Pfsense/pfblockerng-dev and microsoft server 2016

So the boss was able to view porn sites today and asked me about blocking them network wide.
Network flow is as follows: Consolidated Fiber, Fiber modem, pfSense 2100, MS Server 2016, switch, network.

I installed pfblockerng-dev, and used some of the blacklists(specifically Shallalist). Of course I can still view porn.

Mind you, I am a Paramedic, and this is for the Rescue Squad I work for.
Home network isn’t an issue(as the pfSense instance I have running is the authoritative DNS server in the house, however I don’t have anything MS in my home network.

Is there a definitive guide for setting things up, that even a Paramedic can follow and not foul things up?

I have zero knowledge of MS Servers.

I figured it out.
I set up the pfSense instance IP as a forwarder in MS Server 2016 under DNS Manager/forwarder, and disabled root hints.
Works on both BYOD and workstations.


1 Like