Issues with reverse DNS.

  • Hello,

    To start off I'm just a beginner with pfsense and networking. I'm trying to test a few things out just for fun.

    I'm trying to set up a Lan network with 2 different VLANs, 2 PFSense routers and 2 AD DNS servers. Network drawing at the bottom for clarification. I've set up both pfsense routers with IPsec so they are connected through a tunnel.  Network drawing:

    The issue I'm having is that I can't seem to able to add my second DC to an existing forest on DC01. When I use nslookup dc01 I'm not getting an address. The error I get is: In general setup in Pfsense I've set up both routers to use as the first dns server and as the second dns server. However, they can ping eachother and are also able to ping sites such as and It's just the internal dns that isn't working correctly if I'm even saying that correctly.

    I'm using DNS forwarder in both routers with dns resolver disabled. I don't really know the difference between the 2

    These are the 2 routers: and

    Both Windows servers are using eachother's DNS. On the clients, whenever I set DC01 ip as primary DNS, nslookup dc01 does work but when I set DC02 ip as primary DNS nslookup dc01 and nslookup dc02 both don't work.

    I hope this is a bit clear. Please ask any questions if it's not clear enough.

  • Banned

    With AD, your DNS must point to the AD DNS. Set up overrides for your domain/reverse zones to point back to your DCs.

Log in to reply