Setup Instructions
    Windows Server 2008 R2
       Captive Portal
          Free wireless hotspot for guest/patrons


Do you also want to block objectionable websites?  No  (click to change)


Implementation Considerations

Use a standard LAN with a hardware firewall as the default gateway, see the Network Examples.
     Notice that proxy/SOCKS, ISA, or ICS is not compatible.

The guest LAN should be completely isolated from any internal/office LAN as shown in Network Examples.
     You should mitigate problems as discussed in FAQ 34, FAQ 39, FAQ 113, FAQ 126.

This DNS Redirector server and all clients cannot be separated by a NAT device, see FAQ 37, FAQ 142.
     Every client should use the IP of the DNS Redirector server as their default DNS server (usually provided via DHCP), another DNS server cannot exist in-between.

This system will need 1 static IP address.
     (Do this under TCP/IP properties, do not use a DHCP reservation)


Install prerequisites

Download and install the Microsoft .NET Framework 4.6.1

Revisit Microsoft Update until no .NET Framework 4.x updates remain
     Some .NET updates appear to stall, be patient, it will complete

Restart your computer (really, do restart even if the installer did not prompt you to)


Setup the welcome website

Download a sample welcome page

Right-click the .zip file you just downloaded
     Select properties
     Click the Unblock button (if this button is not present just proceed), then OK
     Extract the contents to a new folder C:\Inetpub\welcome

Verify that "ASP" and "Server Side Includes" are installed with IIS (see screenshot)

In IIS Manager create a site:
     Site name: dnsredir-welcome
     Content Directory, Physical path: C:\Inetpub\welcome
     Binding, Type: http | IP address: pick the static IP address you assigned to this system | Port: 80
     Host name: leave blank
     [checked] Start Web site immediately

Verify the Default Document is: welcome.asp (must be listed first, remove all other default documents)

Under Error Pages, Edit Feature Settings, set: Custom error pages (see screenshot)

Verify the Error Pages are set:
     Status Code: 403.1 | Path: /welcome.asp | Type: Execute URL
     Status Code: 404    | Path: /welcome.asp | Type: Execute URL
     Status Code: 414    | Path: /welcome.asp | Type: Execute URL

Verify the HTTP Response Header is set: (see screenshot)
     Cache-Control: no-store, no-cache, post-check=0, pre-check=0
     META tags which preventing caching (as included in our example pages) are required in addition to this HTTP Header (see rfc2616-sec14.9 and msdn)

Under ASP, Enable Parent Paths, set: True (see screenshot)

Check NTFS permissions on the root folder (see screenshot)
     (see kb981949)

Depending on the sample welcome page you downloaded, look in C:\Inetpub\welcome for a readme shortcut and follow the instructions.


Setup DNS Redirector software

Download the software from http://dnsredirector.com/download and run the file

     -- This software will run as a demo (all features and capabilities) for 25 days --

     If you are upgrading see FAQ 103.

Open dnsredir.ini and set the following
     ListenOnIP= to be the static IP address you assigned to this system
     SimpleDNS=simpledns.txt
     DNSServerIP= to be the IP of a DNS server provided by your ISP
     RedirectIP= to be the static IP address you assigned to this system
     AuthKeywordsFile=authorized.txt
     AlwaysKeywordsFile=always.txt

Create a new file simpledns.txt within C:\DNSREDIR
     Open this file and add the following lines...
192.168.0.3 surfon.dnsredirctrl.com
192.168.0.3 welcome.wireless.example.com
     ...replace "192.168.0.3" with the static IP address you assigned to this system
     ...replace ".wireless.example.com" with the DNS suffix of your network

Create a new file authorized.txt within C:\DNSREDIR
     Open this file and add just one line...
surfon.dnsredirctrl.com
     This file contains domain names that authorize the client, you can change this DNS record to be whatever you want,
     so long as you change it both in this file, and in the last welcome page the client visits (ok.asp in our sample files)

Create a new file always.txt within C:\DNSREDIR
     Open this file and add the following lines...
^dns\.msftncsi\.com$
always.wireless.example.com
     ...replace ".wireless.example.com" with the DNS suffix of your network
     This file contains domain names that clients may visit even if they have not been authorized, see FAQ 159.

Run fixNTFS.bat
     This fixes NTFS security on C:\DNSREDIR and files, see FAQ 129.

Run fixFirewall.bat
     This will allow DNS Redirector and IIS connections through the firewall, see FAQ 102.

Run dnsrsvc-install.bat
     This will install the service
     Then start the DNS Redirector service


Testing and Implementation

On this DNS Redirector server, verify the welcome website is running by visiting http://192.168.0.3
     Replace "192.168.0.3" with the static IP address you assigned to this system
     With some browsers, you must type the http:// part before the IP address

On a test client (different computer/laptop connected to the same network), verify the welcome website is running by visiting http://192.168.0.3
     Replace "192.168.0.3" with the static IP address you assigned to the DNS Redirector server
     With some browsers, you must type the http:// part before the IP address

On the same test client, under the network adapter properties, under TCP/IP properties,
     select "Use the following DNS server addresses" and put in the static IP address you assigned to the DNS Redirector server.
     Leave the second DNS server field empty

On the same test client, browse the Internet
     When you visit any website you should be redirected to the welcome site

Change your DHCP scope to hand out the DNS Redirector server IP as the default DNS server for every/new client on the network.
     Your DHCP scope options may be controlled by the firewall/router to the Internet or by a server.
     Specify only the DNS Redirector server IP, remove all others.
     After changing DHCP, all clients will need to be restarted to pickup a new lease with the new DNS server.


General Information

Search for "Category: RedirectIP function" in the FAQ for more assistance.

Understand that only domain names can be added to keyword lists, not URLs, see FAQ 79.


For third-party software that is known to work with or aid in the use of DNS Redirector see FAQ 71.


License

For licensing information; including multi-site use, IT consultants/system integrators, and upgrades see FAQ 2.

Your concurrent client license should be big enough to support your network, see FAQ 98.

For the complete software license agreement see: dnsredirector.com/license

 
DNS Redirector | Legal Information | 2003-2017