PFSense Windows Domain Computers Lockup
-
Recently attempted to make the switch from Mono to PF. After the switch domain computers across the network would lock up regularly at exactly 4am and 4pm. A hard reset of the locked up domain PC would resolve the issue till the next cycle. After removing the PFSense box and going back to Mono the issue stopped. Clearly PFSense is running some sort of service or update at exactly 4:00 am/pm (CST by the way GMT-6). Can anyone think of what PF might be doing at these times? Any idea how I could monitor what it is doing manually?
Stats:
PFSense 1.2
Dell Optiplex GX240
P4 1.6ghz (Less than 1% CPU usage)
512mb ram (PF showed 14% usage)
20gb Hard Drive
No packages other than defaultWindows Server 2003 Domain
28 Domain Workstations
2 Servers: SBS 2003, Svr 2003
7 non-domain workstations
48 port gigabit switchThings of note:
Computers not connected to the domain (ie no domain logon) are not affected
Domain PCs that are OFF are still affected on initial boot, hardboot again after first boot fixes issue
Domain PCs lockup whether logged on or off of the individual machine
The SBS Server handles DNS, the PF box handles DHCPAny ideas? Need more info? I really like the features of PFSense but obviously I can't continue with a problem like this.
-
I run pfSense on a network with a Windows domain (not Active Directory) and I don't get any lockups. I doubt that pfSense is the cause, though it may be the catalyst.
Question - what is your DHCP lease - 24 hours? The interval would point to to a DHCP lease refresh issue (refresh is at 50% of the lease). Make sure that you've specified the correct DNS servers in the DHCP configuration, or switch to doing DHCP on the domain controller. Check your other DHCP options too.
-
@Cry:
I run pfSense on a network with a Windows domain (not Active Directory) and I don't get any lockups. I doubt that pfSense is the cause, though it may be the catalyst.
Question - what is your DHCP lease - 24 hours? The interval would point to to a DHCP lease refresh issue (refresh is at 50% of the lease). Make sure that you've specified the correct DNS servers in the DHCP configuration, or switch to doing DHCP on the domain controller. Check your other DHCP options too.
This is an active directory domain. I like using the firewall for DHCP since they support Static DHCP. Also I want to use the PXE boot server options of PFSense which are not supported by Windows DHCP. Wouldn't the DHCP lease time be different on almost all PCs? I thought lease time was specific to individual PCs. DNS servers are correct, primary server as DNS1 and ISP DNS server as DNS2. The same as it is on my monowall box.
Hrm…
