Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Firewall (MX100) doesn´t block Bitdefender DoH

Steven84
New here
‎Mar 28 2023 1:13 AM
‎Mar 28 2023 1:13 AM

Firewall (MX100) doesn´t block Bitdefender DoH

Hello!

 

We are using a Meraki MX100 Firewall and wanted to block the DoH service of Bitdefender (GravityZone) through it.

We also have a DNS Whitelistfilter in use. This is why we want to block any other DNS Service.

 

We have tried using the blocklist (Content Filtering) and firewall rules, but neither the URLs dns.bitdefender.net and lon-dns.bitdefender.net, nor the IP address 35.242.158.191 obtained through NSLOOKUP can be blocked.

 

The DoH function of Bitdefender cannot be deactivated.

 

We would be grateful for any assistance.

Labels:
0 Kudos
Subscribe
2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal
‎Apr 4 2023 10:27 AM
‎Apr 4 2023 10:27 AM

If you want to block other DNS services, why not only allow port 53 for the DNS you want to use and block it for the others?

 

Something like this:

 

alemabrahao_0-1680629241816.png

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
Steven84
New here
‎Apr 10 2023 10:29 PM
‎Apr 10 2023 10:29 PM

Thanks for the reply. Already tried that with no effect on the bitdefender dns. I found a solution by making an entry on the DNS server to redirect bitdefender to an non existing IP.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.