• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos1 Stats

Thoughts on the CORE Cloud DNS fail and using a second router to "Daisy-Chain" CORE to another router

Ref:  Thoughts on the CORE Cloud DNS fail and using a second router to "Daisy-Chain" CORE to another router for continued internet access.

Just wanted to pass on some helpful insight after the epic CORE DNS fail over the last week or so ago.  And now that is been confirmed theres no arguing what happened: Official Symantec Statement Concerning Internet Outage Last Week

As most have experienced, its completely unexcusable to be without internet connectivity due to forces we cannot control because of a CORE DNS fail, and to top it off I still get random connection drops with the CORE forcing me to hard restart it...  To rectify the issue directly I brought back my old router until they could fix "their issue" and get the DNS back up and running.  I then realized no one ever responded to my question about "daisy-chaining" another router to the CORE: Daisy chain Core to another separate router and I wondered if this would work.

I ran my own test for 5 days now with 100 percent positive results.  Heres what I did.  

1) Connected my old ASUS AC 3100 wireless router directly to my modem and used a different SSID on that ASUS router.  2) Connected the CORE and used a separate/different SSID on that device and connected it directly to the ASUS LAN Gigaport #1 on the ASUS router.  3) Powered up all devices.  So recap; its now connected as: modem - ASUS router - CORE

And would you know it, its working flawlessly.  The only notice I got was CORE saying it cannot protect the connections hooked directly to the ASUS routers SSID.  We know this...

So now the question is, why did I do this and how does it help?  Well all my "Internet of Things (IOT)" devices and those that cannot run a stand alone AV are connecting to the CORE SSID.  This way all of those devices are protected by the CORE's intrusion protection, nortons DNS for web searches and the deep packet inspection.  All of my devices that CANNOT be without internet (work laptop and phones etc...) are connected to the CORE's SSID, BUT also have the ASUS' SSID in them as a fall back.   So when CORE decides to have a "fail moment" my work laptop and phones divert directly to the ASUS router SSID and "voila" I don't lose internet connectivity! (Thanks ASUS ;) router!)

So I hope this helps.

In closing: Norton, we are NOT your beta testers.  Release only when the product has been FULLY tested and don't pass this on to the customer base just to make a quick buck!

Replies

Kudos0

Re: Thoughts on the CORE Cloud DNS fail and using a second router to "Daisy-Chain" CORE to another router

Wow, thanks for this @Dave628 -- I'm going to try this.

Thanks!

Kudos0

Re: Thoughts on the CORE Cloud DNS fail and using a second router to "Daisy-Chain" CORE to another router

Wouldn't it be simpler just to use something other than Norton DNS?

Kudos0

Re: Thoughts on the CORE Cloud DNS fail and using a second router to "Daisy-Chain" CORE to another router

@SendOfJive

No, because that only solves one of the many issues with the CORE; the cloud DNS issue being only one of the many issues.  The CORE is still disconnecting intermittently through out the week and I need for my network to be online when Im in important calls or discussions with clients.  Also I want the Norton DNS to be available to protect my IOT devices.  

You may also want to use caution when changing your DNS to other DNS' and understand the consequences.    See this link: https://developers.google.com/speed/public-dns/faq also copied below:

Does Google Public DNS offer the ability to block or filter out unwanted sites?

No. Google Public DNS is purely a DNS resolution and caching server; it does not perform any blocking or filtering of any kind, except that it may not resolve certain domains in extraordinary cases if we believe this is necessary to protect Google’s users from security threats. But we believe that blocking functionality is usually best performed by the client. If you are interested in enabling such functionality, you should consider installing a client-side application or browser add-on for this purpose.

Kudos0

Re: Thoughts on the CORE Cloud DNS fail and using a second router to "Daisy-Chain" CORE to another router

Hello Dave628 Simply stated you are in a NAT-NAT configuration. Meaning everything NOT directly connected to Core isn't protected by Core. In essence your Asus router is exposed and vulnerable as well as everything connected to it. Unless of course you have port 113 ident closed. For me I just enable the wifi on the FIOS router when all goes goofy. I have to have its DHCP enabled anyway for TV/VOIP.

