Configuring Inbound/Outbound Rules
The Endpoint client checks the firewall rules based on their sequence in the Rule Base. Rules are enforced from top to bottom.
The last rule is usually a Cleanup Rule that drops all traffic that is not matched by any of the previous rules.
Important:
When you create Firewall rules for Endpoint clients, create explicit rules that allow all endpoints to connect to all the domain controllers on the network.
Note - The Endpoint client do not support DNS over HTTPS.