• Hello MLAers! We've re-enabled auto-approval for accounts. If you are still waiting on account approval, please check this thread for more information.

Cisco Redirect And Classilla

R

raoulduke

68000
I'm trying to get onto my school's network. It uses some type of Cisco redirect page.

The FAQ notes possible SSL and SSH issues but both Classilla and MacSSH have no impact.

I'm thinking of talking to our tech guy but anyone have any thoughts? Is it just impossible even with Classilla? And is there any real browser bump from OS 9 in contrast to 8.6?

 
Last edited by a moderator:
Cisco couldn't give the tiniest amount of a care about whether anything works. Once they have your money, they don't give a damn. They'll pretend to care, though - they'll tell you that if you buy support they'll help you, but then the paid support will then tell you in greater detail that what you're trying to do is not supported.

If you come up with a workaround, do post it.

 
The issue isn't Cisco per se.  They don't administer the network, they just created whatever backend software the school uses.  I also talked to the tech guy who, very coolly - politely, basically said what I was doing was technically hacking. It is, but I don't think it violates usage policies.  In any event, I appear to still be blocked so I'll try again tomorrow morning.

Opera 5 seems to support various SSL protocols.  However, it also appears to be able to spoof - I don't know if that's exactly the right term - other browsers.  So I believe it was representing itself as IE 5 when the redirect occurred (whereas IE 4, the actual browser, could not redirect).  So I think what I have to try is using Opera 'as Opera.'  However, I have no guarantee that will work.

The network itself has no encryption; but the tech dude wouldn't tell me exactly what protocols (or whatever) need to be supported, because that would violate policy - he said.  In general I think he thought this was pretty funny.  I don't care so much for the 5300, but I'm pretty sure the 3400 will have an identical problem except that (assuming it works) I will have 32 mb of RAM and can thus use OS 9 - though I don't know that there's a benefit to that (for typing and using the internet).  Honestly I stopped using Macs around 1999 - just before OS 9 was released [although I think my iMac may have come with OS 9] so I'm not very familiar with it.

 
What I mean is that Cisco makes things with no regards to compatibility. Sure, they could use best practices, but they think they're too big to have to worry about that.

Technically, learning anything in school is hacking in the sense that you're figuring out something new (to you). Hacking is a bit of a misnomer. The implication that it is akin to cracking, though, is worrying; the campus is supposed to offer up services to all the students, not just certain students who have an officially sanctioned computer.

It's unreasonable to expect them to support just any machine, but on the other hand Cisco has a bad history of doing things like releasing products which require ancient and insecure Java, not working at all with Macs for years, claiming to be standards compliant when they're not, having "features" which are contradictory to expected behavior which you can't disable and so on.

I give the Cisco people shit every year at Interop - it's very cathartic! They've actually helped me deal with a number issues, partly because I'm funny and not actually angry towards individuals. They even invite me to their parties :)

 
lol.

Agreed.  I made that point (about hacking).  But the issue here isn't whether it's hacking - which I think we both agree it obviously technically is.  The question is whether it violates my law school's policies.  And given the litigious career I've chosen to enter, I do not think that question is invalid.  But I haven't really scoured the policies yet.

As for the relay, IPalindromeI, I tried using a simple proxy, but that didn't work.  It seems somewhat odd - not the proxy issue, I have no idea if that was the right option.  I think they may do a browser compatibility test, in which case I might be screwed.  However, I still find it very unusual that Opera redirected.  I actually left to go tell the tech guy and when I came back there was an error pop-up, so I'm not sure what exactly happened.

 
johnklos said:
What I mean is that Cisco makes things with no regards to compatibility. Sure, they could use best practices, but they think they're too big to have to worry about that.

Technically, learning anything in school is hacking in the sense that you're figuring out something new (to you). Hacking is a bit of a misnomer. The implication that it is akin to cracking, though, is worrying; the campus is supposed to offer up services to all the students, not just certain students who have an officially sanctioned computer.

It's unreasonable to expect them to support just any machine, but on the other hand Cisco has a bad history of doing things like releasing products which require ancient and insecure Java, not working at all with Macs for years, claiming to be standards compliant when they're not, having "features" which are contradictory to expected behavior which you can't disable and so on.

I give the Cisco people shit every year at Interop - it's very cathartic! They've actually helped me deal with a number issues, partly because I'm funny and not actually angry towards individuals. They even invite me to their parties :)
Click to expand...
Someimes best practices mean removing compatibility. OpenBSD is pretty adamant about aggressively gutting support for such things.

 
IE 5.5b1 successfully redirected but couldn't submit the login form. I downloaded Netscape 7 but I had been blocked again by then. I'll try again tomorrow and then sometime next week I'll hopefully be moving to OS 9.

 
Well if the cisco backend software was designed with any security in mind, of course your going to get blocked! You may need to spoof your UserAgent to possibly fix it. 

 
More than that

UserAgent contains the browser ID, browser version, OS type, OS version, etc etc.. 

You need to grab the useragent of a modern machine, and put it into classilla. 

 
Last edited by a moderator:
If this is Clean Access Agent (are people still running that?), it may (should) be possible to add your MAC address to an exemption list, and your network administrator may be willing to do that.

Though, if they haven't already offered it, then it's likely they're not going to, or they're using a newer product that doesn't have that functionality.

(I used to have to put people into exemption lists because Perfigo/CCA would want a particular Windows Update to be installed, even though it had been superceded by a newer update. Newer and better NACs just check that Windows Update is on, but it sounds like this isn't a NAC situation as much as an announcement/MOTD type of portal letting you know you're on $INSTITUTION's wifi and to agree to these rules. CCA can do that, but that was typically its secondary function, and the bulk of its work was checking for a/v defs and Windows updates.)

 
Yea I can't really approach the tech guy again.  He was amused, but he was also very unwilling [on policy grounds] to offer much information.  He also has no control over the backend.  The backend, I think, isn't even run from this physical location.

I feel like an idiot for having said proxy server earlier, I just want to absolve myself.  I knew that wouldn't work but only one of these (I can't remember which) allows selection/deselection of relaying [for HTTP and HTTPS, relevantly].

Classilla - at least as I understand it - only has a limited number of preset User Agent preferences.  So, for instance, I have my Firefox User Agent string ready to go but I can't actually add it unless I need access to a specific preference file.  I also don't have ResEdit on the machine [not sure if that's relevant].  So I haven't gone browsing through the preference files.

Not convinced this is the issue, but I'm open to help on how to edit the User Agent presets on Opera 5 or Classilla 9.3.2.  As far as I can tell - and as I read them - that won't violate the university's usage policies.

 
I've had that thought but I seem to be being distributed an IP address by the DHCP server.

W/e. I'm going to switch to Orinoco cards/drivers when and if I get the 3400c up and running.

(In that a different card will have a different MAC address. The 3400 also has ethernet.)

 
Last edited by a moderator:
You must log in or register to reply here.

Similar threads

Fizzbinn
100Mbps Ethernet benefit on Power Mac 6500
Replies
0
Views
716
Fizzbinn
Fizzbinn
DW1992
SPACEBALLS : the black ribbon -or- Fixing an ImageWriter II black ribbon
Replies
8
Views
1K
Concorde1993
Concorde1993
pl212
Finding FiberTalk: DuPont's AppleTalk-over-Fiber Hardware
Replies
5
Views
1K
cy384
cy384
Byte Knight
Things to Do With Your Networked Vintage Mac
2
Replies
35
Views
18K
Byte Knight
Byte Knight
jamesmilne
MacToTheFuture SE30 Network Card Driver
Replies
8
Views
2K
ants
ants
Back
Top