.   I'm losing my mind over this please help!         ... View more