broadband connections in hotels

["Peter VE" <peter.ve () pandora be>]

Hi all,

I have a problem that has been bothering me for quite some time now
All of our laptops have a personal firewall.
THis means that they can connect to the internet (in terms of getting an IP
address and do DNS name resolution) + establish a VPN tunnel into the
corporate network. That's it... no browsing allowed, no email reading or
sending allowed....
When the users wants to access the internet, he has to establish the VPN and
use the corporate proxy server...  better safe than sorry
The users are not able to change the firewall policy nor  disable the
firewall... it's always running
The firewall is clever enough to detect when you are on the corporate
network (private IP + ability to resolve internal DNS names), when you are
on the internet (non-corporate IP address, or private ip address  but not
able to resolve corporate internal DNS name), when you are using VPN and so
on... this really works well

Some hotels offer a broadband connection... but before you can access the
internet, you need to connect to a website, and enter a passcode (so proper
billing can be done).  We are blocking all access so the user cannot access
this website...
This is bothering me... how can we set things up so the user can use the
local broadband connection,
without dynamically changing the policy,
without allowing internet browsing access at all times..
Also, keep in mind that not all websites are running on port 80... it could
be a different port...

Any ideas ?

thanks

P