PFsense with domain controller

Jesse

Hi Everyone,

Trying to setup a Pfsense test lab with Domain Controller. Both will be VM machines in Hyper-v.

SVR1 - PFsense (2 vNIC - for WAN & LAN)
SVR2 - DC, DHCP, DNS (LAN only)

any host connected to the domain should go to pfsense to access internet. not really sure where to start with this…..
any replies will be appreciated.

Thanks
Jes

heper

-disable dhcp server on pfsense
-enable dhcp server on DC, gateway=pfsense

done

Jesse

@heper:

-disable dhcp server on pfsense
-enable dhcp server on DC, gateway=pfsense

done

Thank you for your response
I am now having problem connecting client VM to domain controller.

The step up so far is within Hyper-v:

VM Pfsense
HOST
(ISPWAN - virtual Switch) WAN > 192.168.0.19 (obtaining from my router)
(InternalLAN - Virtual Switch ) LAN = 192.168.10.1

(InternalLAN - Virtual switch) DC/DHCP/DNS/WINS = 192.168.10.2, can ping 8.8.8.8, running DHCP scope 192.168.11.2-12

Not sure which Virtual Switch the Client PC should be attached with? InternalLAN? or do i create another Virtual Switch and attach both to DC and Client?

• Do i need add any WINS details in PFsense Webportal? any advice will be appreciated.

Thank you in advance

johnpoz

Why would you be using WINS anyway.. WINS has been deprecated for years and years.. Are you still running like windows 95/98?  Do you have some really really old application that still uses it.  Why are you still using it?  You more than likely have no use for it.  I would for sure evaluate why you believe you need wins still.

"(InternalLAN - Virtual switch) DC/DHCP/DNS/WINS = 192.168.10.2, can ping 8.8.8.8, running DHCP scope 192.168.11.2-12 "

Huh.. if your network is 192.168.10/24 why would your dhcp scope be 192.168.11/24 ??

Not sure what you mean by client PC - do you mean a machine on your physical network or another VM..  Your internal lan vswitch should be connected to your physical lan network that is also using 192.168.10/24 – only thing on your "wan" should be the interface on your host that is connected to your "wan" virtual switch that pfsense has its wan connected too.

You sure wouldn't connect another vswitch and connect your dc to that as well..

You need to make sure all members of your Domain are using your AD for dns.. So they can resolve your AD, etc.  Your AD dns would then forward to whatever public dns you want or do roots directly, or could forward to pfsense for dns and then pfsense could forward or resolver external dns for you, etc.

Jesse

@johnpoz:

Why would you be using WINS anyway.. WINS has been deprecated for years and years.. Are you still running like windows 95/98?  Do you have some really really old application that still uses it.  Why are you still using it?  You more than likely have no use for it.  I would for sure evaluate why you believe you need wins still.

"(InternalLAN - Virtual switch) DC/DHCP/DNS/WINS = 192.168.10.2, can ping 8.8.8.8, running DHCP scope 192.168.11.2-12 "

Huh.. if your network is 192.168.10/24 why would your dhcp scope be 192.168.11/24 ??

Not sure what you mean by client PC - do you mean a machine on your physical network or another VM..  Your internal lan vswitch should be connected to your physical lan network that is also using 192.168.10/24 – only thing on your "wan" should be the interface on your host that is connected to your "wan" virtual switch that pfsense has its wan connected too.

You sure wouldn't connect another vswitch and connect your dc to that as well..

You need to make sure all members of your Domain are using your AD for dns.. So they can resolve your AD, etc.  Your AD dns would then forward to whatever public dns you want or do roots directly, or could forward to pfsense for dns and then pfsense could forward or resolver external dns for you, etc.

I am very new into it, just wanted to learn more about networking, i am trying to setup a testlab.

Sorry, that was my error, it is sitting on 192.168.10.2-12.
I am trying to connect hyperv VM client.

On the pfsense VM i have 2 vNic attached, NIC 1 connecting indirectly to the router via hyperv server (on hyper-v i have ticked allow management OS system to share this network adapter) - this is where 192.168.0.19 is being obtained from
NIC 2 is Internal only - this is used for LAN on PFsense soo…

Router > Host    > 1 Network Adapter (shared connection)
                                      /
                          > 192.168.0.16 (HostIP) (using this to remote into the server)
                          > 192.168.0.19 (pfsense VMserver) on pfsense interface de0/WAN = 192.168.0.19 de1/LAN= 192.168.10.1

Hyperv VM DC is using Internal vSwitch (IP192.168.10.2).

"Your internal lan vswitch should be connected to your physical lan network that is also using 192.168.10/24" Dont have a physical lan network that is using 192.168.10/24 network.

much appreciated for your help.