Possible network loop?
I have another question about the DNSWatch configuration:
I use an internal DNS server and set the IP address at the top of the global DNS server list in the Firebox, as recommended in the instructions. Enforcement is disabled.
On my DNS server, I now enter the IP address of the Firebox as the DNS forwarder. (As described in the Help Center under “DNSWatch DNS Settings Precedence on a Firebox” , if DNSWatch enforcement is disabled)
Doesn't the DNS query then go round in circles permanently?
The internal DNS server forwards DNS queries to the Firebox. The Firebox has the internal DNS server entered as its first DNS server. According to the instructions, this has priority over DNSWatch, and the query then goes back to the internal DNS server... and so on.
Answers
Hi @Olix
The conditional DNS forwarding settings are there to prevent a loop:
(About DNS Forwarding) - near the bottom of this article
https://www.watchguard.com/help/docs/help-center/en-us/Content/en-US/Fireware/networksetup/dns_forwarding_about.html
-James Carson
WatchGuard Customer Support