andrew-bibb / cmst

QT GUI for Connman
174 stars 38 forks source link

Can't Connect to WiFi Guest Network at Work #186

Closed ArchiMark closed 4 years ago

ArchiMark commented 6 years ago

Have one of the newly released Planet Computer pocket size Gemini PDA.

Installed Debian on it. The image available has Connman and cmst.

WiFi works well on it everywhere except at my workplace.

There is a guest network at work that all my other personal laptops (running linux...) can connect with OK. However, have been unsuccessful connecting with the Gemini.

Have tried with Firefox ESR and Chromium that were included in image.

Even though I can see the guest network and shows I'm connected in cmst, the browsers will not go to the login page.

It is the type where you have to see the page, click on a tiny checkbox to agree to terms & conditions, then click on the connect button, then you get taken to a company related webpage, and you're good to go web-surfing wherever you like.

I've looked through the various items in Connman/cmst windows, and tinkered a bit with some settings, but nothing seems to fix this.

Have tried various suggestions mentioned on various websites about not connecting to public WiFi networks, but nothing works. Have tried typing in the network IP address in browser, typing in neverssl.com, etc.

In the Details tab, it says:

Connection: wifi_0009345a845c_4b61697365724775657374_managed_none

Service Details: Service Type: WiFi Service State: Ready Favorite: Yes External Configuration File: No Auto Connect: On

Name Servers 8.8.4.4 8.8.8.8

Time Servers 192.168.0.1

IPv4 IP Address Acquisition: DHCP IP Address: 192.168.0.11 IP Netmask: 255.255.255.0 IP Gateway: 192.168.0.1

IPv6 section is blank

Ethernet Connection Method: Auto Interface: wlan0 Device Address: 00:09:34:5A:84:5C MTU: 1500

Wireless Security: None Strength: 60 Roaming: No

Proxy Address Acquisition: Direct

VPN Provider

section is empty

In browser, I get following message:

Unable to connect

Firefox can't establish a connection to the server at 10.224.128.40

In URL field, I see:

10.224.128.40/upload/custom/PK-EDGE-CP/index.html?cmd=login&mac=00:09:34:5a:84:5c&ip=192.168.0.11&essid=%20%00%00%00%00%00%00%00%00%00&url=http%3A%2F%2neverssl%2Ecom%2F

*** Please note that I altered a few letters/numbers in the URL above.

Again, the Gemini PDA connects OK to my WiFi network at home, but there I am able to enter password myself.

If you need me to check on some things and provide info, let me know.

Any suggestions of what to do to be able to get to the login page would be greatly appreciated!

Thanks,

Mark

andrew-bibb commented 6 years ago

Thank you for the detailed information. Unfortunately what you are doing and what has been output for the service details seems correct.

The webpage login is a captive portal. Connman will attempt to recognize these and if it senses one will send a message via DBus to an Agent if one is registered. CMST does register as an Agent and should pick up the signal (it has worked for me in the past). One thing I've noticed is that you seem to only get opportunity to get to the web page once.

I'm not seeing anything obviously wrong so I'm kind of shooting in dark. Two things I'd try:

1) When I've been somewhere I know there is a captive portal and for whatever reason the web page has not been presented I can usually get it up by trying to go to google.com in the browser. Been my experience that captive portals will intercept that and redirect to the login page.

2) This one is ugly and sounds a lot like Bill Gates. As root go into /var/lib/commnan and completely delete the folder that should be called: wifi_0009345a845c_4b61697365724775657374_managed_none Shut down CMST and Connman, restart each (or just reboot your device) and then open up CMST. Make sure Wifi technology is on and from the WiFI tab try to connect to this service again.

When CMST catches the DBus signal it should open up a dialog showing all web browsers it could find and asking you which you want to use to continue with the login.

I'm spending a lot of time outdoors these days, but let me know what comes up, any error messages, etc. I'd like for this to work, but may not be able to respond to later in the evenings.

A-

ArchiMark commented 6 years ago

THANK YOU for your detailed and helpful reply. Greatly appreciate it!

Tried going to google.com and no go...

So did step 2 in your message. Rebooted..

Opened up CMST. I hi-lighted my guest network and clicked on Connect button.

Got message:

CMST Warning

! We received a DBUS reply message indicating an error.

Error Name: net.connman.Error Already connected

Error Message: Already connected

So, opened up Firefox ESR browser, and tried going to google. No go...tried going to neverssl.com....same thing, get same error message as in my original post above.

ArchiMark commented 6 years ago

Any other suggestions?

Thank you.

andrew-bibb commented 6 years ago

Oh well that was worth a shot at least.

One thing I'm wondering about is the nameservers field. 8.8.4.4 and 8.8.8.8 are both Google name servers. Did they come in when Connman tried to autoconfigure the service? I don't know a whole lot about this networking stuff, but seems to me that if the captive portal is blocking connections to the internet then having a domain name server located on the internet will not work.

ArchiMark commented 6 years ago

On May 20, 2018, at 4:33 PM, andrew-bibb notifications@github.com wrote:

Oh well that was worth a shot at least.

One thing I'm wondering about is the nameservers field. 8.8.4.4 and 8.8.8.8 are both Google name servers. Did they come in when Connman tried to autoconfigure the service? I don't know a whole lot about this networking stuff, but seems to me that if the captive portal is blocking connections to the internet then having a domain name server located on the internet will not work.

Makes sense what you say.

It’s possible that Connman did this, but not completely sure.

I haven’t figured out how to delete the Google name servers.

andrew-bibb commented 6 years ago

To change the nameservers use the "configuration" button at the bottom right corner of the details tab with your wifi connection selected in the "service" box on that page. If Connman put those there changing them is probably wrong. I've never seen an automatically configured connection with those filled in. Doesn't mean it is not right, just means I've never seen that.

Is there any documentation about configuring your work guest internet connection you can post without divulging any information you're not supposed to? I'm wondering if there may be some information in there that would help.

ArchiMark commented 6 years ago

Thanks for your latest reply and input.

I don't recall inputting the nameserver info in Connman.

I will try to get some info from one of my IT buddies. Will report back after I've discussed with him.

ArchiMark commented 6 years ago

Had one of the IT guys I know try to help me with this. Tried a few things, but nothing worked.

I did try deleting the nameservers field (8.8.4.4 & 8.8.8.8) and then try to connect. Did not work.

Checked the Details window and now it shows 8.8.4.4 & 8.8.8.8 again in the nameservers field.

????

UPDATE

I went to a place nearby with free wifi...

Was able to connect to their login page with no problem.....

Go figure.....

Tried company guest network again and still get error message....

Someone suggest disabling Connman and try NetworkManager....

Installed it and tried....but no go either...

Seems to suggest that issue is something about the company guest network settings, right?

andrew-bibb commented 6 years ago

I just came back from a business trip and ran across a captive portal that seemed to do exhibit this same behavior. Opening up a browser window would result in a "page not found" error for any destination. The solution was to use 8.8.8.8 in the destination bar. Once I did that you could see the browser getting redirected to the captive portal login page, from there it all worked fine.

If this solves any of these problems for you guys I could implement a control to manually force a browser request with the address.