CWP forced despite active LAN (Cable) connection

  • 1
  • Question
  • Updated 3 years ago
Hi,

we have an internal wifi with PSK and CWP.

Most of our employees do not shut down the wifi interface on their notebooks.

So, the problem is now that some of them will be forced to login into the CWP even though they are connected to the Cable-LAN.

I checked the priority of the NICs in Windows and also moved the LAN NIC to the first place but it doesn't helped.
I also checked the metric of both connections (netstat -nr). The metric of the LAN NIC is lower (10) as the Wifi NIC (20) .. So the traffic should run over the LAN NIC but it doesn't.

Any ideas??

Cheers,
Marcel
Photo of Marcel F.

Marcel F.

  • 5 Posts
  • 0 Reply Likes

Posted 3 years ago

  • 1
Photo of Brian Riley

Brian Riley

  • 1 Post
  • 0 Reply Likes
We had the same issue on laptops where i work.  On most laptops there is a BIOS setting that will enable WIiFi if no cable is detected and disconnect once a wired connection is detected.

Thanks,
Photo of Roberto Casula

Roberto Casula, Champ

  • 231 Posts
  • 111 Reply Likes
Connections should initiate from whichever interface has the lowest metric, unless a particular application requests that a specific interface be used.

When you say users are "forced" to the captive portal - do you mean that when they browse "normally", they get the CWP rather than the page the requested, or is it that they are seeing and clicking on the Network Connectivity Status Indicator (NCSI) popup in the system tray (the one that says "Additional login information may be required - click to open your browser")? Or is it maybe some third party software (Lenovos used to have this horrible "intelligent" network connectivity tool that caused no end of problems for example).

If it is the first of these, than that is not normal behaviour, and something weird is going on.
If it is the last of these, uninstall any such software would be my advice - it causes sooooo many problems.
If it is the middle one, then this is "normal" behaviour.

The Windows Network Location Awareness service will probe for Internet connectivity on all interfaces by trying to connect to a specific web site on the Internet and retrieve a small text file out of each interface. If the correct response is received, it marks that interface as being "Internet connected", if NO response is received, it marks that interface as having no Internet connection, however if it receives a valid HTTP response but not the one it expects but the DNS lookup for the Microsoft NCSI test site is returning the correct IP address, it assumes there is a CWP present (as is the case here) and will give you the "Additional credentials required" notification balloon.

You can permanently turn off this "probing" function of NLA with the following reg key:

HKLM\System\CurrentControlSet\Services\NLASvc\Parameters\Internet
  EnableActiveProbing - Set to 0 to disable