TM Questions Since the Upgrade to Meraki Firewalls

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
Post Reply
clrohm
New Member
Posts: 2
Joined: Sun Aug 14, 2016 9:30 am

TM Questions Since the Upgrade to Meraki Firewalls

#1

Post by clrohm »

I have 2 questions about TM since the upgrade.
1. When I look at the dashboard, the filter (lock icon) is open on all my routers for the stake. Since this is an audit item I would like to know when these will indicate that the internet is filtered (or not).
2. When will the usage statistics be displayed again? In the past, it has helped me troubleshoot issues.

Thanks!

Chuck Rohm
russellhltn
Community Administrator
Posts: 34417
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Re: TM Questions Since the Upgrade to Meraki Firewalls

#2

Post by russellhltn »

clrohm wrote:When I look at the dashboard, the filter (lock icon) is open on all my routers for the stake. Since this is an audit item I would like to know when these will indicate that the internet is filtered (or not).
This appears to be normal. If you dig in, that's the "standard" filtering. There are two other more restrictive settings, but they're not available to us. Presumably this is a hint at future direction.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.

So we can better help you, please edit your Profile to include your general location.
User avatar
Biggles
Senior Member
Posts: 1608
Joined: Tue May 27, 2008 5:14 am
Location: Watford, England

Re: TM Questions Since the Upgrade to Meraki Firewalls

#3

Post by Biggles »

The audit question asks if you can see the white tick, or not when using filter.lds.org. If you see the tick then that signifies an audit pass for that question. The filter (lock icon) seen in TM probably has some significance to the Church Tech personnel, but not to us mere mortals. :)
weible
New Member
Posts: 1
Joined: Sun Oct 16, 2016 9:41 am

Re: TM Questions Since the Upgrade to Meraki Firewalls

#4

Post by weible »

My filter is not showing a check at filter.lds.org. I plan to call the global support center to get an immediate fix. Any plans to make the filter lock icon a meaningful indicator of the filter status.
tlhackett
Church Employee
Church Employee
Posts: 69
Joined: Mon Dec 23, 2013 1:54 pm

Re: TM Questions Since the Upgrade to Meraki Firewalls

#5

Post by tlhackett »

It's not very intuitive because the original intent was for internal testing, but when you go to your firewall on the network tab, there's a link before "Get Connected Devices", that name refers to your filter type. It most likely says "Managed". If you click the link TM will attempt to verify that the filter is configured correctly. This checks to make sure that the firewall is configured with the correct DNS servers and that our 3rd party vendor has the firewall's public IP registered with them. If everything checks out, you'll see a green success message. If not, I'd suggest contacting the GSC for further troubleshooting.

While this doesn't exactly confirm whether the filter is completely working on end user devices (possibly because of other network issues/configurations), it is a major factor in filtering not working.
lajackson
Community Moderators
Posts: 11460
Joined: Mon Mar 17, 2008 10:27 pm
Location: US

Re: TM Questions Since the Upgrade to Meraki Firewalls

#6

Post by lajackson »

yarrgh wrote:If everything checks out, you'll see a green success message.
I can't ping one server and it says it is offline, but I do get the green success message when I click on Managed.
tlhackett
Church Employee
Church Employee
Posts: 69
Joined: Mon Dec 23, 2013 1:54 pm

Re: TM Questions Since the Upgrade to Meraki Firewalls

#7

Post by tlhackett »

lajackson wrote:I can't ping one server and it says it is offline, but I do get the green success message when I click on Managed.
The check doesn't require that the firewall be online. TM will talk to Meraki's cloud service and make sure that it is configured correctly. TM never talks to the Meraki firewall/device directly.

Because of this, even if the firewall is completely offline, TM can still update the configuration. This allows all device configurations worldwide to be kept up to date. The updated configuration will be pushed to the device when it comes online. What's cool about this behavior is that you can activate a firewall while it is still in the box and then when it is connected to the Internet it'll download its activated configuration. Not really practical in most real world scenarios and won't ever be officially documented anywhere.

Currently, there's no way for TM to know if the latest config has been pushed to the firewall/device. There's no API for it yet. GSC and other support roles do have the ability to check, if needed.
Post Reply

Return to “Meetinghouse Internet”