Operational Defect Database
BugZero found this defect 2538 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3cESAQ
WSM v11.12.2 > Policy Manager disables DNS Forwarding in configuration of Fireboxes with older OS version
Last update date:
6/7/2017
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
11.x
11.10.x
11.10
11.10.1
11.10.2
11.10.3
11.10.4
11.10.5
11.10.6
11.10.7
Fixed releases:
v12.0
Description:
Issue
In WatchGuard System Manager v11.12.2 and later, if you use Policy Manager to save a configuration change to a Firebox installed with Fireware v12.1 or lower, Policy Manager automatically disables DNS Forwarding. During the save process, you might see an error message like: the fireware os version on this device does not support the dns forwarding protocol When this occurs, services that require DNS resolution can fail.
Workaround/Solution
If you upgrade your Firebox to Fireware v11.12.2 or later, you can enable DNS forwarding with Policy Manager or from Fireware Web UI. If this occurs on a Firebox with Fireware v11.12.1 or lower, you must use the CLI to re-enable DNS Forwarding. To learn more, see How to enable DNS forwarding (Fireware 11.12.1 and earlier). To avoid this issue in the future, you can: Use WSM v11.12.1 > Policy Manager to manage the Firebox.Use only Fireware Web UI to manage the Firebox.Upgrade the Firebox to Fireware v11.12.2 or later, if possible.
