For security reasons, access to Drupal development sites is restricted to IP addresses on the PennNet network and to authorized static IP addresses elsewhere. Authorized developers who need access from off campus will need access through one of these methods.

If you have a static IP address at an off-campus location, you can request that ISUS authorize your address.

If you don't have a static IP address at an off-campus location, then you need to have some kind of remote access to a computer that does have PennNet access, such as a computer on campus. Use remote desktop, a VPN, or SSH proxy to access development sites from off-campus.

Our usual solution then is to connect by proxy to the server where the site is, for example, tenjin.sas.

Instructions for Proxy Connections

Here are detailed instructions for accessing a development site on tenjin.sas from a Macintosh located off campus. (This assumes you have an account on tenjin.sas.  If you're using tengu.sas, just subsitute "tengu" for "tenjin". Separate instructions are available for Windows.)

The overall approach is that we're using a server on campus (tenjin.sas.upenn.edu) to access the site, and this server will serve as a proxy which your home computer can use to gain access.

Setting up the proxy

So, the first thing to do is to set up the proxy. If you have a Mac off campus, use its Terminal application to set up the proxy. You'll find the Terminal application in your Utilities folder inside your Applications folder.

1.  Start up Terminal.

2.  When the Terminal window opens, paste (or type) the following command and press the Return key:
    ssh -D9853
    (where xxxxxx is your username on tenjin.sas).

3.  After a few seconds, you'll be prompted for a password.  Type in your PennKey password and press Return.  Note that you'll be typing blind; no characters will appear when you type.

4.  If you successfully log in, you'll get a couple of lines of text back, the second of which will end in something like "[xxxxxx@tenjin ~]$ ".

5.  Leave the Terminal window open.  (If you close the window or quit Terminal, this will end your proxy connection.)

Configuring Firefox to use the proxy

Okay, what you've done so far is to make a secure connection to the tenjin.sas.upenn.edu server by opening a port (number 9853) on your local computer. Next, we'll use that port in Firefox to give us access (through the proxy) to the development site.

1.  Start up Firefox.

2.  Go to the Firefox menu (next to the Apple menu in the upper left) and choose "Preferences..."

3.  On the top of the "Preferences" window, click on "Advanced".

4.  Click on "Network" in the buttons near the top of the Advanced window.

5.  Under "Connection", click on the "Settings" button.

6.  You should now see a window titled "Configure Proxies to Access the Internet".

7.  Fill it out as in the following picture.

Brief explanation:
127.0.0.1 is the standard IP address to identify your local host -- i.e., whatever local computer you're using. And 9853 is the port that we opened to tengin.sas.upenn.edu in Terminal.

In other words, select "Manual proxy configuration", and type "127.0.0.1" in the Socks Host and "9853" in the Port next to it.
Make sure "SOCKS v5" is selected. (It should be selected by default.)
You don't need to put anything in the blank for "No Proxy for:".

8.  When you've filled in the information, click the OK button.

9. If you wish, you may now close the Preferences window.

10. You should now be able to point your Firefox to your site and gain access.  For example,
    https://tenjin.sas.upenn.edu/xxxx-test/
where xxxx-test is the name of the site.

Ending the proxy session

When you're done and you no longer need access to the site, do the following.

1.  Quit the Terminal application (or close the window).  This will stop the proxy connection.

2.  In Firefox, go back to Firefox > Preferences > Advanced > Network > Connection > Settings.

3.  Select "No Proxy" and click the "OK" button and close Preferences.

You're now back to normal.