Why Wi-Fi isn't connecting in the metro: technical reasons and solutions

Many commuters are familiar with the experience of a smartphone suddenly losing wireless network connectivity or refusing to complete authorization while in an underground passage or on a subway platform. This is especially true in dense urban environments and crowded areas. radio frequency ether It turns into an extremely congested environment, with every device trying to connect to an access point. Users often perceive this as a device malfunction or poor service from their ISP, but the root cause of the problem lies deeper, in the fundamental principles of wireless network operation under high traffic conditions.

The main reason for the lack of connection is not so much a weak signal, but channel congestion Communications. When thousands of devices simultaneously attempt to connect to the same infrastructure, data exchange protocols begin to experience critical delays or even drop requests entirely. Understanding the physical nature of this phenomenon helps avoid wasting time on pointless reconnection attempts and instead switch to mobile internet or wait for a less congested time.

Furthermore, there are specific security settings and operator practices that can artificially block attempts to connect to public networks on public transport. In this article, we will examine in detail the technical aspects of Wi-Fi in the metro and consider the impact encryption standards and we will offer specific steps to diagnose your device if a connection is still necessary.

Radio spectrum congestion and interference

The main enemy of a stable connection on the subway is physical overcrowding. radio channelUnlike home use, where a router serves multiple devices, subway infrastructure must handle thousands of simultaneous requests per minute. Every smartphone, tablet, or laptop attempting to find a network sends special probe requests, which create additional noise and waste airtime.

The situation is exacerbated by the fact that there are only three non-overlapping channels available in the 2.4 GHz band. In a station environment where hundreds of people are simultaneously present, interference becomes critical. Signals from different access points and client devices interfere with each other, causing data collisions. The Wi-Fi protocol is designed so that when a channel is detected as busy, the device waits a random amount of time before trying again, which in metro conditions leads to an exponential increase in latency and, ultimately, a connection timeout.

⚠️ Please note: During rush hour, the likelihood of successfully connecting to a public Wi-Fi network in the metro drops to almost zero due to the MAC address tables at access points being full.

An additional factor is the influence of the metal structure of the tunnels and carriages. Metal reflects radio waves, creating an effect multipath propagationThe signal reaches the receiver not only directly, but also through multiple reflected paths with varying delays. For modern standards, such as 802.11ac or 802.11ax, this creates difficult conditions for decoding the signal, especially when the transmitter power is limited by sanitary standards and safety regulations.

📊 Do you experience Wi-Fi problems in the metro?
Yes, all the time.
Sometimes, during rush hours
No, I always get it.
I don't use Wi-Fi in public transport.

Restrictions from mobile operators

Many users are unaware that the lack of Wi-Fi in the metro can be caused by their own telecom operator. In an effort to keep traffic within their network, some providers use technologies that block or prioritize certain types of connections. If your data plan offers unlimited mobile data but limits tethering or VoIP use, your operator may programmatically prevent your device from switching to external networks.

There is also a concept Wi-Fi Offloading, which operators use selectively. In theory, the network should automatically switch the user to Wi-Fi to reduce the load on cell towers. However, in practice, if the cellular network in the metro is stable (for example, thanks to the towers installed along the tunnels) — beam-forming cables), the operator has no economic incentive to overload its gateways with free traffic through public hotspots.

Blocking often occurs at the DNS level or through the injection of special reset (RST) packets when the device attempts to connect to the authorization portal. This is done to ensure the user remains on the mobile operator's network, where traffic is billed or counted for statistics. You can test this by temporarily disabling the SIM card and attempting to connect to the network manually. If the connection works without the SIM card, the issue lies with the operator's policy.

Authorization Issues and Captive Portal

Even if a physical connection to the access point is established, the user often faces the inability to log in. Public networks in the metro use a mechanism Captive Portal — a special page where you must accept the terms of the agreement or enter your phone number. In conditions with poor signal or high latency, this page may simply fail to load, creating the illusion of no internet connection.

The problem often lies in security protocols. Modern operating systems, such as iOS and Android, check for internet access when connecting to open networks by sending requests to their servers. If the response from the authentication server is delayed or blocked by the network firewall, the system marks the connection as "Connected, no internet access" and may automatically disconnect it to avoid wasting battery power. This behavior can be observed in the device logs as constant connection and disconnection cycles.

Manually accessing the authorization page can sometimes solve this problem. This requires knowing the gateway address or using an unsecured HTTP request that will force the browser to redirect to the portal. However, this rarely works on the metro, as providers often block redirects to external resources until full authorization is completed, creating a vicious circle.

☑️ Diagnosing authorization issues

Completed: 0 / 4

The Impact of Smartphone Security Settings

Modern smartphones are equipped with advanced privacy protection features that can interfere with connectivity in public places. One such feature is the use of random MAC addressEach time a device connects to a new network, it generates a unique identifier to prevent tracking of its movements. However, the metro infrastructure may be configured to use whitelists or restrict frequent ID changes within a single session.

