I’ve mentioned before how, some years ago, anyone could tote their laptop onto the UCLA campus and get online through their Wi-Fi hotspots, but then at some later point this privilege was restricted to students, faculty, and staff. Given that UCLA is a a crowded urban campus during the regular sessions, I generally have little interest in spending time there at my own studying, not least because it doesn’t seem quite ethical for me to take up badly needed space when the actual students sometimes can’t find a place to sit down indoors. Moreover the line at the coffeeshop is often 15 minutes long with no seat available at the end of it. Accordingly I decided to leave it behind, since there’s usually no point to my coming to campus unless I want to return or borrow books.
Lately, though, I’ve noticed that in summer it’s quite different. The campus is peaceful and spacious, the libraries mostly unoccupied, and the coffeeshops inviting and convenient. The dog days are upon us! The bright plazas, iconic architecture, and cool quiet hallways and reading rooms can be profoundly conducive to contemplation and study. And, as if that weren’t enough, as a Life member of the Alumni Association, I’ve recently learned, I can even join the Faculty Club which is something to look into.
All of this brings up my question. Direct login to the Bruin OnLine (BOL) portal requires a campus affiliation and ID, but technically it is not a secured network. One is “connected to the Internet” even though all one can see is the BOL login page. The BOL folks say that visitors can still get to the Internet by routing through a VPN tunnel. The information on the Faculty Club says the same. So, what exactly is that? Is it something that I can set up on a spare computer at home, or do I need to have an institutional or corporate VPN login someplace else? How would I set this capability up, and when I’m on campus, how would I tell my computer and the BOL network that I want to “route through a VPN tunnel”, and through which port? Is that something I do through a client that the VPN provider gives me, or through a DOS window, or what?
It would have to be a poor hotspot that allows VPN while blocking http traffic, but YMMV.
When you connect to the hotspot via wifi, you get an ip address. At that point, the server should create a set of firewall rules that blocks all traffic from your client and redirects all http traffic to the login page. Then when you have logged in, the rules are modified to allow you to connect to internet addresses.
It sound like the hotspot you are talking about is somewhat different - there is a default rule that redirects http only that gets removed once authentication occurs, and no other traffic is blocked.
So, you need access to a VPN endpoint outside the wifi network, and a VPN client on your laptop. The VPN server could be on your own internet connection (I would suggest OpenVPN), or you could pay for a commercial service (such as Hamachi). Setting up your own is a bit complex (you need to fiddle with router rules, etc), but it could be done very cheap. You can also get ADSL/Cable routers with VPN capability (or use an open source firmware to add the functionality to an existing router).
Once you have the endpoints set up and configured (server and client) it should just be a case of launching the client on your laptop. Just make sure that the VPN is using ports that are not routed via http/https - it is a great trick for corporate networks but will not succeed in your case, as http is redirected to the login page.
I think the way it works is that all traffic to the campus network other than the http login portal is blocked until you authenticate to the portal, except for VPN. Thus if you can authenticate to the campus VPN or a departmental VPN you can get on the campus network without going through the portal, or you can get off-campus by using your own VPN.
If you decide to use a pay service I strongly recommend Witopia.
I doubt their going to give you access to the internet without authetincation. Whats probably going on is that they have their own VPN service, and because VPN already does it owns authentication it doesnt need the web login (which is probably a radius server). So staff just fires up the VPN client and off they go.
You should really talk IT support about getting the VPN client installed on your computer. I somewhat doubt they’ll let you use someone else’s VPN if they restrict internet access to only staff/students.
If things are set up as si_blakely suggests, an alternative to setting up a VPN might be to set up an authenticating http proxy running on a port other than 80, assuming that web traffic is being redirected based on port number. This won’t work if things are as yoyodyne suggests, though.
It’s probably related to content issues with respect to online library resources. The institutional license most likely says that only members of the campus can use the material, so the hot spots are configured to enforce that.
No, indeed. I’ve made it quite clear to them that I have no current campus affiliation (except being an Alumni Association member which doesn’t count for this). I’ve told them I attend another institution and and sometimes just like to use their library, and they assure me that the VPN scenario is available to me and would solve my Internet access problem.