DNSWatchGo clients behind Firebox

Were using DNSWatchGo on our notebooks and DNSWatch on our Fireboxes.
I suppose, we have DNS performance problems, when both are active. I checked one computer. DNS was set to ::1 and instead the "normal" DNS-Servers. Is it possible to deactivate DNSWatchGo automatically, when the machines runs in corporate network?

Thanks in advance for your answers.

Have a nice weekend :)

Dirk Emmermacher


  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Catweazle30169

    It's expected that the DNSWatchGO client will change the DNS addresses on the PC. This is how it captures all DNS traffic and ensures that it is being scanned.

    If DNSWatchGo is set up in conjunction with a Firebox on premise, this should speed up communications -- if you're having performance issues, I'd suggest opening a support case so that one of our technicians can look into what the performance issue might be.

    Thank you,

    -James Carson
    WatchGuard Customer Support

  • Hello James.
    Thanks for your answer. For the moment Its only a suspicion. The documentation don't give any informations here. I would expect, that DNSWatchGo knows, when the system is behind the corp firebox and let bypass DNS-traffic.

    Stay healthy!


  • We have similar problems ... when our laptops are behind the firebox, our local web sites / servers are blocked.

    The firebox applies security (webblocker, http, https, etc.) and DNSWatchGo also applies DNS filtering

    The only way our laptops work is to manually put the laptops that are on site to an unrestricted DNSWatchGo profile ...

    Someone has a trick or a workaround

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @ArtoUser
    The DNSWatchGo Client can detect being "behind" specific sites if that is set up.

    If the client is unable to get out to the internet at all, it's likely that the firebox is not allowing DNS traffic outbound to the servers DNSWatch is trying to use.

    If you're unable to determine what policy might be doing that, I'd suggest opening a support case and one of our support reps can help. (Please don't post your policy set here, as the forums are visible to anyone on the internet.)

    -James Carson
    WatchGuard Customer Support

  • Just started onboarding clients this past weekend and was super happy. Then we hit the wall yesterday morning after 2 weeks of solid trials. It definitely shook our confidence when it shit the bed on day two in production. Bad luck, or?

  • You haven’t explained the problem that you are seeing

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @yaaraaja

    I'm happy to help if you're having issues with DNSWatch. We'd need to know more about the problem you're running into. What did you attempt to configure? What are you and your users seeing?

    If you have an open case, please reply with the case number and I'd be happy to ensure it's with the correct team to help you as quickly as possible.

    I checked your account, and your post appears to be made ~1 minute after your account was created. I don't see any DNSWatchGo licenses or trials on your account.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.