Meraki

Community

FQDN Google

Solved
Fabian1
Getting noticed
‎Oct 27 2021 3:00 AM
‎Oct 27 2021 3:00 AM

FQDN Google

Hi everyone,

 

I'm trying to build FQDN rules for direct Google access. I build almost all URLs that are listed here: https://support.google.com/a/answer/2589954?hl=en

 

But I stuck with one last rule: *.clients[N].google.com

 

Rules with *.*.google.com  are not allowed, and I guess *.google.com will not match the entry.

Do you have any suggestions how to fix that? 

 

I couldn't find any documentation with more detailed queries. 

 

Thanks a lot 

Fabian

0 Kudos
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 27 2021 1:09 PM
‎Oct 27 2021 1:09 PM

I would do a packet capture on port 53 (DNS) and look at all the DNS entries actually being used.

 

I actually have a tool that can injest packet captures and turn them into firewall rules in a group policy.

https://www.ifm.net.nz/cookbooks/meraki-sas.html 

View solution in original post

2 Replies 2
cmr
Kind of a big deal
Kind of a big deal
‎Oct 27 2021 7:06 AM
‎Oct 27 2021 7:06 AM

@Fabian1 in general the * should mean anything inlcluding . so *.google.com should match it (and a lot more).

If my answer solves your problem please click Accept as Solution so others can benefit from it.
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 27 2021 1:09 PM
‎Oct 27 2021 1:09 PM

I would do a packet capture on port 53 (DNS) and look at all the DNS entries actually being used.

 

I actually have a tool that can injest packet captures and turn them into firewall rules in a group policy.

https://www.ifm.net.nz/cookbooks/meraki-sas.html 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.