Unable to Apply new DNS policies (Cloudflare Gateway)

I am unable to apply new DNS policies in Gateway (Cloudflare For Teams).
Here are some Screen Shots.




DNS Settings

I just re-checked mine. Make sure you don’t have your old DNS policy. I just deleted the one policy under my old DNS tab and now it’s working as expected.

I also deleted that. currently I don’t have old DNS tab.

Your current DNS configuration is impossible (mostly) because we currently lack an OR operator. A website which is malware AND an adult website would be blocked. You want to block malware and adult content (I assume). Since the testcategory.com subdomain is singular in classification it fails.

Unfortunately at the moment you need to break that into 2 rules. I have a request in to fix/improve the operators here.

1 Like

I hope I understand you correctly. I created two separate rules. but still it don’t block adult websites and malware.testcategory.com.


DNS Src IP is the same as the Source IPv4 Address (This is prefilled based on the network you’re currently on) as in the Location.

My only theory is that Gateway isn’t triggering on your Src IP. I’m curious as to why the “Your configuration” screenshot doesn’t show the IPv4 addresses:

Here is mine

You may have to resort to using a Terminal on your computer to ‘dig’ some DNS queries.

My problem solve removing DNS Src IP entry from policy.

Thanks @sdayman & @cscharff for your help.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.