Securifi Community Forum
Securifi Products => Almond and Almond A1A => Topic started by: Mojoscream on December 06, 2013, 03:37:01 pm
-
I've been trying to change my primary and secondary DNS servers to use either those from OpenDNS or Google's Public DNS. I've noticed that when I go in and check the Primary DNS is listed as the IP address of the Securifi Router (10.10.10.254), and the secondary is then Google's Primary address of (8.8.8.8). I'd like to change these over to use both of Google's Public DNS numbers (8.8.8.8 and 8.8.4.4 respectively). However I've noticed a significant speed decrease whenever I change the primary DNS entry to Google's (8.8.8.8). Should I keep the primary as the default, or can I change these? How do I address the speed issues?
-
I've been trying to change my primary and secondary DNS servers to use either those from OpenDNS or Google's Public DNS. I've noticed that when I go in and check the Primary DNS is listed as the IP address of the Securifi Router (10.10.10.254), and the secondary is then Google's Primary address of (8.8.8.8). I'd like to change these over to use both of Google's Public DNS numbers (8.8.8.8 and 8.8.4.4 respectively). However I've noticed a significant speed decrease whenever I change the primary DNS entry to Google's (8.8.8.8). Should I keep the primary as the default, or can I change these? How do I address the speed issues?
Doing so is a really bad idea.
Securifi is one of the few manufacturers to get this right. Your primary DNS server should be your Router. Unlike the Google Public DNS, and OpenDNS services, your Almond knows about your "local" equipment. This default configuration will allow your Almond to resolve your local equipment within your network, as well as answer inquiries for upstream equipment on the Internet.
Changing this so that you use "external" DNS servers only for your DNS servers will make it difficult to find your own mchines on your own network. Why would you want to deliberately break your networks probably only DNS server?
If your local DNS server is broken, then you'll need to use depreciated protocols like NetBIOS, WINS or Bonjour announcements in order to find your own equipment, which kind of defeats the purpose of owning a router in the first place. (Some people will find the default DNS configuration to be strange, simply because they've only ever used "broken" DNS configurations, which are unfortunately all too common in non-Securifi Routers).
Give the default configuration a chance. If you prefer to use your ISP (Internet Service Providers) DNS service, I would recommend putting it in as the secondary DNS server, (instead of Googles 8.8.8.8 server), but keep the primary one as the router itself, so that you don't break DNS on your local network. Besides the fewer "hops" it takes to reach your DNS server, the faster it will resolve addresses for you.
-
I've been using OpenDNS for years to avoid my ISP's slower service. Now I swapped my ASUS router for a Securifi Almond and I want to try changing the DNS server settings. Found Patrick's post and ran it past OpenDNS. They just don't know what to say ??? Never heard of Securifi. So I still want to try setting the secondary DNS server to OpenDNS and leave the primary one as the Almond router.
Using a cable modem and dynamic IP setting, I don't see anywhere to change DNS server settings. Is it even possible, or is this a dumb Q?
-
@ stuckfly,
Try to login to the Web UI-->Network--> Primary and Secondary DNS, let us know the status.
-
I would like to change to OpenDNS too. I have the Securifi Almond (https://smile.amazon.com/dp/B0087NZ31S) and went to the Web Admin and Network and changed the "Secondary DNS Server" to 208.67.222.123 which is the OpenDNS Family Shield Filter (redirects adult sites).
Both before and after a router reset I run a command prompt and get Google DNS for both.
8.8.8.8
8.8.4.4
I clicked on "Status" (http://10.10.10.254/basic/status.asp) and see "Primary Domain Name Server" and "Secondary Domain Name Server" which match the ipconfig command and show Google's two DNS servers. However, I cannot change those values as the whole Status is read-only.
I love the router but really want to change these to a family friendly DNS server. How can I do this?
Thanks,
Andrew
-
@ stuckfly,
Try to login to the Web UI-->Network--> Primary and Secondary DNS, let us know the status.
Sorry for the delay. Unexpected events. Anyway, per your instructions: Primary 20.10.10.254 and Secondary 8.8.8.8
I applied an OpenDNS nameserver "208.67.222.222" as Secondary DNS, but OpenDNS Updater still reports my Mac is not using OpenDNS.
Also, oddly, when I try to logout of the Almond WebUI I get a big red page with a warning: "Possible Phishing Website" for website: http://20.10.10.254/basic/logout.asp and the option to ignore the warning redisplays the warning. I can only Go Back, which puts me back on the WebUI still logged in. Annoying! Is Safari to blame?
-
Sorry for the delay. Unexpected events. Anyway, per your instructions: Primary 20.10.10.254 and Secondary 8.8.8.8
I applied an OpenDNS nameserver "208.67.222.222" as Secondary DNS, but OpenDNS Updater still reports my Mac is not using OpenDNS.
Also, oddly, when I try to logout of the Almond WebUI I get a big red page with a warning: "Possible Phishing Website" for website: http://20.10.10.254/basic/logout.asp and the option to ignore the warning redisplays the warning. I can only Go Back, which puts me back on the WebUI still logged in. Annoying! Is Safari to blame?
1. Could you check DNS settings on your Mac as well? If they are manually set to something else, they might override the settings on your Almond.
2. Could be Safari trying to "protect" you :P use firefox or chrome and see how it goes.
-
1. Yes, Mac DNS settings match Almond.
2. Correct, it's Safari managing me like Apple stuff is supposed to. Chrome handles the config logout just fine (but I'm sure it's dangerous, cuz it's not on the App Store :-\
So, since with the OpenDNS nameserver active, their client still says most of the time I'm not using OpenDNS, I put it back to 8.8.8.8
-
I would actually like some sort of configuration to secure the almond device we are using. The box allows recursive DNS queries, and can be used as part of a DDOS attack.
The almond device we are running has the latest software but contains a dated version of SSLv3 which is exploitable (http://disablessl3.com)
For a secure wireless adapter, it should have security patches applied, or be removed.
Is there anyway to turn off the DNS service? and update SSL?
-
@ tfigel,
As long as Almond is updated with the latest firmware, there shouldn't be any issues at all. However, let us know what is the firmware version you got on the Almond?