The ProxySG appliance event log reports that the primary DNS server continually fails appliance health checks.
By default, the appliance checks the DNS server every 10 seconds. If your DNS server is unable to resolve www.bluecoat.com (220.127.116.11), that health check fails and reports a health check failure to the appliance. If your DNS server doesn't resolve external DNS but you want to keep the DNS server in your appliance configuration to resolve internal addresses, you can try to disable the DNS health check as follows:
Refer to KB3022 for more information.
Note: Before disabling the health check, it may be prudent to verify if your appliance can in fact reach your internal DNS server. You can test this via the appliance CLI (telnet, SSH, or serial console) and issue a ping to the server. If the ping fails, check your network's routing configuration to verify the appropriate 'next hop' router that will send the traffic to your DNS server. Then, configure a static route on the appliance as follows: