Using Wireless and wired at the same time

[akm3]

I use my Mac at work. It connects via Ethernet to the 'internal' network. We also have a guest wireless network that my airport attaches to.

The internal secure network has policy restrictions that ban certain websites and what not, not as a nanny but as a security measure because you are more 'on' the network with the hard wired one.

The guest one does not. One practical issue is Dropbox can't make a secure connection to syncronize through the wired network.

Dropbox and Firefox both support proxies, but it would be even easier to just have Firefox and Dropbox and Skype and (iChat and Googletalk and many others those are just off the top of my head) default to use the Wireless network.

Can this be done?

Assuming it can't be, to setup a proxy server, I have my Mac Mini at home all setup to receive it. I have port 22 forwarded to the Mac mini, and I have dynamic dns setup.

When I go to my Mac and type 'ssh 'username'@'dynamicipaddress' -D 2001' it gets me to a login prompt (I have to type 'yes' to continue connecting).

I try to type my 'username' password on the Mac Mini but it never connects.
It looks like this:
password:
password:
password:
'username'@'dynamipaddress' pasword:
'username'@'dynamipaddress' pasword:
'username'@'dynamipaddress' pasword:

And then boom kicks me out for failing authentication.

So, it seems like everything is connected properly via the proxy but....it isn't working. I did double and triple validate that I have the proper password.

Can *anyone* help me resolve either of these two issues so I can get full functionality of some of my firewalled apps when I'm at work?

 

[assembled]

Can this be done?

Yes, you you just need to manipulate the routing table on your computer.

If you have the wired and the wireless connections 'on' at the same time, and DHCP is running on both, you will see that you have two default gateways, if you were to set the wired connection so it only acquired an address and subnet mask, you would only have the wireless default gateway, and any packets bond for an address that was not on either of the two connected networks, would go out over the wireless default gateway.

as an alternative to not acquiring the wired default gateway, you could also try manually removing the route.

 

[akm3]

Yes, you you just need to manipulate the routing table on your computer.

If you have the wired and the wireless connections 'on' at the same time, and DHCP is running on both, you will see that you have two default gateways, if you were to set the wired connection so it only acquired an address and subnet mask, you would only have the wireless default gateway, and any packets bond for an address that was not on either of the two connected networks, would go out over the wireless default gateway.

as an alternative to not acquiring the wired default gateway, you could also try manually removing the route.

Very slick idea...Will look into it thank you.

 

[belvdr]

If you're connecting to a secure network and a network not as secure at the same time, that's not a good idea as it makes the secure network less secure. It usually against security policies as well.

This is the equivalent of having a perfectly good firewall, and having a client connect to an unfilter Internet connection and also connecting to the internal network where all private data is stored.

 

[akm3]

If you're connecting to a secure network and a network not as secure at the same time, that's not a good idea as it makes the secure network less secure. It usually against security policies as well.

This is the equivalent of having a perfectly good firewall, and having a client connect to an unfilter Internet connection and also connecting to the internal network where all private data is stored.

True, but even the 'more' secure network is still not secure. It just has more aggressive Internet filtering - but requires no credentials. Active directory handles security for the important stuff - and my mac isn't allowed on the domain.

 

[Consultant]

I wonder if you can have a virtual machine accessing a different network?

 

[akm3]

I wonder if you can have a virtual machine accessing a different network?

That is an option. I do run Parallels and an instance of XP. I could run all my work Citrix apps within the VM with no issues.

How would I force the VM to use the wired connection and 'everything else' to stay on the wireless?

 

[belvdr]

True, but even the 'more' secure network is still not secure. It just has more aggressive Internet filtering - but requires no credentials. Active directory handles security for the important stuff - and my mac isn't allowed on the domain.

No network is fully secure.

But, if your machine has the capability to connect (via smb, ping, etc) without going through a firewall to get to those services on the wired connection, and you connect to both networks, you have ruined any security put in place at all. Active Directory is just that, a directory; it doesn't handle security by itself. Most companies that enforce security policies have some fairly severe consequences for doing this type of thing.