The Hotspot Web Portal provides a convenient and configurable way control access to the Internet through the router's built-in wireless networks, or VLANs if using separate VigorAP Access Points.
Through Hotspot Web Portal, users are presented with a Welcome page with Terms and Conditions to accept before access to the Internet is granted. The authentication methods available can be set up to require that users provide their details, before they can access the Internet.

Each Hotspot Web Portal profile (up to 4 per router) supports extensive customisation of the interface displayed to users. Users that connect to the Hotspot network can be shown branding and details of the company providing the network, with terms and conditions or an acceptable use policy.
{tab Login Methods}
Hotspot Web Portal Login Methods
Hotspot Web Portal profiles applied to a network, VLAN or SSID can be configured with one of five modes, each one presents different options to users that connect to the Hotspot network:
| Login Method | Description |
|---|---|
| Skip Login | Bypasses the Hotspot Web Portal Login screen and directs users to the configured Landing Page or displays the specified Bulletin Board message |
| Click Through | Display branding for the network with a Welcome message and Terms and Conditions. The user must agree to the Terms and Conditions to proceed |
| Social Media Login | Users can authenticate with their Google or Facebook account |
| SIM PIN Code | Users can authenticate with a unique PIN code by sending a text message to their phone |
| Social & PIN Code | Users can choose whether to authenticate with an SMS PIN Code or their social media account |

Login Method Features
Each mode provides different options to users that connect to the Hotspot network, which are listed in the table below. Check the Customisation, Captive Portal & Redirection and User Experience tabs for examples of these facilities.
| Features | Skip Login | Click-Through | SMS PIN Code | Soclal Login | Social & PIN Code |
|---|---|---|---|---|---|
| Welcome Message | ● | ● | ● | ● | ● |
| Landing Page | ● | ● | ● | ● | ● |
| HTTP Redirection | ● | ● | ● | ● | ● |
| HTTPS Redirection | ● | ● | ● | ● | ● |
| Custom Logo / Branding | ● | ● | ● | ● | |
| Accept Terms & Conditions | ● | ● | ● | ● | |
| Verify User Identity | ● | ● | ● | ||
| Captive Portal Detection | ● | ● |
Login Method Requirements
Some of the available modes of operation require that the router has access to external services to function:
| Requirements | Skip Login | Click-Through | SMS PIN Code | Soclal Login | Social & PIN Code |
|---|---|---|---|---|---|
| Web SMS Provider w/credit | ● | ● | |||
| Facebook or Google App ID | ● | ● |
{tab Captive Portal & Redirection}
Captive Portal & Redirection
When users connect to a Hotspot Web Portal network, their Internet access is blocked by the router and attempts to access the Internet are directed to the router's Hotspot Web Portal page to allow users to accept the Terms and Conditions of the network, or authenticate with the network.
To point users to the router's Hotspot Web Portal address of portal.draytek.com, the router employs three possible methods:
- Captive Portal Detection
- HTTP Redirection
- HTTPS Redirection
The way in which users are directed to Hotspot Portal is specified in each Hotspot Web Portal profile. On the final page of the Hotspot Web Portal profile, there are options to enable or disable Captive Portal Detection (not available in all modes) and HTTPS Redirection.
The Hotspot Web Portal facility also performs HTTP Redirection to direct HTTP traffic to the portal page.
1. Captive Portal Detection

When a device connects to a network, it will check whether it has Internet access upon connection and where the device determines it cannot access the Internet, it will typically prompt to sign in to the network with a notification.
With Captive Portal Detection enabled, the DrayTek router can direct a user's device directly to the Hotspot Web Portal page upon connection to the network by
2. HTTP Redirection
When a user connnects to the Hotspot Web Portal network and their device does not automatically detect that it has connected to a Hotspot / Captive Portal, the router will modify the initial HTML response from HTTP websites to point access to the original site to portal.draytek.com instead. The user would then see the Hotspot Web Portal page load in their browser immediately after.
Because HTTP as a protocol is unencrypted, this method of modification will direct users to the Hotspot Portal page without page loading or certificate issues.
3. HTTPS Redirection
Many websites now employ HTTPS instead of HTTP to access their websites and this needs to be handled in a different manner than HTTP Redirection due to the encrypted nature of HTTPS.
The option to enable or disable "HTTPS Redirection" defines how the Hotspot Web Portal handles HTTPS connections for users that have not yet authenticated.
If this option is disabled, HTTPS traffic is blocked by the router until the user has authenticated and the user must access an HTTP webpage to be redirected to the router's Hotspot Web Portal welcome page.
Enabling HTTPS Redirection will modify DNS requests for access to HTTPS sites so that access to any HTTPS page will result in the Hotspot Web Portal welcome page on "portal.draytek.com" loading instead. HTTPS is designed around SSL Certificates, which validate whether an HTTPS site is legitimate or not through matching data in an SSL Certificate to the hostname / website being accessed. If these details do not match, a web browser will typically display a warning similar to the examples below.
This is caused by the HTTPS Redirection feature and is inherent to any Web Portal system that redirects HTTPS traffic. Note that in the image on the right, access to the site is blocked entirely because of HSTS - HTTPS Strict Transport Security.
Because of the confusion this can cause to end users of a Hotspot Web Portal network, it may be beneficial to leave HTTPS Redirection disabled and recommend that users access a specified HTTP website to authenticate with the Hotspot network.
![]() |
![]() |
{tab Customisation}
Hotspot Web Portal Customisation
DrayTek's Hotspot Web Portal interface is designed for both mobile and desktop clients, with the interface resizing to fit on smaller or larger screens at different resolutions.
A DrayTek router's Hotspot Web Portal profile (up to 4 profiles per router) can be reconfigured to suit your company's branding with custom logo and background images, welcome text and Terms and Conditions.
All colours, text displayed and button text can be altered to fit your requirements.
Custom Logo / Branding - Example

