AD controller and virtual Windows 10

Hi, I have a question regarding Windows Server 2019 and AD/DNS.
I have set up the domain controller with dns. pfSense takes care of DHCP.
When I join the domain in the same subnet as the domain controller it works fine, but if i try accessing from another subnet/vlan the DNS server does not respond. If i use dig from pfsense the domain server answers. I can ping the windows server, and I can see that pfSense lets traffic on port 53 through the firewall.
Read something that you need to add the subnet in “sites and service” so I added the the ip range, but it did not make any difference. I also tried adding a “allow all” in the windows firewall, but the dns query just times out.

The goal is: 1 domain dontroller, multiple vlan/subnets so that the different customers cant access each other, but each group of customers (same company) will be in the same vlan. (windows 10 installs on xcp-ng)

If anyone has a better solution for managing the the windows 10 computers i’m open for suggestions :slight_smile:

you also need to setup the Windows Server firewall to allow the other networks, by default they deny non-local connections.