Hello,
MSAD55 -Sacopee Valley is dealing with the same issue. We are hosted by
IC so our traffic all heads out to Min and Snow Leopard just CRAWLS. We
have tried to open the Joebox, open our sonicwall, make HOST file entries,
all to no avail. Google Chrome is faster on Snow Leopard but I am not
sure as to if it will work completely with the Java Gradebook. Does
anyone have any ideas as to how to get Snow Leopard to just pass the
traffic? It is worse when many are on at once -like class by class
attendance -ooch. This was not noticed when we only had the 20MB fiber
connection and used N2H2.
thanks for any ideas!
Chuck
Joebox User <[log in to unmask]> on October 5, 2010 at 9:13 AM -0400
wrote:
>Jeff,
>
>
>If you're running IC locally, be sure to check your local DNS records to
>make sure they are clean an correct for the IC box. We ran into a similar
>issue on this year's image for the MLTI Macbook. The https connection
>problems which have been discussed with MLTI and the Apple were showing
>up locally for us because we had a bad DNS record for our local IC
>server. As soon as we cleaned everything up, it was nice and speedy.
>
>
>Regards,
>Kerry
>
>Kerry Gallivan
>Technology Director, MSAD#75
>50 Republic Ave., Topsham, Maine 04086
>Office phone: (207) 729-9961 ext 251
>Email: [log in to unmask]
>Skype: kerrygallivan
>Twitter: http://twitter.com/msad75tech
>
>
>---------------------------------------------------------------------------
>
>We have been having an issue with Infinite Campus. I don’t think it is a
>Joebox issue, but if you have heard anything to contrary, any help would
>be appreciated. Any Mac running Snow Leopard has EXTREMELY slow response
>time with Campus (web-based SIS). Leopard and Tiger based Macs as well
>as any PC running any version of Windows or Linux have no issues. The
>only thing I have done is to try turning off filtering and allowing clear
>internet access, but this had no effect.
>
>Ideas?
>
>Thanks!
>
>H
>
>
>On 10/4/10 3:30 PM, "Ray Soucy" <[
>fcp:[log in to unmask],[log in to unmask]
>][log in to unmask]> wrote:
>
>
>
>I wanted to drop everyone a note on some Joebox issues that we have
>been working with MECnet (the vendor) to resolve.
>
>I apologize in advance for the length of this email; apparently there
>is a lot to talk about. ;-)
>
>
>
>
>Restarting the Firewall or MECguard service will cause a brief but
>noticeable outage. This is a design oversight in the way the services
>were implemented, we have identified the cause and MECnet is working
>to re-engineer these services. The updates are in testing now, but
>give us a few weeks before we roll them out to make sure nothing
>breaks.
>
>For now, the work-around is to wait until the end of the day to
>restart MECguard or the Firewall if it's possible to minimize its
>impact.
>
>
>
>
>Many of you have called in with reports of problems accessing specific
>websites. Like the old Bess filter, MECguard is implemented as a
>transparent HTTP proxy service. This does indeed break the occasional
>website. The solution is to direct traffic around the proxy service
>so it never gets intercepted at all. This can be done using the "Web
>Filter" section of the Firewall.
>
>For example. If you wanted to bypass filtering for the website at
>130.111.32.130 (networkmaine.net) you could add a new Web Filter rule
>with the following settings:
>
>Enable: Yes
>Description: networkmaine.net
>Rule Type: Don't Filter Destination
>Source Type: Firewall Group
>Group: Everyone Else
>Destination Type: IP/Hostname
>IP/Hostname: 130.111.32.130
>
>
>
>
>Another common request is to block access to Facebook, as students
>quickly figure out that they can use HTTPS (which isn't filtered) in
>place of HTTP.
>
>To do this, we can create a few Closed Ports rules in the Firewall and
>block HTTPS to the IP addresses used by Facebook.
>
>The two IP networks currently used by Facebook appear to be
>"66.220.144.0/20" and "69.63.176.0/20". Note that this is may change
>every now and then if Facebook starts using more addresses.
>
>Here we would create two "Closed Ports" rules (one for each network)
>in the Firewall, below is an example of the settings for one of them.
>
>Enable Closed Port: Yes
>Description: Facebook
>Rule Chain: FORWARD
>Source Type: Firewall Group
>Group: LAN
>Destination Type: IP/Hostname
>IP/Hostname: 66.220.144.0/20
>Protocol: TCP
>Port to be Closed: 443
>
>Based on your policy, you may decide to block Facebook specifically,
>or SSL outright for everyone in a certain group.
>
>Any rules created in the "Open Ports" section of the Firewall are
>evaluated first. So if you wanted to give a specific group, for
>example "Teachers" unrestricted access to SSL websites (including
>Facebook) you could create an Open Port rule in the firewall to let
>that group through. Here is an example:
>
>Enable Open Port: Yes
>Description: Allow SSL for Teachers
>Rule Chain: FORWARD
>Source Type: Firewall Group
>Group: Teachers
>Destination Type: Firewall Group
>Group: Everyone Else
>Protocol: TCP
>Port to be Opened: 443
>
>
>
>
>As always if you need assistance in setting this up, feel free to
>contact the Support Desk.
>
>
>
>
>Lastly, the current software available though software update is
>looking stable, and resolves a series of issues that have been around
>since the start of the school year.
>
>The support desk has been working with sites to upgrade everyone. If
>you are experiencing problems aside from the Firewall and MECguard
>restart issue mentioned above, you may want to call in and set up a
>time to upgrade your software.
>
>These updates (mostly) provide:
>
>Fix for routing engine so it is not dropping its default route when
>the firewall is restarted.
>
>Fix for UI bug that broke open or closed ports firewall rules if the
>protocol was set to "all".
>
>Fix for MECguard memory leak causing performance issues.
>
>Added automated nightly remote backup of configuration to Networkmaine
>(we keep the last 7 days of configuration backups).
>
>Minor UI fixes to correctly display service status.
>
>System kernel changes to handle networks larger than 512 addresses
>without causing performance issues.
>
>
>
>
>If you have been experiencing problems not addressed here I would like
>to hear from you (off-list) so we can take a look at your setup.
>
>The majority of the time that users are having a terrible experience
>with the Joebox turns out to be something easily corrected by making a
>configuration change.
>
>I'd also like to thank everyone, especially those of you who were
>unlucky enough to test some of the less-than-stable software updates
>leading up to this batch, for being patient as we work with MECnet to
>improve the Joebox for use in Maine schools.
>
>If you would like to share your questions, comments, joy, or
>frustration with us in person, a few of us from Networkmaine will be
>around at this year's ACTEM conference next week. I'll be giving a
>Joebox session there on the 14th, so if you haven't signed up yet, you
>might want to take a look.
>
>--
>Ray Soucy
>
>Epic Communications Specialist
>
>Phone: +1 (207) 561-3526
>
>Networkmaine, a Unit of the University of Maine System
>[ http://www.networkmaine.net/ ]http://www.networkmaine.net/
>
>
>
>
**************************************************************************************
MSAD#55 Confidentiality Notice: The information contained in this message
(including any attachments) may contain privileged and/or confidential
information protected from disclosure by the Family Educational Rights and
Privacy Act (FERPA). It is intended solely for the use of the addressee.
Any disclosure of the document is strictly prohibited outside the scope of
the service for which you are receiving the information. If you have
received this communication in error, please notify sender immediately and
delete the material from any computer.
|
