Custom allow rules not working in group-level policy in Jamf Radar

Question

Hi,We’re using Jamf Radar and I created a group where internet access should be completely blocked except for a few allowed sites (internal tools and Jira, mostly).At the moment, full blocking works as expected. I then added some test domains under Custom Rules with "Allow" selected, but they’re still being blocked.What’s strange is that a domain like reddit.com, which is allowed via a custom rule inherited from the root level, works fine. But any domain added directly at the group level doesn’t work, even if the rule looks identical.Is there a known issue with group-level custom rules not applying correctly?Is there a better way to block all internet traffic for a group and only whitelist a few domains?Thanks,Michał

r0blee · Answer

From memory you can’t allow a subdomain or specific page when you’ve blocked the root domain. For example in your 2nd screenshot you have google.com blocked but are trying to allow workspace.google.com

As google.com is blocked, workspace.google.com would be blocked still (that and even if it did allow the subdomain “workspaces” there would likely be a number of backend services that use other google subdomains etc that would be blocked and so the page probably wouldn’t work properly anyway.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded