Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    AD Domain Rename with a pfSense Firewall

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 3 Posters 1.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bpwnes
      last edited by

      I'm preparing to rename an Active Directory domain that is in a location with a pfSense firewall. The firewall is configured with a FQDN in the current domain and will be changed. It's being used with IPSec (ShrewSoft client) w/ AD authentication using a domain account for authentication requests. The business has a static IP and the ShrewSoft client is using their static IP as the hostname.

      I know the firewall's FQDN will have to change from pfsense.oldname.local to pfsense.prefix.newname.com and the account used to authenticate users for the VPN will change from vpnusers@oldname.local to vpnusers@prefix.newname.com. The static IP and local IPs aren't changing.

      My question is if there anything else I need to consider? Will it work to just change those two settings? I'd like this transition to go smoothly and don't want to leave anything out.

      1 Reply Last reply Reply Quote 0
      • H
        heper
        last edited by

        i would think the pfsense would be the last minor detail to fix. i'd be worried about renaming the domain on the AD/exchange/wsus/sccm/… servers.

        how many times have you succesfully renamed the domainname on an operational AD environment ? (me = 0)

        1 Reply Last reply Reply Quote 0
        • B
          bpwnes
          last edited by

          This is my first one. Did it successfully in a lab environment and am pretty confident everything will go smoothly. It isn't that large of an organization and they only have one physical server (w/ 2 VM DCs) and really good backups.

          1 Reply Last reply Reply Quote 0
          • S
            Snailkhan
            last edited by

            @bpwnes:

            This is my first one. Did it successfully in a lab environment and am pretty confident everything will go smoothly. It isn't that large of an organization and they only have one physical server (w/ 2 VM DCs) and really good backups.

            sadly i dont have anything to help you with ..
            but i am interested to know how your domain name change goes ..

            our systems team had very tough time when we did it few years ago.

            1 Reply Last reply Reply Quote 0
            • B
              bpwnes
              last edited by

              We still haven't done the domain rename. The parent domain we were planning on joining ended up being a mess… still has a server 2003 box for some ungodly reason... IMO we should make a new domain of a different name, but I've been unable to convince the powers at be.

              As far as the firewall goes though, I'm pretty sure all I have to do when the time comes is change the domain name within the settings. This will trickle down to the IPSec VPN settings as well, correct?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.