pfBlockerNG with Windows Server DHCP and DNS
-
Hello, I am trying to use pfBlockerNG as a content filter for my domain. I have a dedicated local server running as DHCP and DNS. The pfsense is not running a DHCP server and the DNS resolver is on. On the windows side, the DNS server is forwarding to the local address (lets call it 10.0.1.2) as well as the ISP DNS servers. Even after setting up pfBlockerNG with different tutorials, it does not work. I suspect it is because it tries to use pfSense as a DNS server while it is windows that is running the DNS server. Any help would be much appreciated.
-
@samitguy Windows can forward to any DNS. Don't also forward to the ISP though, since that would bypass pfSense. Also there is a checkbox somewhere in the Windows DNS settings to use root servers if it doesn't get a response from the forwarded server.
-
@steveits ok thank you. Is there a way to tell pfSense to use the windows DNS and DHCP servers so that pfBlockerNG works?
-
@samitguy Not sure I understand. What DNS are the PCs on the network using?
pfSense can be configured to forward queries to a specific DNS server. Either via "Domain Overrides" (useful for a Windows domain network) or via the "DNS Query Forwarding" checkbox which forwards all queries. PCs using pfSense for DNS would have queries forwarded on as configured. However none of this is relevant to "so that pfBlockerNG works"....
-
@steveits The PCs are using the Windows DNS server.
What I would like to happen is for pfBlockerNG to act as a content filter with the Windows DNS server handling DNS and Windows DHCP server handling DHCP. pfSense should only act as a router and a host for pfBlockerNG.
-
@samitguy On your Windows DNS server(s) forward all queries to your pfSense.
You may need to empty the DNS cache on the server(s) and any devices. ipconfig /flushdns on the PCs, or dnscmd /clearcache for the DNS Server cache.