Yes, you can use a watchguard firewall as dns server, correctly as a dns forwarder. The firewall will accept dns queries and forwards the queries to a dns server.
Unfortunately you cannot configure the dns forwarder with the web interface or the system manager. You have to use the command line interface. You can use a SSH Client like putty on TCP Port 4118 to connect the cli or ssh on a linux shell
ssh IP-Watchguard -p 4118
You can show the dns configuration with: show ip dns
WG#show ip dns
— DNS Properties
Domain name :
DNS forwarding: Disabled
Number of server(s): 1
— DNS Server(s)
In this example is DNS forwarding disabled. To enable the feature go in the configure mode and put
ip dns forwarding enable.
WG(config)#ip dns forwarding enable
To disable DNS forwarding use
no ip dns forwarding enable.
WG(config)#no ip dns forwarding enable