Problems connecting to KSL network service?

If you have tried to connect to the KSL Network services server and have been having problems, please check the following out before contacting us.
When I try to go to the server I get told that this URL is not accessible. Why?
The problem is (we predict with high confidence) that you have some sort of fascist firewall running at your site, which is blocking HTTP connections to ports other than port 80, the default port for HTTP. Ontolingua (and other KSL network services), like many other network services runs on a port other than port 80 (5915 for our main public server).

The best way to address this issue is for you to get your sysadmins to remove the port restriction on all outgoing HTTP connections. This results in no loss of security and opens up a whole bunch of network services to you. If you need to maintain a more conservative strategy, the next best thing to do would be for you to get them to drill a hole through the firewall for you for the appropriate host/port combination. If you take this approach, you should have them enable ports 5910-5920 on host ontolingua.stanford.edu.

I log in and get as far as the services selection page, but then I get blown out. Why?
The ontology server issues you a key when you log in that encrypts your user-id/password/session-id and IP address. Some gateways and/or proxy firewalls dynamically issue IP addresses seemingly at random between consecutive HTTP requests. This can result in our server authenticating you for one IP address and things getting confused by the time you get to the next page (the service selection page). What we need from you is:
  1. If you are using the AOL browser you probably can't do anything about this, so you should contact us as described below.
  2. Look at your browser's proxy configuration preference dialogue and tell us what you have there. Odds are that you have a non-null proxy. If you have, then try turning it off and see if your problem goes away.
  3. Go to the URL: http://www-ksl-svc.stanford.edu:5915/echo and send us the results. This will tell us what your browser and firewall are telling us you are using.
Some people cannot switch off this broken feature and we have to set a flag at this end that relaxes the security somewhat in order to allow them to continue. The main difference in security being that the system does not take your IP address into account when issuing the key. This means that it is possible to give away URLs, which would not normally be possible. We have never (knowingly) had any problems with people breaking into our server, or monkeying with peoples' ontologies, so this shouldn't be a problem if it is necessary for you. You just have to keep it in mind when mailing URLs to people.