User guide

Configuring the DNS Proxy Service
User Guide 123
The Firebox communicates with proxy servers exactly the same way that
clients normally do. Instead of a GET request from the Firebox to the
Internet looking like this:
GET / HTTP/1.1
It ends up looking like this, and the request is sent to the configured
caching proxy server instead:
GET www.mydomain.com / HTTP/1.1
The proxy server then forwards this request to the Web server mentioned
in the GET request.
To set up an external caching proxy server:
1 Configure an external proxy server, such as Microsoft Proxy Server
2.0.
2 Open Policy Manager with your current configuration.
3 Double-click the icon for your HTTP proxy service.
This can be either Proxy, HTTP, or Proxied-HTTP.
4 Click the Properties tab. Click the Settings button.
5 Enable the checkbox marked Use Caching Proxy Server.
6 In the fields below the checkbox, enter the IP address and TCP port of
the caching proxy server. Click OK.
7 Save this configuration to the Firebox.
Configuring the DNS Proxy Service
Internet domain names (such as WatchGuard.com) are located and
translated into IP addresses by the domain name system (DNS). DNS lets
users navigate the Internet with easy-to-remember “dot-com” names by
seamlessly translating the domain name into an IP address that servers,
routers, and individual computers understand. Rather than try to
maintain a centralized list of domain names and corresponding IP
addresses, smaller lists are distributed across the Internet.
The Berkeley Internet Name Domain (BIND) is a widely used
implementation of DNS. Some versions of BIND can be vulnerable to