Active Directory Server & pfblockerNG Suggestion Required

  • Hi,

    I am lil bit confused , I have successfully implemented the PFBLOCKERNG on my network and also i am using DNSBL services on it.

    Also i am using Static DHCP server on PFSENSE .

    But the problem is i need to enter Primary DNS IP on workstation to block social media sessions its blocked but when i use Secondary IP of my AD is not logging of other users profile on same station because the Primary IP is the PFSENSE IP.

    AD IP:

    What i need to when multiple users login on single workstation AD user account login easily and when they browse any social website like it will through the traffic on VIP address like on PFBLOCKERNG.

    Please guide me how i can achieve this..


  • Moderator


    Best to keep all windows devices pointing to your AD domain. Then have the DNS Forwarders of your DNS server (AD Domain), pointed to pfSense for final DNS filtering.

  • LAYER 8 Global Moderator

    Yeah if your MS shop using AD, its prob best to let MS be your dhcp and dns... Then just have your AD dns use pfsense/pfblocker for your dns to external domains.

    You can put in a domain override in pfsense so it can resolve your PTRs for networks and the like.

Log in to reply