If your students are having trouble accessing Quill activities and you have already completed our other troubleshooting tips, they are likely encountering firewall issues.

Firewall issues will generally need to be dealt with by your IT Department. Our Engineering Team has written a message that you may send to your IT Department. Please see this message below.

"Hello,

Quill uses various subdomains and Firebase to store data, so please whitelist *.quill.org as well as *.firebase.com.

As of August 2016, Google has issued a new SSL certificate for all apps hosted by Firebase, causing issues with firewalls like FortiGate. AwesomeTable discovered this issue, and we have included their explanation and solution below.

The issue appears to be linked to the number of SANs in the certificate, which is almost a thousand. If you are a Fortinet user, you can enable/check "Inspect All Ports" in Policy & Objects > Policy > SSL/SSH Inspection > [your policy].

When "Inspect All Ports" is DISABLED (you're scanning specific ports), the FortiGate's proxyworker process is doing the SSL Inspection. The proxyworker isn't able to handle all of those SANs. However, if "Inspect All Ports" is ENABLED, SSL Inspection gets offloaded to the IPS Module, which is able to handle that number of SANs just fine.

Another solution is to write firewall rules to allow traffic with no certificate inspection for cdn.firebase.com (151.101.44.249), firebase.com, and quill.org. You can test Firebase access here https://www.firebase.com/test.html.

If you have any questions, please reach out to support@quill.org.

Thank you,

The Quill Engineering Team

Credit to AwesomeTable for discovering the source of this complication."

Please feel free to send a message to the Quill team using the green message bubble on the bottom right corner of the screen or email us at support@quill.org.