Active Directory server in cloud with clients and pFsense on prem?
-
Some employees in office are having to move to different buildings so I’m trying to plan how they can still remain in Active Directory. Current building a Domain Controller is on prem on the same network as them. The site the employees are moving to doesn’t have a DC but does have a pFsense.
My thinking is, if I have a DC hosted as a VM in Azure already, then could I just have an IPSec tunnel from the pFsense to Azure, and the clients point to the IP of the DC in Azure, would that work? If so would I have to put in a DNS host override for the “company.AD.domain.com” to also point to the same IP? And as far as DHCP, pFsense would be employees DHCP server? -
@jgq85 I think that will work but it's always best to have Windows do your DNS and DHCP if your clients are using AD. Just use pfSense as a routing firewall and VPN remote site. Are you looking to move the existing building DC somewhere else? Otherwise I don't know why you wouldn't just connect the new building to the old one and the clients use the same old DC they always did with the least amount of disruption.