USG 200 Felx, filter DNS over TLS (DoT) and DNS over HTTPS (DoH) ?

Options
Motivio
Motivio Posts: 21  Freshman Member
First Anniversary Friend Collector
Hi, how can I filter DNS over TLS (DoT) and DNS over HTTPS (DoH) on the current USG 200 Flex?
I found this article, but it only talks about ATP.
https://community.zyxel.com/en/discussion/13220/2022-issue-10-why-browsers-can-be-a-security-loophole#latest

Accepted Solution

  • PeterUK
    PeterUK Posts: 2,876  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited April 2022 Answer ✓
    Options

    If your wanting to block DNS over HTTPS here is the IP list

    104.16.249.249

    104.16.248.249

    34.210.121.31

    34.223.130.205

    34.217.188.66

    34.216.198.143

    37.252.230.153

    52.84.140.60

    52.84.140.75

    52.84.140.11

    52.84.140.89

    52.42.151.74

    209.250.226.191

    52.25.93.75

    52.84.140.38


All Replies

  • Zyxel_Jeff
    Zyxel_Jeff Posts: 1,104  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    edited April 2022
    Options

    This feature will be supported in the next official firmware on the ATP models, but not including USG Flex models.

  • Motivio
    Motivio Posts: 21  Freshman Member
    First Anniversary Friend Collector
    Options

    This feature will be supported in the next official firmware on the ATP models, but not including USG Flex models.

    Any way to implement such a filter on the USG Flex models manualy?
  • PeterUK
    PeterUK Posts: 2,876  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer
    edited April 2022 Answer ✓
    Options

    If your wanting to block DNS over HTTPS here is the IP list

    104.16.249.249

    104.16.248.249

    34.210.121.31

    34.223.130.205

    34.217.188.66

    34.216.198.143

    37.252.230.153

    52.84.140.60

    52.84.140.75

    52.84.140.11

    52.84.140.89

    52.42.151.74

    209.250.226.191

    52.25.93.75

    52.84.140.38


Security Highlight