The best way to address this issue is for you to get your sysadmins to remove the port restriction on all outgoing HTTP connections. This results in no loss of security and opens up a whole bunch of network services to you. If you need to maintain a more conservative strategy, the next best thing to do would be for you to get them to drill a hole through the firewall for you for the appropriate host/port combination. If you take this approach, you should have them enable ports 5910-5920 on host ontolingua.stanford.edu.
http://www-ksl-svc.stanford.edu:5915/echoand send us the results. This will tell us what your browser and firewall are telling us you are using.