Very new guy here, apologies in advance for what is probably a dumb and low importance question!

I have been tasked with looking after a site which has a pair of MX95 with 2 ISP's to provide a redundant SDWAN circuit for that office. Nothing running on site behind that except end users devices connecting to the internet so our firewall rules are no inbound and allow all outbound. The user endpoints themselves are protected using a SASE solution. 

I ran the Public facing IP address range on the two circuits through a Vulnerability Scanner (in this case Nessus Tenable) and it reported that UDP port 53 issue on one of the addresses has an issue ((Firewall UDP Packet Source Port 53 Ruleset Bypass
Vulnerability. HIGH PLUGIN ID11580))

The IP in the range that responds is not my MX95 virtual IP for WAN1 or WAN2 but rather the ISP Gateway router I hook on to. The ISP confirmed the same :

"X.X.X.X  are the default gateway for the meraki's these IP's sit on our access node equipment, were using port 53 udp for DNS resolution.
The access node are not firewalls they are core routing equipment not running any firewall policies towards the customer as all traffic though them is public to public. They are outside your network is their a requirement to scan them?"

So my silly question - would you simply ignore the IP address in my scan range as its the ISP equipment and not capable of causing me an issue - tweak my scan to only look at the virtual addresses on the SDWAN ?  I am hoping its that simple