Meraki Community

Fabian1 · ‎Oct 27 2021

Hi everyone,

I'm trying to build FQDN rules for direct Google access. I build almost all URLs that are listed here: https://support.google.com/a/answer/2589954?hl=en

But I stuck with one last rule: *.clients[N].google.com

Rules with *.*.google.com are not allowed, and I guess *.google.com will not match the entry.

Do you have any suggestions how to fix that?

I couldn't find any documentation with more detailed queries.

Thanks a lot

Fabian

PhilipDAth · ‎Oct 27 2021

I would do a packet capture on port 53 (DNS) and look at all the DNS entries actually being used.

I actually have a tool that can injest packet captures and turn them into firewall rules in a group policy.

cmr · ‎Oct 27 2021

@Fabian1 in general the * should mean anything inlcluding . so *.google.com should match it (and a lot more).

PhilipDAth · ‎Oct 27 2021

I would do a packet capture on port 53 (DNS) and look at all the DNS entries actually being used.

I actually have a tool that can injest packet captures and turn them into firewall rules in a group policy.

FQDN Google