Updated my RBR50 to voxel firmware and I am still having Cannot Verify Server Identity issues.

[Nothingworks]

FIRMWARE:
- V9.2.5.2.22SF-HW (Voxel)
ISSUE:
- Cannot use the internet as there is a problem with the certificates still, even after updating to Voxel firmware. For example, Chrome on iOS gives this error when trying to visit sites:

- “This site can’t provide a secure connection
www.google.com sent an invalid response.
ERR_SSL_PROTOCOL_ERROR”



WHAT I’VE DONE:
- I updated to the very latest voxel firmware tonight after nothing else worked for three days. I went from the latest from Orbi then rolled back as the voxel instructions suggested before updating with their new one. I thought it was working but the dreaded “No internet connection” and “Cannot Verify Server Identity” issue is back. I have updated everything to voxal latest firmware, power cycled the modem, router and satellite but this problem is back.

- I checked the box to automatically adjust for daylight savings time, so now the Orbi router is the correct time.

- Remote Management On is enabled

- Internet Connection Type is set to Auto under IPv6 settings (this was originally disabled but I changed it and haven’t seen a difference in anything. Should I change it back?)



LOGS:

[DoS Attack: ACK Scan] from source: 216.220.52.141, port 8190, Friday, July 15, 2022 11:15:59

[admin login] from source 192.168.1.31, Friday, July 15, 2022 11:13:42

[DoS Attack: ACK Scan] from source: 216.220.52.141, port 8190, Friday, July 15, 2022 11:12:59

[UPnP set event: add_nat_rule] from source 192.168.1.28, Friday, July 15, 2022 11:12:41

[DoS Attack: ACK Scan] from source: 216.220.52.141, port 8190, Friday, July 15, 2022 11:06:58

[DoS Attack: RST Scan] from source: 122.225.209.220, port 80, Friday, July 15, 2022 11:05:39

[DoS Attack: ACK Scan] from source: 2.57.122.209, port 8981, Friday, July 15, 2022 11:05:04

[DoS Attack: RST Scan] from source: 106.13.244.80, port 19898, Friday, July 15, 2022 11:04:16

[DoS Attack: ACK Scan] from source: 216.220.52.141, port 8190, Friday, July 15, 2022 11:00:58

[DoS Attack: RST Scan] from source: 122.225.209.225, port 80, Friday, July 15, 2022 11:00:46

 

[R. Gerrits]

if you open a command prompt on your PC and do "nslookup google.com" what do you then see?
My guess is that it will return the ip-address from your router.

Can't recall the details, but in some cases some Netgear routers would "hijack" DNS and redirect all to the router, until you finished the configuration.
(with the idea that after factory defaults, you would automatically go to the router setup page. But now that router certificate is no longer trusted).

 

[HELLO_wORLD]

if you open a command prompt on your PC and do "nslookup google.com" what do you then see?
My guess is that it will return the ip-address from your router.

Can't recall the details, but in some cases some Netgear routers would "hijack" DNS and redirect all to the router, until you finished the configuration.
(with the idea that after factory defaults, you would automatically go to the router setup page. But now that router certificate is no longer trusted).

The NG DNS hijack is also used to catch the routerlogin page and takes place in iptables in the router. Modifying the rules (deleting it or accepting the packet before it) should allow to circumvent the problem (If it is what it is).