Captive Portal Attributes
The UE-IP address and UE-MAC address parameters are decrypted at the beginning of each user online control request.
This is because the captive portal (CP) encrypts the IP address and MAC address parameters in each redirection to the subscriber portal. The controller decrypts the UE-IP address and UE-MAC address before returning the response, by using the Encrypt and Decrypt API.
RUCKUS One has an internal service decrypts MAC addresses and IP addresses. In RUCKUS One that is invoked with POST https://{{nbiIP}}:443/portalintf, RequestCategory" = "GetConfig" and "RequestType" = "Decrypt" and “Data” containing the data to be decrypted.
When a client gets redirected by the AP or RUCKUS One to the external portal, the external portal receives the client MAC address and client IP address in the encrypted format. If the external portal needs to see the unencrypted addresses, it can use the API call above. Otherwise, when the external portal needs to send an authentication request to RUCKUS One(a login call), it sends the client MAC address and IP address in the encrypted format.
Redirection Attributes
The following table lists the parameters provided by the controller's captive portal redirection.
| Attributes | Description |
|---|---|
| client_mac | Encrypted UE-MAC address. Note: The format of
the MAC address is defined at the Hotspot (WISPr) Portal
configuration. |
| mac | AP MAC address. |
| proxy | The UE browser if it is set to the Web proxy. |
| reason | Reason for redirecting the WLAN. The
value could be either of the following:
|
| nbiIP | RUCKUS One subscriber management external IP. |
| ssid | The broadcasted SSID name. |
| startUrl | The URL as per the hotspot configuration, which is to be redirected after successful login. |
| uip | Encrypted UE-IP address. |
| url | Original URL which the customer tries browsing. |
| vlan | VLAN which the customer is set to. |
| wlan | WLAN ID of the UE's associated the WLAN. |