Custom Logo / Branding - Setup
When setting up a Hotspot Web Portal profile, there are options to specify how the portal page is displayed to users. It's possible to upload and use a background image and separate logo image, which would go in place of the default DrayTek logo.
These images are stored in the router's flash memory and will be handled in the same way as the router's web interface once uploaded.

Each page of the Hotspot Web Portal profile has customisation options for the text that is displayed on all buttons and sections.
If using the SMS PIN Code login method, the text of the SMS text message that is sent to users is customised in the Receiving PIN via SMS Content setting. This text must have the "<PIN>" text included in the message, which is replaced with the unique PIN code that is sent to the user.
The colours of many buttons can be customised using HTML Hexadecimal colour codes.
Custom text colours and text formatting can be specified by modifying the text with inline CSS style settings, as shown in the example below:

Testing and Previewing Customisations
To test customisations made, simply complete the Hotspot Web Portal profile by clicking Finish on the last page of the profile and click the Preview button in [Hotspot Web Portal] > [Profile Setup].
This will pop-up a browser based view of the Hotspot Web Portal that users would see:

{tab User Experience}
{tab-ex SMS Authentication}
Hotspot Web Portal - User Experience with SMS PIN Code
Captive Portal Detection

When a user connects to a wireless network or network that has Hotspot Web Portal applied to it, they will be directed to the Hotspot Web Portal login page if Captive Portal Detection is enabled for the Hotspot profile.
Alternatively, access to HTTP sites will be redirected to the router's Hotspot Web Portal authentication page.
Welcome Message with Terms & Conditions

The portal page will display options to authenticate via SMS code, or log in with an existing PIN code (valid for 10 minutes).
Verify User Identity

Once the user has selected Receive PIN via SMS, they will be prompted to enter their phone number to receive the SMS.
The "+ 44" option is the Country Code for the number, with +44 being used for the UK. Pressing the "+ 44" option will present a list of available country codes.
The number must be entered with the leading "0" removed. In this example, the UK mobile phone number of "07778889999" has the leading "0" removed.
This is because the SMS must be sent with a Country Code specified. If the number is sent with both the Country Code and the leading "0" digit, the number will be invalid and the user will not receive a text message.

The user will shortly after receive a text message with the 6 digit code for use with the Hotspot Web Portal network.
This code allows a single device to authenticate, the router will generate a unique code for each user that requests an SMS code.

In the Hotspot Web Portal, the user would then enter that number and click Submit to authenticate with the router.
Landing Page

After a successful authentication, the user will be directed to the specified landing page, the original page they were accessing, or an HTML bulletin message depending on the action that was selected when configuring the Hotspot Web Portal profile.
{tab-ex Facebook & Google Authentication}
Hotspot Web Portal - User Experience with Social Login
Welcome Message with Terms & Conditions

When a user connects to a wireless network or network that has Hotspot Web Portal applied to it, access to HTTP sites will be redirected to the router's Hotspot Web Portal authentication page. The portal page will display Facebook or Google as an option, or both, depending on which methods were selected when configuring the Hotspot Web Portal profile.
The Social Media login method is not compatible with Captive Portal, which can guide users to the Hotspot Portal page when connecting to the wireless network automatically. If this is required, use SIM PIN code authentication instead.
Users can view the Terms and Conditions for the Hotspot network and click Login with Facebook or Login with Google to continue.
Verify User Identity

Once the user has selected Google or Facebook, Google or Facebook will present a confirmation screen to the user to confirm whether the Hotspot Web Portal's App can access the displayed items of information.
Users must click Allow to proceed.
Landing Page

After a successful authentication, the user will be directed to the specified landing page, the original page they were accessing, or an HTML bulletin message depending on the action that was selected when configuring the Hotspot Web Portal profile.
After authenticating through a social media account, users can reconnect to the network immediately by selecting the method they have authenticated with previously. This is because the Hotspot Web Portal's App is linked to their account for authentication on request and so, does not need to request permission a second time.
Users can view which Apps are linked to their Google or Facebook account with the name that was specified during the setup process and remove this access if required.

{/tabs}
{/tabs}


Comments
0 comments
Please sign in to leave a comment.