Unable to remove a block policy from DNS

elhanan

New Member
Hello there, I added some domain name to be blocked in my network and I used the following command to do that:
Add-DnsServerQueryResolutionPolicy -Name "BlockListPolicy" -Action IGNORE -FQDN "EQ,*.somedomain.com" -PassThru
After I have done that in powershell that domain is filtered out not to be accessed. But after a moment I wanted to allow it so I executed the following command:
Remove-DnsServerQueryResolutionPolicy -Name "BlockListPolicy" -PassThru

I restarted my DNS Server, and still that website cannot be accessed. Can someone help me with this please...
 

elhanan

New Member
Check the names are added in hosts file under system32\drivers\etc\hosts
Hello thanks for your reply, DNS server's hosts file or my own PC hosts file? cause I didn't set that in my PC but I don't know about the DNS Server if the policy by default do that.
 

Neemobeer

Application and Cloud Security Engineer
Staff member
I would make sure you clear the DNS cache on the client side with Clear-DNSClientCache.
Removing the policy can take a very long time depending on how many zones and any other policies. (as in days some times).
You can also flush the DNS server cache with Clear-DNSServerCache.

Otherwise I'd look at wireshark and filter on DNS.
 

elhanan

New Member
I only have 8 Zones and its been already 5 days since I removed the policy. I tried Clear-DNSServerCache(I didn't restarted the dns server though in case that might be the case) it still not working.
 
Top