Try accessing it from the admin account of the laptop if you havenıt
already. If that fixes the issue then itıs related to Parental Controls. I
donıt run IC here, but there have been a number of issues with Parental
Controls under the latest image.
On 10/5/10 8:54 AM, "Jef H. HamLin" <[log in to unmask]> wrote:
> We have been having an issue with Infinite Campus. I donıt think it is a
> Joebox issue, but if you have heard anything to contrary, any help would be
> appreciated. Any Mac running Snow Leopard has EXTREMELY slow response time
> with Campus (web-based SIS). Leopard and Tiger based Macs as well as any PC
> running any version of Windows or Linux have no issues. The only thing I have
> done is to try turning off filtering and allowing clear internet access, but
> this had no effect.
>
> Ideas?
>
> Thanks!
>
> H
>
>
> On 10/4/10 3:30 PM, "Ray Soucy" <[log in to unmask]> wrote:
>
>> I wanted to drop everyone a note on some Joebox issues that we have
>> been working with MECnet (the vendor) to resolve.
>>
>> I apologize in advance for the length of this email; apparently there
>> is a lot to talk about. ;-)
>>
>>
>>
>>
>> Restarting the Firewall or MECguard service will cause a brief but
>> noticeable outage. This is a design oversight in the way the services
>> were implemented, we have identified the cause and MECnet is working
>> to re-engineer these services. The updates are in testing now, but
>> give us a few weeks before we roll them out to make sure nothing
>> breaks.
>>
>> For now, the work-around is to wait until the end of the day to
>> restart MECguard or the Firewall if it's possible to minimize its
>> impact.
>>
>>
>>
>>
>> Many of you have called in with reports of problems accessing specific
>> websites. Like the old Bess filter, MECguard is implemented as a
>> transparent HTTP proxy service. This does indeed break the occasional
>> website. The solution is to direct traffic around the proxy service
>> so it never gets intercepted at all. This can be done using the "Web
>> Filter" section of the Firewall.
>>
>> For example. If you wanted to bypass filtering for the website at
>> 130.111.32.130 (networkmaine.net) you could add a new Web Filter rule
>> with the following settings:
>>
>> Enable: Yes
>> Description: networkmaine.net
>> Rule Type: Don't Filter Destination
>> Source Type: Firewall Group
>> Group: Everyone Else
>> Destination Type: IP/Hostname
>> IP/Hostname: 130.111.32.130
>>
>>
>>
>>
>> Another common request is to block access to Facebook, as students
>> quickly figure out that they can use HTTPS (which isn't filtered) in
>> place of HTTP.
>>
>> To do this, we can create a few Closed Ports rules in the Firewall and
>> block HTTPS to the IP addresses used by Facebook.
>>
>> The two IP networks currently used by Facebook appear to be
>> "66.220.144.0/20" and "69.63.176.0/20". Note that this is may change
>> every now and then if Facebook starts using more addresses.
>>
>> Here we would create two "Closed Ports" rules (one for each network)
>> in the Firewall, below is an example of the settings for one of them.
>>
>> Enable Closed Port: Yes
>> Description: Facebook
>> Rule Chain: FORWARD
>> Source Type: Firewall Group
>> Group: LAN
>> Destination Type: IP/Hostname
>> IP/Hostname: 66.220.144.0/20
>> Protocol: TCP
>> Port to be Closed: 443
>>
>> Based on your policy, you may decide to block Facebook specifically,
>> or SSL outright for everyone in a certain group.
>>
>> Any rules created in the "Open Ports" section of the Firewall are
>> evaluated first. So if you wanted to give a specific group, for
>> example "Teachers" unrestricted access to SSL websites (including
>> Facebook) you could create an Open Port rule in the firewall to let
>> that group through. Here is an example:
>>
>> Enable Open Port: Yes
>> Description: Allow SSL for Teachers
>> Rule Chain: FORWARD
>> Source Type: Firewall Group
>> Group: Teachers
>> Destination Type: Firewall Group
>> Group: Everyone Else
>> Protocol: TCP
>> Port to be Opened: 443
>>
>>
>>
>>
>> As always if you need assistance in setting this up, feel free to
>> contact the Support Desk.
>>
>>
>>
>>
>> Lastly, the current software available though software update is
>> looking stable, and resolves a series of issues that have been around
>> since the start of the school year.
>>
>> The support desk has been working with sites to upgrade everyone. If
>> you are experiencing problems aside from the Firewall and MECguard
>> restart issue mentioned above, you may want to call in and set up a
>> time to upgrade your software.
>>
>> These updates (mostly) provide:
>>
>> Fix for routing engine so it is not dropping its default route when
>> the firewall is restarted.
>>
>> Fix for UI bug that broke open or closed ports firewall rules if the
>> protocol was set to "all".
>>
>> Fix for MECguard memory leak causing performance issues.
>>
>> Added automated nightly remote backup of configuration to Networkmaine
>> (we keep the last 7 days of configuration backups).
>>
>> Minor UI fixes to correctly display service status.
>>
>> System kernel changes to handle networks larger than 512 addresses
>> without causing performance issues.
>>
>>
>>
>>
>> If you have been experiencing problems not addressed here I would like
>> to hear from you (off-list) so we can take a look at your setup.
>>
>> The majority of the time that users are having a terrible experience
>> with the Joebox turns out to be something easily corrected by making a
>> configuration change.
>>
>> I'd also like to thank everyone, especially those of you who were
>> unlucky enough to test some of the less-than-stable software updates
>> leading up to this batch, for being patient as we work with MECnet to
>> improve the Joebox for use in Maine schools.
>>
>> If you would like to share your questions, comments, joy, or
>> frustration with us in person, a few of us from Networkmaine will be
>> around at this year's ACTEM conference next week. I'll be giving a
>> Joebox session there on the 14th, so if you haven't signed up yet, you
>> might want to take a look.
>>
>> --
>> Ray Soucy
>>
>> Epic Communications Specialist
>>
>> Phone: +1 (207) 561-3526
>>
>> Networkmaine, a Unit of the University of Maine System
>> http://www.networkmaine.net/
>>
>
|
