FGFW Behind Home WiFi Router

Hello all! Long time reader, first time poster. I apologize if this is already discussed or should possibly be in the Routing area. My googling has let me down. Thanks in advance!

An unusual setup: Essentially what I need to do is give a FGFW 30E to an employee for home use to limit and control access on a single host computer. We want to keep the home network untouched, so we plan to have the person plug the FGFW's WAN into an available port on their existing WiFi router (which is then plugged into a standard cable modem). Computer is plugged into LAN1. I've created a LAN zone that includes LAN1 interface. (I deleted the default Hardware Switch that comes preconfigured.)

I'm testing this at my home and here's what I've run into.

If I create a policy allowing all traffic from LAN to WAN, the host computer operates just fine, can browse all the interwebs.

However, if I modify that same policy to only allow traffic from that single Host IP to specified FQDNs (and the DNS IPs the host is using (8.8.8.8,8.8.4.4)), I get an unwanted experience on the host. The FQDNs take 5+ minutes to load, Chrome browser takes 5+ minutes to load...

No other policies are in place. No static routes.

Obviously I must be missing some simple setting or additional policy on my FGFW if it works fine when I do not limit the Destination addresses of the policy.

Do I need another policy of some sort? Some kind of static route?

Let me know what configs or settings you might need to see.

WAN Interface is set to DHCP (which picks up a private IP from the WiFi router); and the FGFW sees the real public IP as the "WAN IP" in the Dashboard>Status>System Info