Netgate SG-1000 microFirewall

Author Topic: DNS name resolution  (Read 308 times)

0 Members and 1 Guest are viewing this topic.

Offline asdf1nit

  • Newbie
  • *
  • Posts: 9
  • Karma: +0/-0
    • View Profile
DNS name resolution
« on: December 04, 2017, 10:29:27 pm »
My current DNS setup is like so

LAN clients -> AD DNS -> pfSense -> Open DNS

In this config I can't resolve internal computer names with pfsense.

Is there a way for pfsense to pull internal names from the AD server so I can get local IP to Name resolution in my snort and firewall alert and block lists or am I just stuck with looking in my AD DNS server for that info?

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15180
  • Karma: +1414/-206
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: DNS name resolution
« Reply #1 on: December 04, 2017, 11:00:26 pm »
Setup a domain override in pfsense pointing to your AD domain.
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)

Offline dpas7

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: DNS name resolution
« Reply #2 on: December 20, 2017, 08:55:21 am »
I have the same issue. A client machine comes in from a OpenVPN connection and connects successfully, using IP address, however, name resolution does not work. I have added the domain overide in the DNS Resolver settings and I am still not able to resolve names, only IP addresses. I am not using PFSense for DHCP on my LAN. I have a Windows Active Directory setup and utilize Windows server for DHCP and DNS. How could I get this to work, or is there a recommended configuration for a Windows AD environment?