Using Wireless and wired at the same time

Discussion in 'Mac OS X Server, Xserve, and Networking' started by akm3, Jul 1, 2009.

  1. akm3 macrumors 68020

    Nov 15, 2007
    I use my Mac at work. It connects via Ethernet to the 'internal' network. We also have a guest wireless network that my airport attaches to.

    The internal secure network has policy restrictions that ban certain websites and what not, not as a nanny but as a security measure because you are more 'on' the network with the hard wired one.

    The guest one does not. One practical issue is Dropbox can't make a secure connection to syncronize through the wired network.

    Dropbox and Firefox both support proxies, but it would be even easier to just have Firefox and Dropbox and Skype and (iChat and Googletalk and many others those are just off the top of my head) default to use the Wireless network.

    Can this be done?

    Assuming it can't be, to setup a proxy server, I have my Mac Mini at home all setup to receive it. I have port 22 forwarded to the Mac mini, and I have dynamic dns setup.

    When I go to my Mac and type 'ssh 'username'@'dynamicipaddress' -D 2001' it gets me to a login prompt (I have to type 'yes' to continue connecting).

    I try to type my 'username' password on the Mac Mini but it never connects.
    It looks like this:
    'username'@'dynamipaddress' pasword:
    'username'@'dynamipaddress' pasword:
    'username'@'dynamipaddress' pasword:

    And then boom kicks me out for failing authentication.

    So, it seems like everything is connected properly via the proxy isn't working. I did double and triple validate that I have the proper password.

    Can *anyone* help me resolve either of these two issues so I can get full functionality of some of my firewalled apps when I'm at work?
  2. assembled macrumors regular

    Jan 12, 2009
    Yes, you you just need to manipulate the routing table on your computer.

    If you have the wired and the wireless connections 'on' at the same time, and DHCP is running on both, you will see that you have two default gateways, if you were to set the wired connection so it only acquired an address and subnet mask, you would only have the wireless default gateway, and any packets bond for an address that was not on either of the two connected networks, would go out over the wireless default gateway.

    as an alternative to not acquiring the wired default gateway, you could also try manually removing the route.
  3. akm3 thread starter macrumors 68020

    Nov 15, 2007
    Very slick idea...Will look into it thank you.
  4. belvdr macrumors 603

    Aug 15, 2005
    If you're connecting to a secure network and a network not as secure at the same time, that's not a good idea as it makes the secure network less secure. It usually against security policies as well.

    This is the equivalent of having a perfectly good firewall, and having a client connect to an unfilter Internet connection and also connecting to the internal network where all private data is stored.
  5. akm3 thread starter macrumors 68020

    Nov 15, 2007
    True, but even the 'more' secure network is still not secure. It just has more aggressive Internet filtering - but requires no credentials. Active directory handles security for the important stuff - and my mac isn't allowed on the domain.
  6. Consultant macrumors G5


    Jun 27, 2007
    I wonder if you can have a virtual machine accessing a different network?
  7. akm3 thread starter macrumors 68020

    Nov 15, 2007
    That is an option. I do run Parallels and an instance of XP. I could run all my work Citrix apps within the VM with no issues.

    How would I force the VM to use the wired connection and 'everything else' to stay on the wireless?
  8. belvdr macrumors 603

    Aug 15, 2005
    No network is fully secure.

    But, if your machine has the capability to connect (via smb, ping, etc) without going through a firewall to get to those services on the wired connection, and you connect to both networks, you have ruined any security put in place at all. Active Directory is just that, a directory; it doesn't handle security by itself. Most companies that enforce security policies have some fairly severe consequences for doing this type of thing.

Share This Page