4. PFSense Windows Domain Computers Lockup

PFSense Windows Domain Computers Lockup

  • D

    Recently attempted to make the switch from Mono to PF.  After the switch domain computers across the network would lock up regularly at exactly 4am and 4pm.  A hard reset of the locked up domain PC would resolve the issue till the next cycle.  After removing the PFSense box and going back to Mono the issue stopped.  Clearly PFSense is running some sort of service or update at exactly 4:00 am/pm (CST by the way GMT-6).  Can anyone think of what PF might be doing at these times?  Any idea how I could monitor what it is doing manually?

    Stats:
    PFSense 1.2
    Dell Optiplex GX240
    P4 1.6ghz (Less than 1% CPU usage)
    512mb ram (PF showed 14% usage)
    20gb Hard Drive
    No packages other than default

    Windows Server 2003 Domain
    28 Domain Workstations
    2 Servers: SBS 2003, Svr 2003
    7 non-domain workstations
    48 port gigabit switch

    Things of note:
    Computers not connected to the domain (ie no domain logon) are not affected
    Domain PCs that are OFF are still affected on initial boot, hardboot again after first boot fixes issue
    Domain PCs lockup whether logged on or off of the individual machine
    The SBS Server handles DNS, the PF box handles DHCP

    Any ideas?  Need more info?  I really like the features of PFSense but obviously I can't continue with a problem like this.

    0

  • I run pfSense on a network with a Windows domain (not Active Directory) and I don't get any lockups.  I doubt that pfSense is the cause, though it may be the catalyst.

    Question - what is your DHCP lease - 24 hours?  The interval would point to to a DHCP lease refresh issue (refresh is at 50% of the lease).  Make sure that you've specified the correct DNS servers in the DHCP configuration, or switch to doing DHCP on the domain controller.  Check your other DHCP options too.

    0
  • D

    @Cry:

    I run pfSense on a network with a Windows domain (not Active Directory) and I don't get any lockups.  I doubt that pfSense is the cause, though it may be the catalyst.

    Question - what is your DHCP lease - 24 hours?  The interval would point to to a DHCP lease refresh issue (refresh is at 50% of the lease).  Make sure that you've specified the correct DNS servers in the DHCP configuration, or switch to doing DHCP on the domain controller.  Check your other DHCP options too.

    This is an active directory domain.  I like using the firewall for DHCP since they support Static DHCP.  Also I want to use the PXE boot server options of PFSense which are not supported by Windows DHCP.  Wouldn't the DHCP lease time be different on almost all PCs?  I thought lease time was specific to individual PCs.  DNS servers are correct, primary server as DNS1 and ISP DNS server as DNS2.  The same as it is on my monowall box.

    Hrm…

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy