07-29-2020 12:55 AM
Hi Guys,
I have deployed the Cisco Umbrella and it's working fine. Now i have a new requirement, we have 5 internal subnets and the company wants to deny the DNS resolution request from 172.30.0.0/16 subnet expect for 172.30.111.0/24 segment on Umbrella.
Let me know how i can do this task.
Thanks
Solved! Go to Solution.
07-29-2020 02:01 AM
07-29-2020 01:50 AM
07-29-2020 01:55 AM
HI Rob,
Thanks for the response I'm using 2 VA and i have 1 custom security policy on Umbrella. You want me to create another policy on top of that custom policy to block everything for that subnet? and rest all subnet will use secondary policy to access the internet.
Let me know if my understanding is correct.
07-29-2020 02:01 AM
07-29-2020 02:05 AM
Hi Rob,
permit from 172.30.111.0/24
Deny everything 172.30.0.0/16
Alow policy for other subnets with all custom security
Default policy.
As you suggested will make the policy in this way.
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide