NBAR blocking traffic to Umbrella DNS

SOLVED
jrsilvius
Getting noticed

NBAR blocking traffic to Umbrella DNS

I'm having more issues with 16.16 on my MX65.

We have a layer 3 rule to allow UDP traffic on port 53 to any.

My MX is blocking my Umbrella devices from talking to 208.67.220.220 and 208.67.222.222 reporting them as Xbox Live.

jrsilvius_0-1662572738023.png

Short of allowing all gaming, which I will not do, how do I fix this?

Any thoughts. The NBAR crap that Meraki introduced in 16.x is causing nothing but headaches for me.

1 ACCEPTED SOLUTION
PhilipDAth
Kind of a big deal
Kind of a big deal

You are going to need to open a support case to get this classification fixed.

View solution in original post

6 REPLIES 6
ww
Kind of a big deal
Kind of a big deal

16.16.4 had nbar improvements.

Are you using 16.16.4 or .5?

jrsilvius
Getting noticed

16.16, I haven't tried any of the additional patches as they didn't help my other NBAR issues in my other locations.

Bindhiran
Here to help

Hi,

 

Can you try adding those IPs to the white listing of the content filter?

I haven't tried that, but I'll give it a go. It didn't seem to help with the other NBAR issue I was having, so not sure if it will for this either. Also, the Allow List states that it is for specific URLs, so don't know if it will allow IPs.

jrsilvius_0-1662584764975.png

 

PhilipDAth
Kind of a big deal
Kind of a big deal

You are going to need to open a support case to get this classification fixed.

They told me I needed to deny all the Layer 7 "gaming" category devices individually except for Xbox Live. That doesn't sound like a very good solution to me.

jrsilvius_0-1662994287120.png

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels