How does Windows know whether it has internet access or if a Wi-Fi connection requires in-browser authentication?
In Windows 7, the notification area networking icon will show an error indicator if there is no internet access 
, and the error icon goes away once there is a successful connection to the internet 
. Sometimes, if the WiFi connection requires an in-browser authentication step, like on many guest networks in hotels or universities, then the following pop-up bubble appears, saying as much:
How does Windows know whether or not it has a successful internet connection?
Presumably it is checking some online Microsoft service to see whether it has a successful connection, gets redirected to some other page, or doesn't get any response at all, but I haven't seen anywhere that this process or the services used are documented. Can anybody explain how this works? I would prefer answers that refer to facts, rather than just guessing, but if you have a really good guess, then go for it.
This question was a Super User Question of the Week.
Read the May 16th, 2011 blog entry for more details or submit your own Question of the Week.
Solution 1:
After some digging (the sheer number of network and Internet related services in Windows is astonishing), I think I found it. Windows Vista and 7 have a variety of Network Awareness features, one of which is the Network Connectivity Status Indicator that performs connectivity tests that in turn are used by the network systray icon. The test for internet connectivity is simple:
- NCSI tries to load a specific page via HTTP (more precisely: a text document) and tests whether it can be retrieved.
- If that is not successful, Windows reports "No Internet access".
The mechanism also checks whether the domain the document is hosted on resolves to the expected IP address. So, it might also assume proper internet access if this test is successful but the document can't be retrieved.
The reason it reports "No Internet Access" when you haven't authenticated on a Hotspot yet lies in the way a Hotspot works. It blocks all ports besides 80 and 443 (for HTTP and HTTPS, respectively), which get redirected to the Hotspot's authentication server and might mess with DNS requests in one way or another. Thus, NCSI can neither resolve the domain its test file is hosted on, and even if it could it wouldn't reach the actual file because HTTP traffic is redirected to the Authentication server.
Source: http://technet.microsoft.com/en-us/library/cc766017%28WS.10%29.aspx
Solution 2:
Here are the details of the connection status determination process:
The following list describes how NCSI might communicate with a Web site to determine whether a network has Internet connectivity:
A request for DNS name resolution of
dns.msftncsi.comA HTTP request for
http://www.msftncsi.com/ncsi.txtreturning 200 OK and the textMicrosoft NCSI
This can be disabled with a registry setting. If you set
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\
NlaSvc\Parameters\Internet\EnableActiveProbing
to 0, Windows will no longer probe for internet connectivity.
Apple does something very similar in iOS to detect internet connectivity and possible hotel "login" wifi pages, etc.
Solution 3:
As Jeff said, to detect an Internet connection, Windows will do:
- DNS request to server
- HTTP request for known content
In addition to Jeff's answer, I suspect:
3 . If HTTP request is redirected to a outside Microsoft (or doesn't return the expected content), show the message in your screenshot.