New Features in pfSense Plus version 22.01 and pfSense CE version 2.6.0! [YouTube Release]

Additional Resources:

Reddit post

Full Release Notes
https://docs.netgate.com/pfsense/en/latest/releases/22-01_2-6-0.html

Christian McDonald Videos:
New pfSense Releases! Plus 22.01 and CE 2.6.0!

pfSense Software + WireGuard Package - Project Report 011

Netgate Blog Post

Upgrade Guide
https://docs.netgate.com/pfsense/en/latest/install/upgrade-guide.html

Connecting With Us

Lawrence Systems Shirts and Swag

►👕 https://teespring.com/stores/lawrence-technology-services

AFFILIATES & REFERRAL LINKS

Amazon Affiliate Store
:shopping_cart: https://www.amazon.com/shop/lawrencesystemspcpickup

All Of Our Affiliates that help us out and can get you discounts!
:shopping_cart: Affiliates We Love - Lawrence Technology Services

Gear we use on Kit
:shopping_cart: Kit

Try ITProTV free of charge and get 30% off!
:shopping_cart: Learn technology and pass IT certifications with ITProTV

Use OfferCode LTSERVICES to get 10% off your order at
:shopping_cart: https://www.techsupplydirect.com/

Digital Ocean Offer Code
:shopping_cart: DigitalOcean – The developer cloud

HostiFi UniFi Cloud Hosting Service
:shopping_cart: HostiFi - UniFi Cloud Hosting

Protect you privacy with a VPN from Private Internet Access
:shopping_cart: Buy VPN with Credit Card or PayPal | Private Internet Access

Patreon
:moneybag: lawrencesystems is creating Tech Tutorials & Reviews | Patreon

:stopwatch: Timestamps :stopwatch:
00:00 pfsense 2.6 / 22.02
01:59 Update Announcements
05:26 pfsense plus for Home Lab
07:17 Upgrade process
08:57 New Features and Changes
10:06 ZFS by Defualt
11:50 Password Hash Change SHA512
13:50 NTOPNG Update

#pfsense #Firewall #opensource

2 Likes

I’m running CE for myself for home lab however just wondering thoughts regarding the future of CE. It’s pretty clear development for CE is going to be left behind as Netgear pivots to monetize their pfSense plus product. Sure the pfSense plus product is $0 for home users, however this honestly feels like a carrot getting you into the ecosystem and then later switching terms whereby the product needs to be licensed on an annual basis. Looking at their pricing structure you referenced in your video (pfSense+ Software Subscription – Netgate), the Home or Lab option does not list Software Updates as a feature. What exactly does this mean??

1 Like

Hi
Quick question on the ZFS install can that be done on one SSD drive?
i tried to install it earlier with 2.5.2 and it seems to need two drives.
I was thinking of reinstalling my pfsense for the ZFS file system.

The security vulnerabilities in 2.5 is not worthy of an upgrade to 2.6 as my main computer and laptop runs Linux and I have not had any security issues so far. However, I’ve decided to upgrade to 2.6 anyway even though security vulnerabilities is not one of the reasons for keeping pfSense up-to-date.

If I want to harden my network even further, I can enable SSH tunneling in my desktop management VM and tunnel to pfSense’s web interface that is already on HTTPS. My “desktop management VM” connects to network devices’ web interface that is HTTP only, so I can set up my VM as a bastion host for SSH’ing into my management network. The risk of an outsider breaking into my network is minimal, so I can accept the risk and just have HTTPS available in my trusted network. Other networks won’t get HTTPS to pfSense’s web interface. My password manager (Bitwarden) contains the username and password for accessing pfSense and I can log out once I am done with accessing the web interface in order to minimize session hijacking attacks (I mean, if it’s possible to do that with JavaScript over the web).

In any case, a router is a router with locked down firewall rules, so I do not have any use-case for any changes or new features made for pfSense. For a future cybersecurity analyst such as myself, this is a case of “risk management.” How much do I want to harden my network and how much do I want to accept the risk depends on my security hygiene.

Just did the upgrade and it went almost perfect.

Super weird issue with my virtual IPs where the backup config did bring them over, but were not working. Going into the edit section and saving them seemed to fix it.