Issues with reverse DNS.



  • Hello,

    To start off I'm just a beginner with pfsense and networking. I'm trying to test a few things out just for fun.

    I'm trying to set up a Lan network with 2 different VLANs, 2 PFSense routers and 2 AD DNS servers. Network drawing at the bottom for clarification. I've set up both pfsense routers with IPsec so they are connected through a tunnel.  Network drawing: http://i.imgur.com/hicJ8SA.png

    The issue I'm having is that I can't seem to able to add my second DC to an existing forest on DC01. When I use nslookup dc01 I'm not getting an address. The error I get is: http://i.imgur.com/jRpBPo8.png. In general setup in Pfsense I've set up both routers to use 192.168.10.2 as the first dns server and 192.168.20.2 as the second dns server. However, they can ping eachother and are also able to ping sites such as google.com and 8.8.8.8. It's just the internal dns that isn't working correctly if I'm even saying that correctly.

    I'm using DNS forwarder in both routers with dns resolver disabled. I don't really know the difference between the 2

    These are the 2 routers: http://i.imgur.com/5vcYGAX.png and http://i.imgur.com/d2RmS9O.png.

    Both Windows servers are using eachother's DNS. On the clients, whenever I set DC01 ip as primary DNS, nslookup dc01 does work but when I set DC02 ip as primary DNS nslookup dc01 and nslookup dc02 both don't work.

    I hope this is a bit clear. Please ask any questions if it's not clear enough.


  • Banned

    With AD, your DNS must point to the AD DNS. Set up overrides for your domain/reverse zones to point back to your DCs.


Log in to reply