Pfsense + Windows 2016 (AD DNS DHCP) seeking help

Minh

Hi everyone,

Could you please help as I set up my lab?

Pfsense Turn off DHCP

Win16 has 2 nics: Internal + external
Win16 Configure DNS Forwarders to Pfsense DNS
Win16 Configure Static route from Internal to External
Win16 is able to connect to the internet through Pfsense

Client PC joined successfully the domain (itmonks.local)
Client PC can ping both nic on Win16
Client PC canot ping google.com, thus cannot connect to the internet.

Could you please help. I appreciate very much

Thanks
Minh

heper

You'd need NAT rules on pfsense for the subnet your clients get. (I assume you have different subnet on internal vs external)

You would also need a return route on pfsense, so it knows that win16 is the gateway to the subnet

Minh

Thanks. helper, Yes I have Win16 (DC DNS DHCP + 2 NICs) attached to Pfsense.

So if I understood you correctly:
1- I need to make a NAT rule on Pfsense
WAN - addres => Win16 External address

2-I would also need a return route
Could you please point my to youtube clip that show how I can do it?

Thanks. Appreciate it
Minh

heper

The nat rule should be for the client subnet.

The route should point to the client subnet with win16 IP as gateway.
See: https://www.netgate.com/docs/pfsense/routing/static-routes.html

If you need more specific info, please draw a schematic that includes all involved ips & subnets

Minh

My network looks almost as in the picture and detailed info as below

Pfsense:
WAN Internet
LAN1 192.168.10.1 = Subnet1 = DHCP DNS = Clients Subnet1
LAN2 192.168.20.1 = Subnet2 = DHCP DNS = Ext + (Win2016) + Int. => Client Subnet2

Win2016 (DC DHCP DNS)
Ext = 192.168.20.200
Int = 192.168.30.1
Client Subnet2 = 192.168.30.0/24

I believe I have to set up NAT but I cannot find Instruction how to do NAT for the entire windows subnet?

Minh