All Collections
FAQs and Troubleshooting
Unexpected Captive Portal or Proxy
Unexpected Captive Portal or Proxy

Details on Unexpected Captive Portal or Proxy error raised by the sensor.

Written by Nicholas Von Klemperer
Updated over a week ago

The UXI sensor asserts it's external connectivity through communicating with the URL, this is a core required URL needed by the UXI sensor for it to function correctly (more details can be found in the article Which URLS do I need to make accessible for my sensor / agent to function).

The sensor performs a CURL against this URL, if it receives an HTTP response code of 200 (OK), then it means the device has external internet connectivity. If the URL is unavailable and the curl fails, the sensor will raise a "No Connectivity Beyond Gateway" error, this means the device does not have external internet connectivity. If this is the case, the sensor will not execute any of it's "external" tests. In the case of a Captive Portal or Proxy, the curl will return with either an HTTP 301 (Moved Permanently, aka a proxy) or HTTP 302 (Moved Temporarily, aka a captive portal). One can see this redirection by looking at the PCAPS captured by the sensor (either attached to a Triage Issue or captured with On Demand PCAPS):

The sensor will consult it's configuration configuration and, if there's a Captive Portal Recording present or a Proxy Configuration the sensor will react accordingly. In the case of a Captive Portal, the sensor will load the URL it's being redirected to and replay it's Captive Portal. If the recording fails, or if the replayed recording does not provide external internet access, the sensor will create an appropriate Captive Portal issue.

If there is no Captive Portal or Proxy configuration, the sensor will raise an "Unexpected Captive Portal or Proxy" error, in the triage output the device will detail the HTML page (typically the Captive Portal Landing page) which it encountered. You can render the HTML page in a simple HTML viewer:

There are important things to note about the "Unexpected Captive Portal or Proxy" error, the sensor autonomously detects the presence of a Captive Portal or Proxy. This is not a configurable test case, if a UXI sensor raises this error on one of the configured networks then it is because the network itself is forwarding the sensor to some kind of authentication page. Oftentimes this error can come about as a result of a Zscaler or security instance which is blocking connectivity (there's a dedicated section for Zscaler in the UXI trouble shooting guide).

The correct remediation for this error is either:

  1. Correctly ensure that there are by-pass rules for in any configured security / firewall instances.

  2. OR record a captive portal recording to log in the security auth service as needed.

Did this answer your question?