Shows Unavailable when blocking Internet & DNS

[Nuuki9]

I'm struggling with getting a fully localised setup working. I've gone through discussions here and thought I understood what was needed, but no luck. I'm using a UniFi Dream Machine Pro SE.

I have a number of bulbs that are provisioned and working - I can control them using LT just fine, when they have Internet access. They sit in a dedicated VLAN (separate VLAN to Home Assistant) and I've now configured the firewall to limit outbound connections as follows:

• Allow access to Home Assistant server (all ports).
• Block access to all other local networks.
• Block all Internet access.
• Block all DNS requests (to router or other remote hosts).

This works initially, but if I reboot a device, it shows an Unavailable in Home Assistant. I hoped that blocking DNS would resolve this, but no luck. Once I open up Internet access again, it works (even with DNS still blocked). I have uninstalled the Smart Life app from all devices.

So, am I misunderstanding what I need to filter, or do I have the right understanding? If this should work then presumably I'm implementing the firewall rules wrong. I'd be fine with that, but wanted to check I had the right undertanding.