View Categories

DHCP Option 114 – Captive-Portal Identification (RFC 8910)

DHCP Option 114, also known as Captive-Portal Identification, is defined in RFC 8910. It allows DHCP servers to inform clients of the presence and location of a captive portal — typically a web-based login page that the user must interact with to gain network access.

Purpose #

When a device connects to a network and requests an IP address via DHCP, the server can include Option 114 to point the client to a captive portal URL. This enables a seamless and standardized way for clients (e.g., phones, laptops, tablets) to detect and automatically interact with captive portal environments.

Key Benefits #

🔹 Standardized Client Detection #

  • Ensures consistent behavior across different operating systems (macOS, iOS, Android) that support captive portal detection.

  • Reduces reliance on DNS hijacking or HTTP interception to trigger login pages.

🔹 Improved User Experience #

  • Clients can automatically open the correct login page immediately after connecting.

  • Reduces confusion for users who expect to be redirected but aren’t due to network/browser restrictions.

🔹 Security and Transparency #

  • Since the URL is explicitly delivered via DHCP, there’s less need for network manipulation (like redirecting traffic), which can cause SSL/TLS warnings.

  • Can support HTTPS URLs, improving trust and security during portal access.

🔹 Better Compatibility in Enterprise Environments #

  • Especially useful in guest networks, schools, and enterprise deployments where BYOD (Bring Your Own Device) is common.

  • Streamlines onboarding for non-managed devices.

 

Typical Use Case in Netgraph #

When Option 114 is enabled in a Netgraph environment (such as through the Service Gateway DHCP configuration), guest and unmanaged devices can be directed to a custom authentication portal immediately upon connecting to the network. This feature enhances both control and usability in environments requiring authentication or user consent before granting full access.

Portal API Integration #

Your deployment supports a full Captive Portal API behind Option 114. Clients can interact with various endpoints during a session:

  • /api/session: Session start, including metadata such as client IP/MAC.

  • /api/end: Triggered when the session ends, either by expiry or manual disconnect.

  • /api/venue: Returns a link or content to redirect users to a local website (e.g., a city or venue page).

Platform Compatibility #

Android #

  • Automatically detects the portal using Option 114.

  • Displays a notification and a persistent link in Wi-Fi settings for returning to the portal or venue page at any time during the session.

Apple (iOS & macOS) #

  • Captive portal opens automatically on connection.

  • Users can return to the portal via Settings → Wi-Fi → [Network Name], where a link to the venue page remains accessible.

⚠️ Windows (Microsoft) #

  • Does not support Option 114 (RFC 8910) natively.

  • Uses a separate connectivity test method involving a probe to a Microsoft URL (e.g., http://www.msftconnecttest.com).

  • As a result, Windows devices do not act on Option 114.

🛠 Fallback Mechanism #

To ensure broad compatibility, our implementation includes a traditional HTTP-based redirect. If Option 114 is not supported, devices like Windows will still be guided to the portal via HTTP interception on their first web request.

Netgraph
Powered by  GDPR Cookie Compliance
Cookie Overview

What are cookies?

Cookies are small text files consisting of letters and numbers. These are sent from Netgraph Sverige AB or our partners' web servers and stored on your device (for example, computer or mobile). They can be stored in two different ways.

Session cookies are temporary cookies that disappear when you close your browser or app.
Persistent cookies are cookies that remain on your computer until you delete them or until they expire.

Different types of cookies

Both our website and others, such as Facebook or Google, may place cookies on your computer when you visit this website. Cookies from the website you are visiting are called first-party cookies and cookies from other websites are called third-party cookies.

Other files, similar to cookies, are web beacons and similar technologies. Web beacons are small transparent graphic images that may be contained in emails we send to you.

Why do we use cookies?

We use cookies to make your visit to our website as enjoyable as possible, and to improve it even more. However, we do not store IP numbers or similar personal data about you.

Functionality cookies improve your experience

We store cookies about the pages you have visited to make your experience on our website as smooth as possible. For example, we can prevent you from seeing a pop-up window more than once.

Analytics cookies help us to make our website better

We use cookies to collect aggregate analytical information about how you use the site, such as statistics on our most popular pages. With the information we get, we can improve our web and our offers.

Deleting cookies

Your browser or device usually allows you to set which cookies can be stored on your computer. For example, you can choose to block all cookies, only accept cookies from the website you are visiting or delete all cookies when you close your browser. Look under Settings.

Questions?

Do you have any questions about how we use cookies? You can always reach Netgraph Sverige AB's data protection officer at info@netgraph.se

This information was updated on August 26, 2024.