USG FLEX 500 - DNS white list doesn't work over the DNS general classification

Options
GateArray
GateArray Posts: 10 image  Freshman Member
First Answer First Comment Friend Collector Sixth Anniversary
in Security

Ciao

I got a problem regarding wrong DNS classification.

A site of a customer as been classified as "phishing".

I put that dns on "DNS ALLOW LIST" section, but the block persist.

image.png

if i try the make a simple "ping" this is the FW response:

image.png

It seems that "DNS ALLOW LIST" is working properly.

USG FLEX 500

5.41(ABUJ.0) 2025-09

Any idea?

All Replies

  • PeterUK
    PeterUK Posts: 4,411 image  Guru Member
    250 Answers 2500 Comments Friend Collector Eighth Anniversary
    edited January 31

    Try the following by SSH or web console

    ip dns server cache-flush
debug content-filter https-domain-filter cache flush

    There is a DNS flush you can try in monitor > security Statistics > DNS content filter

  • Zyxel_Melen
    Zyxel_Melen Posts: 4,532 image  Zyxel Employee
    Zyxel Certified Network Engineer Level 1 - Switch Zyxel Certified Network Administrator - Switch Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate

    Hi @GateArray

    Thos domain is classified as business.

    image.png

    Now, you should be able to access without issue.

    Zyxel Melen


Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)