Another important parameter is the setting Wi-Fi Assist (or a similar feature on Android). It automatically switches the device to mobile data if the Wi-Fi speed drops below a certain threshold. In the subway, where the Wi-Fi signal is unstable, the phone may constantly "switch" between networks, never allowing the user to fully utilize the connection. Disabling this feature can force the device to hold on to a weak Wi-Fi signal longer, sometimes allowing a message or map to finish downloading.

It's also worth paying attention to the date and time settings. If the clock on the device is out of sync, the protocol SSL/TLSThe protocol used for secure communication with the login portal will fail to establish a secure connection. Security certificates will be invalidated, and the login page will simply fail to open, even though the connection to the router will technically be active.

Parameter Impact on connection Recommendation
Random MAC May conflict with access filters Use the device's MAC
Wi-Fi Assist Frequent breaks with weak signal Disable in the metro
Date and time Blocking HTTPS pages Sync automatically
Power saving mode Reducing antenna power Disable if necessary

Technical limitations of the metro infrastructure

Deploying Wi-Fi in the metro is a complex engineering challenge. Access points must be protected from vibration, dust, and temperature fluctuations. Equipment is often installed in hard-to-reach locations, limiting maintenance and upgrades. Many systems in operation today were designed several years ago and are not designed for the current device density and traffic volumes generated by modern apps and video services.

There's also the "cell" problem. To cover a long platform or tunnel, multiple access points are used. As a passenger moves, the device must quickly roam between them. If the roaming threshold isn't set correctly, the phone will "hang" on a moving access point with a barely noticeable signal, instead of switching to the closest, stronger one. This phenomenon is known as sticky client and is a common cause of speed complaints.

⚠️ Please note: Metro Wi-Fi infrastructure often operates in an isolated network segment. Even if you successfully connect, you may not be able to access local resources or printers due to Client Isolation enabled.

It's also important to consider that providers may limit the speed for each individual user to ensure at least some access for everyone. Algorithms Fair Queuing (fair distribution of queues) cut the speed of each connection to a minimum sufficient for text correspondence, but insufficient for loading pages with heavy graphics.

Why does Wi-Fi work better in new stations?

New metro stations are being equipped with a more modern infrastructure, using the 802.11ax (Wi-Fi 6) standard. This standard handles multiple access (OFDMA) better, allowing for more efficient resource distribution among hundreds of devices simultaneously, unlike older standards, which required devices to wait their turn.

Alternative ways to access the network

If the built-in Wi-Fi system in the metro isn't working, consider alternative options. Often, there are dedicated hotspots on platforms or in concourses run by commercial operators or advertising networks that are less crowded than the main transport network. These hotspots may have different names than the standard ones (for example, they may contain the words "Free," "Guest," or names of shopping centers).

Use of technology NFC Using Bluetooth for initial pairing (as in the Wi-Fi Easy Connect standard) hasn't yet become widespread in the metro due to security concerns, but such systems are being tested in some pilot projects. Keep an eye on updates in the official transit operator apps—sometimes Wi-Fi access is offered as a bonus for authorizing through the app with a QR code.

The most reliable option remains 4G/5G mobile internet. Telecom operators are investing heavily in tunnel coverage using distributed antenna systems (DAS). Mobile internet speeds in the metro are often higher and more stable than overloaded public Wi-Fi, especially if your smartphone supports frequency aggregation.

Frequently Asked Questions (FAQ)

Why does Wi-Fi only work at the metro entrance, but disappears on the platform?

This is due to the network architecture. At the entrance, you connect to ground towers or access points in the lobby. In the tunnel and on the platform, the ground station signal is shielded by the thickness of the soil and concrete. If the tunnel doesn't have a specialized cable system or repeaters, the connection is physically interrupted.

Is it safe to connect to Wi-Fi in the metro for banking transactions?

No, it's extremely risky. Public subway networks are an ideal environment for attacks like Man-in-the-MiddleAttackers can create fake access points with similar names. For all financial transactions, use only mobile internet or a VPN with strong encryption.

Is it possible to boost the Wi-Fi signal in the metro using external antennas?

For smartphones, this is impossible without damaging the case and voiding the warranty. Furthermore, in conditions of interference and channel congestion, boosting your receiver's signal won't solve the problem—the access point will still be unable to respond to you due to its channel being overcrowded.

Why does my iPhone say "Security is low" and how can I fix it?

This notification appears if the network uses outdated encryption protocols (WEP or WPA/TKIP), which are not recommended by Apple. This is common on older equipment in the metro. You can ignore the warning, but be aware of the risks of transmitting data in cleartext.