So we just got an MX84 to handle our guest internet traffic. We use Umbrella to provide basic filtering via DNS (block adult sites, malware, p2p, illegal sites, etc) and I created a rule to allow DNS to Umbrella's servers but block DNS to anything else, but the firewall still appears to allow the DNS traffic to pass to google's DNS (8.8.8.8) when I manually set DNS on a client on the network. I did a wireshark on the client to confirm the traffic is in fact going to port 53/UDP and it is but the firewall is NOT applying the configuration. The appliance says it's config is up to date.
![Dougbert_0-1595598040931.png Dougbert_0-1595598040931.png](https://community.meraki.com/t5/image/serverpage/image-id/14304i7EB4FCB71697CB35/image-size/medium?v=v2&px=400)