We have identified a bug in Fireware 12.5 that causes a Firebox with DNSWatch enabled to stop sending updates to DNSWatch. This can affect the behaviors of DNSWatch, specifically:
1) DNSWatch cannot apply any customized blacklisting or whitelisting of domains
2) DNSWatch cannot record the Firebox's DNS traffic history
WatchGuard has published an official Knowledge Base Article, which you can find here:https://watchguardsupport.secure.force.com/publicKB?type=KBKnownIssues&SFDCID=kA40H000000k9hGSAQ&lang=en_US
The current workaround is to disable and re-enable DNSWatch on the impacted Fireboxes.