Hello, when a wifi client connects to a GuestPass SSID on an access point, does the access point proxy or encapsulate the communication back to the ZoneDirector for GuestPass authentication ? - or does it simply allow the wifi client to talk directly to the ZoneDirector using the wifi client's souce IP address to get the authentication web splash screen ?
The ZoneDirector authenticates Guest Pass SSIDs, and allows the client's initial browser homepage TCP-SYN to go out, then hijacks the return SYN-ACK and presents the Guest Pass login page. After successful authentication, the client (typically) then sees their homepage and have network access.
Hello, thank you. I understand the wifi access point will NAT the client's source IP address when sending a request to the ZoneDirector for retrieval of the Guest Pass login page. My question is, does the return traffic from the ZoneDirector to the access point also get 'destination NAT'ted) i.e. does the Zonedirector convert the destination IP address of the wifi client to the IP address of the wifi access point when sending back the Guest Pass login HTML data ? Then upon receival, the wifi access point will NAT the destination address back to the original IP of the wifi client.