Whats the best setup for pFsense + Windows server 2012 AD/DNS/DHCP



  • Hi there I just need to implement this on a small office of 12 computers is this even possible to mix the 2 tecnologies? Im so sorry Im noobie with this. How will the Infrastructure look like? Will it have problems with DHCP? Where should I setup DHCP on pFsense or on WS2012?



  • It is possible to mix the two products in the same environment. If you are running Active Directory, then Windows Server 2012 should look after the DNS and DHCP if you want everything to be integrated with AD. The AD server will also need to be the primary time source for the domain joined computers on the network. You can still use pfSense as the DNS relay and NTP source for your AD servers.



  • AD only needs DNS & time to properly function.

    everything else can be done from pfSense.
    If you wish to run WDS (or sccm to deploy OS's), you'll need to add specific settings to your dhcp server if you run it on pfsense. when you run your dhcp on AD, then this gets done automagically (sometimes)


  • LAYER 8 Global Moderator

    it is better to run dhcp on your AD, since it helps in the registration of clients in dns.. Or can be setup too, etc.

    To be honest if your running AD, use pfsense as its primary function routing/firewall..  Stuff like dns and dhcp, ntp are all just bells and whistles for a site that doesn't already have those things taken care of.  If your running AD, that is where those features should be setup.

    And yes you need to make sure your AD is setup with good time source, pfsense could be that sure.  But your going to want to let your AD members sync to AD - once you have setup AD correctly, etc..

    You can setup your AD dns to forward to pfsense, but all clients in AD should really point to AD for dns.. Then your AD either forwards or resolves stuff that it is non authoritative for, like pfsense.org, google.com


Log in to reply