PfSense-Disable DHCP on pfSense and use DHCP from Server 2008 R2



  • Hello Community,

    Im having trouble with pfSense and Windows Server 2008 R2.
    Im using VirtualBox with the following configurations.
    As for the pfSense configuration for now i left everything on default untill i get the DHCP to work.
    Only HTTP,HTTPS and DNS rules are enabled.

    Config:

    Windows 7 Client - Internal Adapter
    pfSense - Bridged and Internal
    Server 2008 R2 - Internal
    –---------------------------------
    My problem is that i cant figure out how to disable pfsense DHCP and get my adress pool from my Server.
    I tried by using the option under services Disable LAN DHCP but then a new problem occured, I couldnt surf the weg with my Client and i restarted it after setting up DHCP on my Server.

    I would like to know:

    How to obtain IP adresses from the DHCP on my Windows Server.

    Pls dont post if you are going to write : "google is your friend" or "use the search function"
    I searched the web for hours and i couldnt find anything helpfull so i decided to post here.

    ps: I never used pfSense before this is my first time doing something with it.
        I need an answer asap.

    ~Cheers,

    SenshiAGE



  • When you configure DHCP services in Windows, make sure that the DHCP server is giving out the pfSense box's address as the router.  I believe the default DHCP router in Win2K8 R2 is the server itself.  You need to change that.  Also, is the Win2K8 R2 box doing DNS?  You need to make sure that's configured properly, or you could use the pfSense box to do that.  It would probably be best to have the Win2K8 server be the primary DNS and the pfSense box the secondary.

    See if that helps.


  • Rebel Alliance Global Moderator

    If he is running AD, then no he would not want pfsense to be a secondary dns on the clients!  In AD, all members of the AD should ONLY Point to the AD dns for dns - no other dns should be configured on the client.

    You then setup dns on the AD to either forward unknown zones to your isp, or another forwarder like pfsense or do direct from root lookups.

    So yes you need to disable dhcp server on pfsense - then on the dhcp scope you need to setup pfsense lan IP as your gateway router off your network, and for dns you should point to the 2k8 server running dns (has to be if your running active directory)..  If your not running AD then you can point to whatever you want for dns - be it pfsense dns forwarder, or googledns, your isp, etc.



  • @johnpoz:

    If he is running AD, then no he would not want pfsense to be a secondary dns on the clients!  In AD, all members of the AD should ONLY Point to the AD dns for dns - no other dns should be configured on the client.

    You then setup dns on the AD to either forward unknown zones to your isp, or another forwarder like pfsense or do direct from root lookups.

    So yes you need to disable dhcp server on pfsense - then on the dhcp scope you need to setup pfsense lan IP as your gateway router off your network, and for dns you should point to the 2k8 server running dns (has to be if your running active directory)..  If your not running AD then you can point to whatever you want for dns - be it pfsense dns forwarder, or googledns, your isp, etc.

    Thank you John :D

    its works now im very gratefull to you and yes i use AD



  • @johnpoz:

    If he is running AD, then no he would not want pfsense to be a secondary dns on the clients!  In AD, all members of the AD should ONLY Point to the AD dns for dns - no other dns should be configured on the client.

    Generally yes but SBS networks or any AD networks with a single DNS server are a big exception to that since you likely only have one Windows server and the loss of that server doesn't need to mean the loss of Internet connectivity. Having the DNS forwarder, configured with a domain forward for the AD domain to point to the AD DNS, is a good idea where you can't have multiple AD DNS servers for some reason.



  • My second concern is how do i get 172.16.200.X/24 adresses to work, I want my dhcp server to give out adresses from 172.16.200.101 - 199
    I tried to change the LAN interface to a 172 adress but the connection just disappears after applying.

    • The dhcp in pfsense in enabled at this time, i dont want to use the defautl 192.168.1.1 adress -
      Even if i change it to 192.168.1.12 it would not work.
      I tired both the web configurator and the installed console on my VM.


  • NEDD HELP PLS



  • If you can go to console, choose option 2 and change your settings from there.
    If you can't go to wan-side and edit your lan ip/subnet from there, then you don't lock yourself out.



  • @Metu69salemi:

    If you can go to console, choose option 2 and change your settings from there.
    If you can't go to wan-side and edit your lan ip/subnet from there, then you don't lock yourself out.

    even if i change it in the console to 172.16.200.254 /24 i still cant acces the internet



  • Have you renewed your clients ip-addresses?



  • i managed to change the LAN ip to 172.16.200.254
    but when i change my wan tp static i dont get internet it only works when set to dhcp


Locked