diff --git a/infrastructure_files/getting-started.sh b/infrastructure_files/getting-started.sh
index b96598622..2d800eb11 100755
--- a/infrastructure_files/getting-started.sh
+++ b/infrastructure_files/getting-started.sh
@@ -169,7 +169,8 @@ read_proxy_docker_network() {
 read_enable_proxy() {
   echo "" > /dev/stderr
   echo "Do you want to enable the NetBird Proxy service?" > /dev/stderr
-  echo "The proxy exposes internal NetBird network resources to the internet." > /dev/stderr
+  echo "The proxy allows you to selectively expose internal NetBird network resources" > /dev/stderr
+  echo "to the internet. You control which resources are exposed through the dashboard." > /dev/stderr
   echo -n "Enable proxy? [y/N]: " > /dev/stderr
   read -r CHOICE < /dev/tty
 
@@ -182,11 +183,16 @@ read_enable_proxy() {
 }
 
 read_proxy_domain() {
+  local suggested_proxy="proxy.${NETBIRD_DOMAIN}"
+
   echo "" > /dev/stderr
-  echo "WARNING: The proxy domain MUST NOT be a subdomain of the NetBird management" > /dev/stderr
-  echo "domain ($NETBIRD_DOMAIN). Using a subdomain will cause TLS certificate conflicts." > /dev/stderr
+  echo "NOTE: The proxy domain must be different from the management domain ($NETBIRD_DOMAIN)" > /dev/stderr
+  echo "to avoid TLS certificate conflicts." > /dev/stderr
   echo "" > /dev/stderr
-  echo -n "Enter the domain for the NetBird Proxy (e.g. proxy.my-domain.com): " > /dev/stderr
+  echo "You also need to add a wildcard DNS record for the proxy domain," > /dev/stderr
+  echo "e.g. *.${suggested_proxy} pointing to the same server IP as $NETBIRD_DOMAIN." > /dev/stderr
+  echo "" > /dev/stderr
+  echo -n "Enter the domain for the NetBird Proxy (e.g. ${suggested_proxy}): " > /dev/stderr
   read -r READ_PROXY_DOMAIN < /dev/tty
 
   if [[ -z "$READ_PROXY_DOMAIN" ]]; then