Hi,
I had a situation with some instants where the DNS requests were blocked, even though I had explicitly allowed them. It is for guest traffic, that is using a corp DNS on 192.168.0.0 network.
The rules were as such,
svc-dhcp any allow
svc-dns any allow
any network 192.168.0.0/16 deny
any any permit
No response from the DNS server on 192.168.100.250. Unless I've misunderstood the firewall rule, this should have worked?
The clients are also on a 192.168.154.0 subnet as well, so maybe that has something to do with it.