This relates to my earlier question here, in which I complained that UCLA does not allow Extension students internet access via the on-campus hotspots. Their helpdesk, however, did suggest a solution, saying that if I had a VPN login to some outside organization, I could get around the restriction on campus and reach the internet.
The thing is, though, I don’t have any VPN access to anything. This type of access is usually granted for some specific purpose, like being able to log into your employer’s network remotely. What I need is access to a VPN network just to be able to circumvent the restrictions at UCLA. (I’m sure there’s no legal issue here, since it was their helpdesk that suggested I try this.)
Is there any organization or entity that maintains a VPN and allows people to log in, perhaps for the payment of a few dollars a month, and have general Internet access?
I’m also considering running my own VPN network at home as an alternative, but I think a professionally maintained network would be more reliable.
I don’t think VPN access is going to help at all. All of the VPN (virtual private networks) I have seen require you to have internet access already. The point of the VPN is to make it hard for a third party to see what the traffic between your computer and the organization using the VPN. If you cannot use the UCLA wifi network you are not going to be able to establish a VPN connection with anything.
In order to open a VPN connection to someone’s network, don’t you have to first be connected to the internet (or some network that eventually connects to the network you want to VPN into)?
And if you can’t access the hotspots to connect to internet, this sounds like a catch 22.
I think the helpdesk was confused. Probably a freshman. I use the VPN client to use the library databases remotely, not to actually use their wifi. And the VPN requires, as gazpacho noted, to already have an internet connection plus a BOL account to use the campus services. Which you need anyways to use their wifi.
Probably helpdesk thought you wanted to use JSTOR remotely or something.
I found the concept confusing myself, but I think this is the way it’s supposed to work. When I take my computer to UCLA and open a browser, I’m technically “connected to the Internet”, albeit in a very limited fashion. I can only go the student/faculty/staff login page, or to the page to request an account to be set up; and of course I would have to be in one of those three groups to do it. However, presumably with a fat-client VPN login I should be able to open that and enter the IP address of the VPN host, and get around that. I think the reason they’re OK with this is that it only would provide general Internet access, but not access to the on-campus resources that are specifically geared towards UCLA students. This seems plausible to me; I know that if I was using my notebook at home and logged into my own network, I would lose that connection on logging into my employer’s network. In short, my activity was no longer governed by my home network, but by my employer’s network. I would not longer have access to my home networked printer for example, but could use the printers at my office remotely.
So they’re saying that even though you can’t surf or get other internet access generally with your current level of access, you might still be able to open a VPN tunnel to another network, and then surf through that network’s internet access?
That seems odd to me, but what the hell, I guess we have to assume they know how their network works.
Going back to your original question then, I don’t know of any networks that allow a VPN connection just so you can then access the net through them. Normally, as mentioned, if you can get VPN access, you’ve already got general internet access.
If this were possible, wouldn’t it then be possible to circumvent other password-protected hotspots (like at airports or T-Mobile hot spots, etc) that require accounts in order to access the internet?
I actually assume that the (at least first level) help desk knows relatively little about the actual way things work, but hope that they have been given answers by someone who does.
But that does sound incredibly optimistic, now that you make me say it.
Not necessarily. This could be a configuration quirk on the UCLA network, that it blocks (or intercepts) all the standard internet protocols such as HTTP, POP, SMTP, FTP, Telnet, etc., but for some reason allows VPN connections to pass through to the internet.
As I said, this strikes me as an odd way to setup a network, but I think it’s at least possible.
If UCLA’s main concern and reason for restricting access is is to preserve the bandwidth of its licensed resources, e.g. online library materials, then that would make sense Allowing people to circumvent the login would presumably prevent that from happening while still allowing general internet access.
Queen Bruin it sounds like you’re doing something different. I think you’re logging into UCLA’s VPN from offsite so naturally when you’re logged in, you have your usual student access.
FTR I’ll post here what the help desk said in its email:
(Note that I explored the possibility of using CSU Fullerton’s VPN, but that is only for faculty and staff so I’m SOL there too.)
Here is the email from me which the above is in response to:
Well, it sure sounds like what they are describing is what we’ve discussed. I wish I knew of a VPN connection you could use, I’m curious to see if it works!
Or, heck, if they’re not blocking port 3389, you might try using remote desktop to connect to your computer at home. This assumes that you have a computer at home (and that your laptop isn’t your only system), you have port 3389 open on your router and pointing to your desktop machine, and that you’re running either Vista or XP on your home machine.
But, connect to your machine at home, and use it to browse the net.
What you really want to do is tunnel IP over DNS, which will get around almost any of those limitations, since their DNS server will almost certainly go and request whatever domain name you want.
However, that requires that you have a nameserver at your disposal, and are capable of setting it up.
It may be a while, but the next time I’m at UCLA, I’ll make a point of bringing my laptop to see if the VPN connection really will work, and post to this thread. I don’t go with any regularity, though. Maybe someone closer could try it out.
If you have an internet connection and PC running at home, your best solution is OpenVPN. Use DynDNS.org to set up a dynamic domain (free if you use <yourname.dyndns.org>, so you can find your internet connection from outside. Then set up an OpenVPN server configuration on your PC, and configure your laptop as a client. You may need to use port forwarding if you have a firewall/router for your internet connection.
You could even get a router that allows upgradeable firmware (Linksys WRT54G is really popular) and have your OpenVPN server running on that, so your PC does not need to be on all the time.
No - Hotspot software is smart enough to block all ports until authentication, not just http - I have checked .
On my campus it’s setup so that in order to get on the school’s wifi, you must first register your laptop’s MAC address… And after that you should be able to get online… HOWEVER, to access ANY school websites (or sister school websites) you must first authenticate into their VPN (which everyone with a school account has access to). It can be a hassle at times to first connect to the wireless network and then also connect via VPN.
I set up my own VPN at home using Hamachi freeware. I tested this from a cafe and it seems to work there, although I don’t need it there. However, when I tried it from UCLA, I couldn’t find my network.
I may have mis-set something at home before I went over there to try it.
This appears to be the case. Today I went to the coffeehouse to recheck that it worked there–it did, and then to UCLA. It didn’t work there, and, moreover, when I checked the network status in the control panel it appears that I have local access only. This seems similar to what a company might do if they wanted their employees to only be able to reach their intranet.
Walrus, is there still any chance I could somehow tunnel out?
If not, my only recourse is to approach my old department, hat in hand, and beg a guest account. I think they’d be willing to give me one, but the problem is it’s only valid for 30 days at the most.
It’s really disappointing that there is so little reciprocity between universities. Being able to use the library but not go online there is not much help.
.