There will be two domains for this issue: footballnsw.com.au and tenantsvic.org.au.

Both these domains resolve to the same IP.

It is necessary to block footballnsw.com.au and allow tenantsvic.org.au. If the firewall policy is used to block an FQDN (using an FQDN object), both domains will be blocked. Instead, use one of the following:

1. Web filtering to allow FQDN or block it using URL filter table. This requires web filtering license and deep inspection profile
2. Using Local Domain filter in DNS profile to block traffic

After this DNS filter logs will show as follows:

date=2024-07-25 time=12:41:06 eventtime=1721875266099252237 tz="+1000" logid="1501054400" type="utm" subtype="dns" eventtype="dns-response" level="warning" vd="root" policyid=2 poluuid="fe46c770-4a2e-51ef-653d-e22beadbf7ca" policytype="policy" sessionid=1118 srcip=10.14.2.106 srcport=64433 srccountry="Reserved" srcintf="port2" srcintfrole="undefined" dstip=10.56.255.20 dstport=53 dstcountry="Reserved" dstintf="port1" dstintfrole="undefined" proto=17 profile="test" xid=53595 qname="footballnsw.com.au" qtype="A" qtypeval=1 qclass="IN" ipaddr="208.91.112.55" msg="Domain was blocked because it is in the domain-filter list" action="redirect" domainfilteridx=1 domainfilterlist="test"