• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Setting up PfSense with OpenDNS and Windows server

Scheduled Pinned Locked Moved DHCP and DNS
9 Posts 2 Posters 805 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    mgodinez
    last edited by Apr 15, 2019, 8:44 PM

    Hi everyone,
    I am still learning on how to configure PfSense and I am trying to setup PfSense 2.4.4 with OpenDNS for web filtering BUT in an environment that already uses Windows server 2008 R2 that has already DHCP and DNS in it.

    Does anyone know of such tutorial on how to add PfSense and OpenDNS to the current system? Windows server will be handling all DHCP/DNS.

    I have been searching around and I can't seem to find any help on setting up both(PfSense and OpenDNS ) into the Windows server environment. Hopefully someone can point me to the right tutorial?

    Thank you in advance!

    Regards

    Manny G.

    1 Reply Last reply Reply Quote 0
    • B
      bmeeks
      last edited by bmeeks Apr 16, 2019, 3:03 AM Apr 16, 2019, 3:02 AM

      This is very simple. Turn on "forwarding" for your Windows 2008 R2 server's DNS service and put the IP addresses of the OpenDNS servers in for the forwarding address. This will cause the Windows DNS server to forward all IP and domain lookups that it is not "authorative" for to the OpenDNS servers.

      On your pfSense firewall, I would disable the resolver and enable the forwarder and point pfSense to your Windows 2008 R2 server. This way pfSense can easily do reverse lookups on LAN clients. You could also use overrides within the pfSense forwarder's configuration, but to me it is simpler to just point pfSense to your Windows DNS server.

      Make sure all of your clients are configured to use the Windows DNS server. I assume they already are.

      1 Reply Last reply Reply Quote 0
      • M
        mgodinez
        last edited by Apr 16, 2019, 3:11 AM

        Thank you bmeeks, I really appreciate your help, just wondering on the configuration of the DNS forwarder... What settings should I enable or disable and what fields should I fill with what( e.g. "DNS Query Forwarding" and "Interfaces", etc.) ??

        Thank you again.

        Regards

        Manny G.

        1 Reply Last reply Reply Quote 0
        • B
          bmeeks
          last edited by Apr 16, 2019, 3:50 AM

          On pfSense, just go to SYSTEM > GENERAL SETUP and put the IP address of your Windows 2008 R2 server in the DNS Servers box. Leave the default gateway selection set to "none". Be sure the DNS Server Override checkbox immediately below is unchecked.

          Now go to SERVICES > DNS RESOLVER and disable it by unchecking the Enable checkbox. Save the change.

          Go to the SERVICES > DNS FORWARDER screen and enable the forwarder by checking the Enable checkbox. Save the change.

          Sometimes when testing things on my virtual machines I have to reboot pfSense to get all these changes to happen properly. Your mileage may vary with a live firewall. Should work without a reboot, though.

          1 Reply Last reply Reply Quote 0
          • M
            mgodinez
            last edited by Apr 16, 2019, 3:58 AM

            Thanks again bmeeks, just the way I understand, step by step. Awesome!

            Hopefully that will do the trick, also, one more question, can OpenVPN be added to this setup? Since PfSense doesn't handle the DHCP/DNS I was wondering if that is even possible....

            Thank you again for your help!

            Regards,

            Manny G.

            B 1 Reply Last reply Apr 16, 2019, 4:03 AM Reply Quote 0
            • B
              bmeeks @mgodinez
              last edited by Apr 16, 2019, 4:03 AM

              @mgodinez said in Setting up PfSense with OpenDNS and Windows server:

              Thanks again bmeeks, just the way I understand, step by step. Awesome!

              Hopefully that will do the trick, also, one more question, can OpenVPN be added to this setup? Since PfSense doesn't handle the DHCP/DNS I was wondering if that is even possible....

              Thank you again for your help!

              Regards,

              Manny G.

              Not sure I understand your question fully. You can simply point your VPN clients to your Windows server for DNS/DHCP services.

              1 Reply Last reply Reply Quote 0
              • M
                mgodinez
                last edited by Apr 16, 2019, 4:08 AM

                Yes, I would like to install on PfSense the OpenVPN service there too in the future, since the PfSense is only a transparent firewall, I was just wondering if it was possible since Windows server does all the DHCP/DNS - I am still a newbie on this :)
                Do you know of a good and understandable book for PfSense? And up to date also :)

                Regards

                Manny G.

                1 Reply Last reply Reply Quote 0
                • B
                  bmeeks
                  last edited by Apr 16, 2019, 4:16 AM

                  Here is the official documentation site: https://docs.netgate.com/pfsense/en/latest/. And here is a link to the pfSense Book (or more like the pfSense Bible): https://docs.netgate.com/pfsense/en/latest/book/. You should find everything you need in these two links.

                  1 Reply Last reply Reply Quote 0
                  • M
                    mgodinez
                    last edited by Apr 16, 2019, 4:24 AM

                    Thank you bmeeks!

                    Regards,

                    Manny G.

                    1 Reply Last reply Reply Quote 0
                    1 out of 9
                    • First post
                      1/9
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                      This community forum collects and processes your personal information.
                      consent.not_received