Cheers

Retired military (Navy 1980-2002) AO1 (AW) Aviation Warfare Specialist "From DOS to Windows10 what a journey it has been" / MS Certified Professional / Windows 10 Professional x 64 version 1809 / build 17763.437 / NCSP 22.17.0.183 / Norton Core v.282 on Android 1.93
Kudos0

Re: Thoughts on the CORE Cloud DNS fail and using a second router to "Daisy-Chain" CORE to another router

@SoulAsylum

Yes. 

Lol, but lets not be so dramatic in the statement "In essence your Asus router is exposed and vulnerable as well as everything connected to it."

Not to go into to many details; but with the latest firmware from ASUS and Trend Macros AiProtections enabled the devices that connect to the ASUS router when CORE fails all have stand alone AV protections installed at the client end. Thats what I meant above by saying "Well all my "Internet of Things (IOT)" devices and those that cannot run a stand alone AV are connecting to the CORE SSID.  This way all of those devices are protected by the CORE's intrusion protection, nortons DNS for web searches and the deep packet inspection. All of my devices that CANNOT be without internet (work laptop and phones etc...) are connected to the CORE's SSID, BUT also have the ASUS' SSID in them as a fall back."

Thanks for your thoughts.

Kudos0

Re: Thoughts on the CORE Cloud DNS fail and using a second router to "Daisy-Chain" CORE to another router

Lol ok!! Nothing dramatic meant, exposed is exposed. Unfortunately I fall into the NAT-NAT category thanks to FIOS.

Cheers

Retired military (Navy 1980-2002) AO1 (AW) Aviation Warfare Specialist "From DOS to Windows10 what a journey it has been" / MS Certified Professional / Windows 10 Professional x 64 version 1809 / build 17763.437 / NCSP 22.17.0.183 / Norton Core v.282 on Android 1.93
Kudos0

Re: Thoughts on the CORE Cloud DNS fail and using a second router to "Daisy-Chain" CORE to another router

Yes, exposed is exposed as you stated SoulAsylum and we are all exposed anyways regardless of the router we all choose to access the internet with whether that be the CORE or another brand of router or both.  

Why, because CORE can only catch/check HTTP "non-encrypted" traffic.  Deep Packet Inspection and HTTPS | Norton Community Since the Snowden revelations and exposures a majority of internet traffic is either currently HTTPS (TLS) "secured" or shifting to HTTPS (TLS) secured sites.  

77 Percent of Google Internet Traffic Now Encrypted | News & Opinion ...

Google says 77% of its traffic is encrypted - Mashable

Half the Web Is Now Encrypted. That Makes Everyone Safer | WIRED

So the CORE essentially in itself cannot do anything with compromised secured traffic making it onto/to your end point anyways, which means even with CORE your "exposed" in some way. That essentially leaves it up to the AV software solution that you choose to install on your device or end point to handle what gets past the CORE via encrypted channels onto your end point(s).  Thats why Norton Security Suite is included that in our subscription of the CORE.  

But exposed is exposed...and wait for it...everyone is exposed, your correct.

Kudos0

Re: Thoughts on the CORE Cloud DNS fail and using a second router to "Daisy-Chain" CORE to another router

I was finally able to turn off CORE DNSSEC today from the mobile app.  None of my configurations through the app were being saved.  Switching to the ISP DNS allowed me to regain functionality on my mobile devices using Norton Mobile Security app.  Internet availability through the CORE DNS for all my connections has been miserable since the initial outage.  Support has been even worse. I have some offshore support center leaving messages on my phone but there is no viable call-back number.  I have not bridged the core to the residential gateway because I fear I won't be able to easily fall back when the CORE DNS goes down as it does almost daily! How do I get an RMA and get out from under this mess? 

Kudos0

Re: Thoughts on the CORE Cloud DNS fail and using a second router to "Daisy-Chain" CORE to another router

Lanexile Give support a chat regarding an RMA. There are time restrictions for returning the product however they may be able to assist with that. http://norton.com/chat

Cheers

Retired military (Navy 1980-2002) AO1 (AW) Aviation Warfare Specialist "From DOS to Windows10 what a journey it has been" / MS Certified Professional / Windows 10 Professional x 64 version 1809 / build 17763.437 / NCSP 22.17.0.183 / Norton Core v.282 on Android 1.93

This thread is closed from further comment. Please visit the forum to start a new thread.