DNS watch isn't working
I'm trying to get dns watch to work. I have setup the dnswatch at https://dnswatch.watchguard.com/. I have set my dns server for my dhcp leases to give out the two dns servers for the US from watchguard.
54.174.40.213
52.3.100.184
When I check an ipconfig /all, I see the clients have those IP addresses. The IP address it shows for my network matches what I see if I google "what is my IP." So, they have my correct public IP address.
But, none of the DNS requests are showing up in dnswatch. It has never logged anything.
0
Sign In to comment.
Comments
Did you enable DNSWatch in your config?
If not, you must.
Simply using the above DNS server IP addrs is not enough.
Enable DNSWatch on Your Firebox
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/services/dnswatch/dnswatch_enable_c.html
I think it is. See the two images...
Are you seeing anything in DNSWatch now?
It looks like DNSWatch became activated some time after your initial post.
no, hasn't changed. same thing.
There is no data available for this time period
last screenshot to show that my dhcp lease dns servers match what watchguard says they're supposed to be.
FYI - you don't need to use the DNSWatch server IP addrs in your DHCP settings.
When DNSWatch is activated, it intercepts DNS traffic to the Internet.
From the docs:
. Enabled —the Firebox redirects all outbound DNS requests from that interface to DNSWatch DNS servers.
. Disabled — the Firebox redirects outbound DNS requests from that interface to DNSWatch DNS servers only when the DNS request is addressed to the Firebox.
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/services/dnswatch/dnswatch_enable_c.html
What do you have set for Usage Enforcement in the DNSWatch setup?
Here:
https://dnswatch.watchguard.com/settings/firebox/
Care to give details about the Policy = OrlowTribe ?
I use the Default policy, and I see a list of the Top Domains
Here's what I see.
I just verified that the SN matches my Firebox. (I accidently ordered one after I bought the one I'm using when I ordered a license.)
No idea why this does not appear to be working for you.
Time for a support case.
Use the Support Center link above.
Let us know what support finds out.