TM Questions Since the Upgrade to Meraki Firewalls

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
clrohm
New Member
Posts: 1
Joined: Sun Aug 14, 2016 8:30 am

TM Questions Since the Upgrade to Meraki Firewalls

Postby clrohm » Wed Nov 29, 2017 1:56 pm

I have 2 questions about TM since the upgrade.
1. When I look at the dashboard, the filter (lock icon) is open on all my routers for the stake. Since this is an audit item I would like to know when these will indicate that the internet is filtered (or not).
2. When will the usage statistics be displayed again? In the past, it has helped me troubleshoot issues.

Thanks!

Chuck Rohm

russellhltn
Community Administrator
Posts: 24037
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Re: TM Questions Since the Upgrade to Meraki Firewalls

Postby russellhltn » Wed Nov 29, 2017 2:57 pm

clrohm wrote:When I look at the dashboard, the filter (lock icon) is open on all my routers for the stake. Since this is an audit item I would like to know when these will indicate that the internet is filtered (or not).

This appears to be normal. If you dig in, that's the "standard" filtering. There are two other more restrictive settings, but they're not available to us. Presumably this is a hint at future direction.
Have you searched the Wiki?
Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

User avatar
Biggles
Senior Member
Posts: 1083
Joined: Tue May 27, 2008 4:14 am
Location: Watford, England

Re: TM Questions Since the Upgrade to Meraki Firewalls

Postby Biggles » Wed Nov 29, 2017 3:32 pm

The audit question asks if you can see the white tick, or not when using filter.lds.org. If you see the tick then that signifies an audit pass for that question. The filter (lock icon) seen in TM probably has some significance to the Church Tech personnel, but not to us mere mortals. :)

weible
New Member
Posts: 1
Joined: Sun Oct 16, 2016 8:41 am

Re: TM Questions Since the Upgrade to Meraki Firewalls

Postby weible » Tue Dec 05, 2017 6:04 pm

My filter is not showing a check at filter.lds.org. I plan to call the global support center to get an immediate fix. Any plans to make the filter lock icon a meaningful indicator of the filter status.

yarrgh
Church Employee
Church Employee
Posts: 69
Joined: Mon Dec 23, 2013 1:54 pm

Re: TM Questions Since the Upgrade to Meraki Firewalls

Postby yarrgh » Thu Mar 01, 2018 5:59 pm

It's not very intuitive because the original intent was for internal testing, but when you go to your firewall on the network tab, there's a link before "Get Connected Devices", that name refers to your filter type. It most likely says "Managed". If you click the link TM will attempt to verify that the filter is configured correctly. This checks to make sure that the firewall is configured with the correct DNS servers and that our 3rd party vendor has the firewall's public IP registered with them. If everything checks out, you'll see a green success message. If not, I'd suggest contacting the GSC for further troubleshooting.

While this doesn't exactly confirm whether the filter is completely working on end user devices (possibly because of other network issues/configurations), it is a major factor in filtering not working.

lajackson
Community Moderators
Posts: 7681
Joined: Mon Mar 17, 2008 9:27 pm
Location: US

Re: TM Questions Since the Upgrade to Meraki Firewalls

Postby lajackson » Thu Mar 01, 2018 8:16 pm

yarrgh wrote:If everything checks out, you'll see a green success message.

I can't ping one server and it says it is offline, but I do get the green success message when I click on Managed.

yarrgh
Church Employee
Church Employee
Posts: 69
Joined: Mon Dec 23, 2013 1:54 pm

Re: TM Questions Since the Upgrade to Meraki Firewalls

Postby yarrgh » Thu Mar 01, 2018 8:53 pm

lajackson wrote:I can't ping one server and it says it is offline, but I do get the green success message when I click on Managed.


The check doesn't require that the firewall be online. TM will talk to Meraki's cloud service and make sure that it is configured correctly. TM never talks to the Meraki firewall/device directly.

Because of this, even if the firewall is completely offline, TM can still update the configuration. This allows all device configurations worldwide to be kept up to date. The updated configuration will be pushed to the device when it comes online. What's cool about this behavior is that you can activate a firewall while it is still in the box and then when it is connected to the Internet it'll download its activated configuration. Not really practical in most real world scenarios and won't ever be officially documented anywhere.

Currently, there's no way for TM to know if the latest config has been pushed to the firewall/device. There's no API for it yet. GSC and other support roles do have the ability to check, if needed.


Return to “Meetinghouse Internet”

Who is online

Users browsing this forum: No registered users and 1 guest