Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

NBAR Blocking DNS for a PC

Solved
Bala1
Here to help
‎Jul 12 2023 3:00 PM
‎Jul 12 2023 3:00 PM

NBAR Blocking DNS for a PC

I see this error on MX 

Source IP: 192.168.128.55, Source Port: 43467, Destination IP: 9.9.9.10  « hide

Destination Port53
ProtocolUDP
Block TypeDNS
NBAR ID3086
Classification 
Layer 7 firewall ruleDeny

Category : NBAR

Event Type : Layer 7 rule

 

is there anyway to unblock or allow this? Blocking DNS like this is a headscratcher ? Any help would be appreciated.

Labels:
0 Kudos
Subscribe
1 Accepted Solution
Brash
Kind of a big deal
Kind of a big deal
‎Jul 12 2023 3:49 PM
‎Jul 12 2023 3:49 PM

Your Layer 7 firewall rules have detected and blocked a DNS request based on NBAR ID 3086 (OpenX Advertising).

The blocking of the DNS request is part of the Meraki MX functionality.

 

NOTE: DNS traffic (TCP/UDP Port 53) may also get blocked by Layer 7 rules if it contains a query for a domain the rule in question covers.

For example, you may see a block on UDP port 53 classified as "abc.com" if the "All News" rule is configured on Dashboard, and a user device sends a DNS query for said domain. 

 

Mapping Layer 7 Firewall Rules to NBAR IDs - Cisco Meraki

View solution in original post

Subscribe
4 Replies 4
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jul 12 2023 3:23 PM
‎Jul 12 2023 3:23 PM

Don't you have any layer 7 firewall rule blocking it?

 

Can you show your firewall configuration please?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
In response to alemabrahao
Bala1
Here to help
‎Jul 12 2023 4:06 PM
‎Jul 12 2023 4:06 PM

I do. I’m blocking all Advertising and some countries. 

0 Kudos
Subscribe
Brash
Kind of a big deal
Kind of a big deal
‎Jul 12 2023 3:49 PM
‎Jul 12 2023 3:49 PM

Your Layer 7 firewall rules have detected and blocked a DNS request based on NBAR ID 3086 (OpenX Advertising).

The blocking of the DNS request is part of the Meraki MX functionality.

 

NOTE: DNS traffic (TCP/UDP Port 53) may also get blocked by Layer 7 rules if it contains a query for a domain the rule in question covers.

For example, you may see a block on UDP port 53 classified as "abc.com" if the "All News" rule is configured on Dashboard, and a user device sends a DNS query for said domain. 

 

Mapping Layer 7 Firewall Rules to NBAR IDs - Cisco Meraki

Subscribe
In response to Brash
Bala1
Here to help
‎Jul 12 2023 4:07 PM
‎Jul 12 2023 4:07 PM

Ah ok. This must be it. Thanks for the quick response. 

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.