I would be interested in the reaction to this video which claims that pfSense CE development has been practically halted
It’s already being talked about here.
1 Like
then could switching to OPNsense be the way to go ?
Most people here don’t like OPNsense, but it is certainly an option. If you want to discuss OPN, best to do it on their forums.
Mikrotik has routing/firewall, there is a new hardware device based on openWRT that will be on the market soon, there are some low powered devices from gli-net that are openWRT. Also VyOS comes up, but I know almost nothing about it.
I moved my work firewall to OPN Business and it’s fine for what I need, the free version gets updated sooner than Business. Consider Business as a stable version and free as a latest version kind of thing. They are about 6 months apart in release schedule. Start with free and decide if you like it, there will be a learning curve to get over coming from PF, but not impossible. Zenarmor has some good guides to OPN that are worth finding and reading. Also a few books that are worth a look and often cheap as a kindle book.
But now I feel I am blaspheming, so I better run for cover. Pick what you like based on your circumstances and research and be happy.
2 Likes
Oh no, it took me the the best part of a year maybe longer to get to grips with pfSense, though I had used DD-WRT and openWRT to some extent previously. At some point both my routers will die and I’ll need a replacement, I don’t need 10Gb, I only just got 1Gb on the WAN. I will say I have learnt a lot and the functionality with pfSense is tremendous compared to my old Asus routers, but time is now a constraint. Maybe spinning up OPNsense in a vm to have a poke around is what I ought to do.
Basic functions can be learned pretty quickly and I like the interface now (I know, more blasphemy). I learned a lot of what I needed through the guides on the Zenarmor site, not sure who writes them, but Beki posts links in the OPN forum (Zenarmor section). I also did buy 2 books, but one comes free with a Business license or hardware purchase. And they support Realtek interfaces with an optional driver package (in the software list), but I’d still go Intel.
I like the OPN hardware a bit more than the Netgate hardware, both are somewhat comparable to what a brand new Supermicro server of similar specs. would cost. I just wish the OPN site would let me configure more RAM into the device I want, it uses DDR 4 or 5 (can’t remember) desktop sized RAM so open and upgrade to 16GB. Seven 2.5g and two SFP+ on the model I want to get, about $1500usd (DEC2770)
Ok you’ve convinced me to spin up a vm with it, now to find the time …
How different is the interface in OPNSense compared to netgate? Does knowing netgate help in understand OPN or is just totally different?
I tried OPN and I had a weird experience with it. There were some auto generated rules that I didn’t want and felt really weird to me. It might not have been for others.
One worrisome issue is that with 24.11, there’s a mismatch between the config version for pfSense Plus (23.6) and pfSense CE (23.3). That could mean trouble for people who move from Plus v24.11 back to CE v2.7.2. I have a couple of pfSense SG-1100’s deployed but have a home-built box for backup, so his potentially hits me.
Reminder for people to back up their config file before updating pfSense.
https://docs.netgate.com/pfsense/en/latest/releases/versions.html
Knowing how rules are made and things like that translate pretty quickly, navigation is the biggest change.
You can run it as a live OS and look around without wrecking anything on your current device or in VirtualBox.
1 Like