I have an isr4431 behind a firewalla purple and can't get my DNS to stay connected. My connection on my test pc flaps from connected to not connected. I can ping and traceroute across internet but can't use DNS to access sites.
I have DNS servers setup on sub int for my data vlan dhcp pool. DNS server is setup to DNS IP on firewalla and Google as secondary. I've even tried turned off monitoring on firewalla and placing into DMZ, no luck.
Setting up NAT did help get from test pc to firewalla inside int.
>>> DNS server is setup to DNS IP on firewalla and Google as secondary <<< renove the entry of the "DNS IP on firewalla", makint google DNS the primary/only DNS server in your DHCP settings if then the (google) DNS reachability is stable, then the firewalla does not respond as desired, => you need to look at the firewalla configuration,
as this is a Cisco forum , you may need to contact a firewala forum instead