Issues with DNS layer protection integration (Cisco Umbrella)

alemabrahao
Kind of a big deal
Kind of a big deal

Issues with DNS layer protection integration (Cisco Umbrella)

Hi guys,

 

I'm having issues with DNS layer protection integration (Cisco Umbrella).

We created a policy in Umbrella that blocks all categories and two specific URLs are released. The problem is that the hours integration works hours do not.

We performed a test by manually setting Google DNS on the network card and blocked all requests to Google DNS in our firewall and that way it worked, but if we left it configured to receive DNS via DHCP and removed the blocking rule for DNS the problem mentioned above occurs.

Do you know if there is a problem with this integration?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
4 Replies 4
Fabian1
Getting noticed

Have you activated Umbrella under SD-WAN > Threat protection > Umbrella protection ?

 

For MR it's Wireless > Configure > Firewall & traffic shaping

 

I faced some problems too without activating the protection there...

alemabrahao
Kind of a big deal
Kind of a big deal

Hi,

 

The configuration is correct, but It looks like doesn't work properly.

 

alemabrahao_0-1647874938231.png

 

The policy on Umbrella is correct too.

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
KarstenI
Kind of a big deal
Kind of a big deal

Which DNS-servers did you assign by DHCP? And are you making sure the client is not using any DoT/DOH?

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
alemabrahao
Kind of a big deal
Kind of a big deal

I'm using OpenDNS servers. Yes, I'm Because I performed a Lab at home.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels