similar to: Samba4 Internal DNS and pfSense DNS Resolver

Am 10.07.19 um 20:38 schrieb miguel medalha via samba: > >> How could I achieve that when my client from the LAN makes a request >> to xmpp.domain.tld, SAMBA4 direct that request to pfSense and respond >> with the IP assigned to it? > > In the smb.conf file of your DCs you insert the line: > > dns forwarder = [IP address of your pfSense machine] there is no

On 10/07/2019 21:02, miguel medalha via samba wrote: > >> there is no reason why an authoritative nameserver would forward a >> request to his own domain no matter if it's samba, named or somethign >> else >> >> any authoritative nameserver is supposed to know *every* record within >> his own zones and you can't have half of them somewhere lese

I only have some experience with OPNsense but maybe you can relate: - In my case it was always the certificate.? - I had to add the cert to the system certs using CLI. Adding them in the WebGUI was not enough. - Port 636 did not work for me, only 389 using STARTTLS Hope that helps... On 16. March 2020 at 08:13:50, Stefan G. Weichinger via samba (samba at lists.samba.org) wrote: Am 15.03.20 um

Hi, I followed the "Optimizing CentOS for gigabit firewall" posting and as some posters wrote pf is soo sooo ssooooo mutch faster, I was thinking to give it a try. But I'm not familier to BSD so I was looking for some tools and found "pfsense" http://www.pfsense.org/ "pfSense is a free, open source customized distribution of FreeBSD tailored for use as a

> Am 15.03.2020 um 08:21 schrieb S?rgio Basto via samba <samba at lists.samba.org>: > > ?On Sat, 2020-03-14 at 07:43 -0700, gabben via samba wrote: >> Your pfSense firewall has OpenVPN built into it already, and you can >> point pfSense authentication back to your samba AD. We support over >> 400 users in this model. The configuration file for OpenVPN is common

Your pfSense firewall has OpenVPN built into it already, and you can point pfSense authentication back to your samba AD. We support over 400 users in this model. The configuration file for OpenVPN is common to all users, and they authenticate with their AD credentials. > On Mar 14, 2020, at 7:21 AM, Michael Howard via samba <samba at lists.samba.org> wrote: > > On 14/03/2020

Hi. I've a strange problem with networking and a KVM virtualized pfsense firewall. My hw host is Ubuntu 12.04 fully updated, with two bridges br0 (LAN) and br1 (WAN). pfSense is a KVM guest with the two interfaces in virtio mode. When I run pfSense as fw, the host doesn't seem capable of doing tcp connections outside. I can ping any internal and exernal host, but when I try telnetting

Other SIP clients behind the firewall (not using STUN, work). We have a SIP client using STUN and ICE behind a pfSense firewall. The firewall is behaving oddly. REGISTER packets work fine. But when the client tries to make a call, the first INVITE packet from the client pass through the firewall and makes it to the Asterisk server. The Asterisk server sends back a 401 client sends ACK,

I've tried IRC in #tinc and #pfsense on freenode for this, not luck yet, figured I'd try the mailing list. A summary of my problem is here: https://www.reddit.com/r/PFSENSE/comments/789xus/tinc_vpn_can_do_everything_but_be_accessed/ If there are any details I can provide that would help I'll be more than happy to. I'm hoping it will be something obvious that someone can say

WOW! OK! The light bulb above my head just came on. I added the script to the Subnet Up Script section, and now all the routes I need have been added in to the table for me. I did have to modify the line a little since I'm using pfSense (FreeBSD). I changed it to... route add "$SUBNET" -iface "$INTERFACE" ...I also used... route del "$SUBNET" -iface

Hi Rowland, I don't want to to run an AD DC on firewall device, barely DHCP and maybe DNS. What you have pointed me to is similar to what I have in place: https://blog.michael.kuron-germany.de/2011/02/isc-dhcpd-dynamic-dns-updates-against-secure-microsoft-dns/ and which is working fine. NOW I want to switch DHCP from isc-dhcp-server 4.2.2 on Debian to DHCP on pfSense firewall (based on

That's helpful. About half of our DHCP clients are Unixes. Maybe I'll find a way to make pfSense perform a Kerberos handshake with Samba for the sake of updating DNS. If not, I'll just install isc-dhcp-server on the Debian container running Samba AD. On 20/06/19 13:25, Rowland penny via samba wrote: > The problem is that Windows machines can update their own records in > AD,

Hi all, Has anybody got it working? My struggle is briefly described here but the pfSense community is dead silent: https://forum.netgate.com/topic/138881/dhcp-dyndns-intergration-with-samba-dns Regards, Adam

Dear Friends Greetings, i have a question for you, i am sure someone can help. The pfsense captive portal is up and running. Time countdown vouchers are working without issue, such as 30m, 45m, 1h & so on. However, I'd like to set up a download quota of 200MB per voucher. but then you need to login with a username and password, instead of vouchers. but I haven't found a way to

Probably not the best place to ask, but hopefully someone can point me in the right direction. I have a tiny business. We use Samba for file sharing and authentication in an AD setup. I'm running a pfsense appliance firewall. NAT on the internal network. Is there a way to allow employees to authenticate and access files to encourage remote work? What resource should I look to to figure

Am 26.09.19 um 19:02 schrieb Kris Lou via samba: > 1) You definitely need to have the CA specified for pfSense to use the > custom certificate. > 2) The hostname/IP of the specified DC also needs to match the CN on the > certificate. > > If you want to auth against multiple DC's, then either pfSense needs to > have some distribution among multiple LDAP providers (I

Am 18.09.19 um 21:41 schrieb Stefan G. Weichinger via samba: > Am 18.09.19 um 19:43 schrieb Stefan G. Weichinger via samba: > >> I assume I have to somehow import the Samba-ADS-CA into pfsense? >> >> I took /var/lib/samba/private/tls/ca.pem and imported that as an >> additional CA ... >> >> ... and now it works ... I wonder how long ... > > and

Hi all I need to control an UPS TSSahara usign NUT in pfsense and it is not working. Can somenone help ? ups.conf user=root [tsshara] driver = megatec_usb port = auto vendorid = 0483 productid = 0035 desc = "No Break TS-Shara" [myups] driver=usbhid-ups port=auto /usr/local/libexec/nut/megatec_usb -u root -a tsshara -DD Network UPS Tools 2.2.2 - Megatec protocol driver 1.5.14

Hello everyone, I'm trying to come up with the ideal DNS server configuration in consideration with Samba AD DC. The Samba wiki [1] says: > For high traffic environments, it is not recommended to use BIND9_DLZ-backed samba as a primary DNS server. Instead, use an external server that only forwards queries to BIND9_DLZ-backed samba DNS installations when the query is addressed to a zone

I just found that the VPN Netmask option in the pfSense tinc GUI is related to the "netmask" option in /usr/local/etc/tinc/tinc-up ifconfig $INTERFACE 192.168.117.1 netmask 255.255.0.0 What exactly is this line doing? Is it assigning the address that my lan adapter has to the tunnel interface as well? I'm interested in using tinc in production, so I'm trying to learn as much