IoT zone to deny all WAN access except

I have several VLANs and interfaces setup. One of them is an IoT network which will deny access to the WAN via a firewall zone. I would like to allow access to single address on the WAN so that push notifications from cameras can be sent. I thought adding a firewall rule like this would allow it but it does not allow a connection out (I thought I was verify functionality to any address on 443 initially and they try to lock it down to the single ones). What am I missing?

Ah, I needed to allow dns as well. I have pi-hole running on a separate zone. This worked:

I had to hard-code the IP of into the rule. Is there an easy way to use the domain name rather than the numerical?

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.