Issues with DNS layer protection integration (Cisco Umbrella)

Head in the Cloud

Issues with DNS layer protection integration (Cisco Umbrella)

Hi guys,


I'm having issues with DNS layer protection integration (Cisco Umbrella).

We created a policy in Umbrella that blocks all categories and two specific URLs are released. The problem is that the hours integration works hours do not.

We performed a test by manually setting Google DNS on the network card and blocked all requests to Google DNS in our firewall and that way it worked, but if we left it configured to receive DNS via DHCP and removed the blocking rule for DNS the problem mentioned above occurs.

Do you know if there is a problem with this integration?

Getting noticed

Have you activated Umbrella under SD-WAN > Threat protection > Umbrella protection ?


For MR it's Wireless > Configure > Firewall & traffic shaping


I faced some problems too without activating the protection there...



The configuration is correct, but It looks like doesn't work properly.




The policy on Umbrella is correct too.


Kind of a big deal

Which DNS-servers did you assign by DHCP? And are you making sure the client is not using any DoT/DOH?

I'm using OpenDNS servers. Yes, I'm Because I performed a Lab at home.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.