I want to restrict access for users via VPN to certain IPs

But the rule config can only take a single IP or a range

But I need to give access to & again to (which
is DNS server)
If I restrict only for the first range user would not have access to DNS
server (and that would be problematic)

I do not want users to have access to the servers between 8-33

How to do it?