Traffic graph resolving Windows XP hostnames, but not Windows 7

  • I've tried googling this problem, but I end up with a ton of results of people trying to resolve Linux computers from Windows.

    I need help resolving Windows 7 computers via pfsense.

    This is not a pfsense problem though. I used to run an Alienvault OSSIM box and it had this same exact problem.

    Domain is running Windows SBS 2011. DNS and DHCP handled by SBS. IPv6 is enabled (can't be disabled in SBS 2011 IIRC). Domain Functional level is Windows Server 2003.

    I also have a second DNS server running on Windows 2003 for when the SBS box is down.

    The pfsense traffic monitor will resolve all Windows XP boxes, but it will not resolve Windows 7 machines. DNS Forwarding is OFF on the pfsense box.

    Since DNS is seemingly working fine I don't know where to begin troubleshooting this.

  • I assume your pfSense points to Windows SBS 2011 for its DNS, and that the Windows7 machines are in the domain. You would have to look at the reverse lookup zone/s in the DNS of Windows SBS 2011. I guess for some reason the Windows7 machines are not getting their reverse lookup entries added. Perhaps they have IP addresses in a different subnet or part of the subnet to the WindowsXP, and there no reverse lookup zone has been created for that address range?

  • I agree with Phil, just to add some other suggestions. If you are running a all Windows LAN I would add WINS as well and add the WINS to your DHCP server in PfSense. Then go to your DNS server in Windows and tell it to lookup name resolution from WINS if it doesn't find a answer in it's tables. It is just a check box but this works well for me and it works across subnets and Domains for that matter. They Say WINS is going to Die but it aint dead yet and it is still in Windows Server 2012 (I haven't upgraded to R2 yet).

  • Thanks guys, it looks like only XP boxes were being registered in the reverse lookup zone.

    I went into my DHCP scope properties ( Right click scope, properties, DNS tab ) and enabled DNS dynamic updates. Now I just need to wait for the next time their DHCP lease runs out and it will add the Windows 7 boxes to the reverse lookup zone.

    I also added DNS dynamic updates registration credentials on the advanced tab of that same properties box.

    I've seen the dialog before, I must have disabled at some point in the past because I'm pretty sure this should be on by default.

    Documentation is overrated.

  • Yeah I think dynamic updating is not on by default because of security risks. But I'm glad your up and running.

Log in to reply