Teleport Stuck In Loop After Failing To Connect To Captive Portal
I think this is related to the bug posted by @Isaac-Matarasso, but I’ll post the exact steps for my report. This is all on iOS devices, latest Amplifi firmware.
- I’m staying at a Marriott property, which has a captive portal.
- I plugged the Teleport in, selected the guest network, teleport rebooted.
- After the reboot, the connection to the captive portal failed for whatever reason (blip in Marriott’s system? I was able to connect via captive portal directly from iOS devices, so maybe it was just a tiny blip in their system)
Now, every time I try to connect to the teleport, the captive portal connection fails (even though it works directly from iOS devices). Unplugging the teleport won’t “reset” the connection, it keeps trying to connect, and the captive portal page fails. Unlike his post, I can’t force it to connect to a different network now, it only wants to connect to the failing capitive portal network, if that makes sense. There needs to be a way to interrupt it connecting to a network that the captive portal page is failing on.
I could probably unplug the teleport, walk across the street to a starbucks that is out of range of the failing network, and connect to that guest network to “reset” it, but that’s not ideal, I’m just giving that as an example of what would probably interrupt the loop.
Hi @jayson-knight - I have been seeing similar problems at my fixed install site (not a hotel) where 100% of the time now my Teleport will not pass the last "Home Network" verification.
Not sure if what is happening at the hotel is the same.
Both of my Teleport's are now essentially dead - this is with firmware 2.6.3 and 2.7.1
I have sent in support files, but no word yet on a fix.
@derek-saville I’m able to confirm that my teleport is now “dead”, and even moreso, I was able to take the teleport home, reconnect, bring it back to the hotel and reproduce.
If I had to surmise the problem, it would be:
If the teleport connects to a hotel network, and the connection to the captive portal page fails, the teleport then gets stuck in some sort of endless loop trying to connect to the failing captive portal page. I don’t know how to explain it in more technical terms other than I plugged the teleport, tried to connect to a guest network at a hotel...the connection to the captive portal page failed for whatever reason, and now the teleport is rendered useless for further connections until I can reset it to the Amplifi router.
Wish I could generalize it more, but once a connection to a captive portal fails, subsequent connections will always fail until the teleport is moved outside of the range of the failing guest network, so that it can “find” a new network to connect to, without the failing network being within range, otherwise it tries to connect to the failing network repeatedly without having some sort of way to exit the loop, and connect to a different network that succeeds.
@ubnt-gunars How can I collect support info using web portal if I can’t connect to my home network via the teleport? Let me know the steps to get this done, I’m only in this hotel for one more night, and I can successfully reproduce the issue since I haven’t taken the teleport out of the hotel to “reset” it by connecting to another host network.
Thanks for your response, hope we can get this figured out!
Hi @jayson-knight - is the Teleport broadcasting its SSID?
If it is you can probably still access it with a laptop and see the auto setup portal (at least I can on mine) where it shows the 4 stages (mine is 100% failing the 4th Hone Network test stage)
On that portal page in the upper right is a Support button to access the link to create the support file at the bottom of the page.
My setup has not changed in months of flawless Teleport access.
So either AmpliFi changed something in the background or something on the internet is blocking Teleports now.
Makes no sense...
It’s an iOS 12 thing, maybe? I’m at a different hotel now (a Hyatt) and I’m getting the same problem. Here’s a screenshot. This is a huge bummer. I’m also having issues logging in via Windows though, so obviously this is a much larger problem, and I have no idea what’s going on. I’ve unpaired/paired the teleport several times, and it works when I set my phone up as a hotspot, connect the teleport to it, and test via another device. See screenshots below. I effectively have a square shaped paperweight at this point, because it does not work at any hotel with a captive portal. Thankfully I still have my backup VPN, but this is very not good. What’s the problem?
URL in error (can’t upload due to a 2mb file size limit...seriously? Your forums software can’t resize this on the fly?)
cltxd.cust.blueprintrf.com:8000/index.php?zone=guest&redirecturl=http<urlEncodedStuffFor :// >www.msftconnecttest.com%2Fredirect
@jayson-knight Oh, and the original problem still exists...now I can’t get it to connect to another network...in this case, I could still use my iPad as a hotspot and connect the Teleport through it, but I can’t get out of the loop. This is a really serious problem.
