pfSense CE 2.8.0 released

inju · May 29, 2025, 7:48am

Long awaited, finally released:

elvisimprsntr · May 29, 2025, 9:30am

CE 2.7.2 has been rock solid and thankfully Netgate released patches for all the vulnerabilities fixed in CE 2.8.0. Not pleased with the net installer only option. I’ll wait for at least .1 before even kicking the tires on a spare appliance.

lionslair · May 29, 2025, 12:38pm

Upgraded tonight no issues

rdaugherty · May 29, 2025, 1:54pm

Upgraded from 2.7.2?? On Netgate hw or custom build?

lionslair · May 29, 2025, 1:58pm

Dedicated protectli unit

pavlos · May 29, 2025, 3:52pm

did they fix the telegraf issue?

that is, telegraf cannot be installed, it blows with some php error.

this is the thread:

pavlos · June 1, 2025, 1:56pm

A favor: Can someone who upgraded to 2.8.0 install telegraf to see if it blows with a php error? if not, I’ll go ahead and upgrade mine to 2.8.0 I’d appreciate it.

RFLTools · June 3, 2025, 10:34pm

Using a no-name N100 with 2.7.2 and upgraded via the admin page to 2.8.0 → hangs with a kernel panic.

Tried using the installer (just in case) and also hangs.

I don’t have any logs or crash reports but am asking if anyone knows of issues. I’ve seen a lot of comments about pfSense not supporting the N100. Can someone comment on this? Is the N150/N305/N355 supported?

xMAXIMUSx · June 4, 2025, 3:26am

I installed telegraph in a VM and it didn’t have any issues.

admzn · June 4, 2025, 3:30am

Upgraded both of my CE systems, one physical and one virtual. No problems at all. Like Tom said in his video I just “hit it” and see what happens lol. So far so good.

bb77 · June 4, 2025, 5:27am

Yeah, well, that of course highly depends on your specific configuration, especially which plugins you’re using. So unless you can afford the additional downtime caused by reinstalling pfSense, I’d still recommend following the advice to remove all plugins before hitting that Upgrade button

ryan_g · June 4, 2025, 9:45am

Upgrade worked fine until I swapped to Kea DHCP. pfBlocker is critical to me for cell phones and it crashed Kea. The Debian VMs started getting IPs from the pool instead of their reservations. You need to change DNSBL Mode to ‘Unbound python mode’ to fix that. Some still get the wrong IP, multiple IPs, or the same IP as another device which has been a nightmare to sort out. ‘dhclient -r’ and then ‘dhclient’ will pull the proper IP but that is only after boot which might be a clue. I think that Kea has it stuck on those until the lease runs out maybe?

Edit - Spent way too much time trying to figure this out. Nuke and pave back to 2.8.0 without (i)Kea and all is well. Try again next update I suppose

pavlos · June 4, 2025, 1:15pm

thank you, appreciate it.

bb77 · June 4, 2025, 2:14pm

I just did the update myself. I uninstalled all packages (I use ARPwatch, ACME, HAProxy, System Patches, and WireGuard), and so far, everything still seems to be working. All settings were preserved after reinstalling the packages.

By the way, I also still use ISC

FirebirdTA · June 7, 2025, 12:31pm

No offense, I like and use PFsense and encourage my students to familiarize themselves with it.

BUT.

Changing to a live connection install is deterring me. Since when does an opensource software require a registration and account creation to use a software. This is not opensource.

I feel this will make some, including myself, start looking at other alternatives, though there is not many opensource software’s for routing and firewall software.

I understand the need to protect a companies software I.P, and that’s fine, but if its not part of a general open source release, this is suspect. Microsoft is already pushing for online accounts in next waves of Windows 11 updates.

People should should be vocal about this.

admzn · June 8, 2025, 3:10pm

No need to be rude, I was just sharing my experience. You have no idea what my configuration is.

kevdog · June 9, 2025, 3:06am

I’m probably adding nothing to this conversation, however I watched and appreciated the video. I’m running pfsense CE 2.72 within xcp-ng VM. I managed to in place upgrade with only one error – pfBlockerNG-devel needed to be uninstalled and reinstalled. I didn’t uninstall any other package (as recommended by the official documentation). Hopefully that helps someone.

bb77 · June 9, 2025, 8:46am

Where was I rude? I only said that it depends on the specific config and what plugins are installed whether there may be issues. Of course in many cases it’s perfectly possible to update your pfSense without uninstalling the plugins first, but as a general recommendation this is not suitable imho.

Which doesn’t help anyone who, based on that, updates their pfSense and then runs into issues — because they didn’t uninstall their plugins first

Exactly

bthoven · June 17, 2025, 3:08am

Just updated my pfSense from version 2.7.2 to 2.8.0 without uninstalling any packages. My packages were up-to-date before the upgrade.

Then, later changed the PPPoE to if_pppoe and rebooted. So far so good.