DNS block is working as expected but it would be great if a custom error message would be available for end user. I know it’s possible on AXIS Security ZTNA solution, that also allows DNS blocking, but it seems to use a custom SSL certificate imported to the machine so I believe it uses SSL interception to do so. But maybe this could be achieved by using Squid as suggested in Split Web Traffic feature embedded on FerrumGate UI