@jayson-knight Hi Jayson! Let me discuss with Teleport FW lead. Sounds like we'd first want to get out of the loop problem, and then collect support info to see what's wrong with the hotel guest portal interaction. I will get back to you later today.
Hi @ubnt-gunars - this is a very serious problem.
Both of my Teleports have been completely unusable for almost 3 weeks.
This is without any change to their environment.
My fixed Teleport install and my home network are 100% stable and unchanged in any way.
The Teleport stopped working for no apparent reason.
So either AmpliFi changed something in the background (certificate or key exchange?) or the “Internet” has figured out a way to block the Teleport.
Otherwise it makes no sense...
Just a shot in a dark on this one... are you folks using custom DNS settings (esp. the CloudFlare 184.108.40.206 DNS) or private DNS servers on your private network?
@Derek-Saville: in your support file we see that the connection to your router is timing out. Can you generate a support file from the router when the issue occurs?
Hi @albert-lee - for me no
Hi @ubnt-gunars - you are referring to the router at the home network correct?
(my remote location also uses an AmpliFi HD router which the Teleport connects to via WiFi)
@albert-lee Yes, why? I’ve been using Cloudflare for a while now w/ no issues. Has something changed?
@ubnt-gunars It works fine when I leave the hotel and use my iPhone + iPad combo. If you’d like, I can test with other captive portal environments, really want to help you guys get this one solved. It’s no coincidence that @Derek-Saville is having the same issue I would assume. I’ve only discovered it recently because I’ve been staying at a hotel w/ a captive portal. The hotel I was staying at for a few weeks prior didn’t have a captive portal.
I’m staying at another Marriott property this weekend (a property that I’ve stayed at before that I know the Teleport has worked with before), so I’ll test it again when I get there. I stayed there 2 weeks ago and it was fine.
Just giving some timeline if it helps. What I would like is steps you would need from me to get you what you need if it doesn’t work (you mentioned that I needed to get support files from the WebUI, which obviously isn’t possible if I can’t get the teleport to connect).
@jayson-knight I've periodically had issues on captive portals with CloudFlare where the internal portal is masked to 220.127.116.11 and my DNS gets fubar until I change it.
@jayson-knight getting support files when Teleport has no uplink will soon be possible. It's pretty difficult to debug this until then, but it looks like a compatibility issue with a particular hotel/captive portal. Will discuss with the team how to proceed. Do you have an iPhone?
@jayson-knight Hi! Thanks for your patience and readiness to help us with troubleshooting. I'm from Teleport FW team and I'd like to give you instructions how to download support info from your Teleport using WebUI.
Short version: Just open http://ip-address-of-your-teleport in the web browser when connected to Teleport WiFi.
First of all, Teleport doesn't need to be connected to the main Router in order to download support info from Teleport. When Teleport is connected to the hotel WiFi which requires authorization, the captive portal on the Teleport itself is disabled to allow captive portal from the hotel network to kick in. But the web server on the Teleport still keeps running all the time and it can be accessed using the IP address of the Teleport. It's recommended to use a computer to download support info. First, connect to Teleport WiFi. Depending on the OS, instructions how to get the IP of the Teleport differ, but the idea is simple: the IP address we are looking for is usually named as "Router address". In Mac OS, just click WiFi icon holding the Option key and you'll see the "Router address". Alternatively, you can take the IP address of the computer connected to Teleport WiFi and change the last number to 1. For example, if your computer address is 192.168.42.60 then Teleport address would be 192.168.42.1 When Teleport IP address is known, just open the web page http://ip-address-of-your-teleport and navigate to the top right corner for Support button and then click download support info below. Please send support info file to firstname.lastname@example.org
Hope it helps!
@Jayson-Knight, @Derek-Saville: we've also released a Teleport firmware update to beta channel, which includes a critical fix for captive portal detection. Might try that. If you're not on the beta, I can send you the firmware file directly.