Recent convert from Sophos UTM9 to pfSense

It’s a long somewhat sad story, but I’m forced to make the move away from UTM9 at home (who can afford this system once you get used to relying on their great enterprise features.) The free version gives you nearly all the great enterprise features, but limits you to 50 ip addresses (and no customized messages). That just doesn’t cut it in today’s modern home (LOL).

That said, the key features I’m looking for are seem to all be in pfSense, but I’d like to confirm I’m mapping the definitions correctly: (Sophos = pfSense)
Web Filtering (transparent proxy and category lists) = pfBlocker + Squid (split&peek) + catagory files
WebApplicationFirewall = Squid Reverse Proxy
NTP Server = NTP Server
DNS Cache&Forwarder = DNS Cache&Forwarder (dnsmasq)
OpenVPN = OpenVPN

The Web filtering is silky smooth to configure in UTM9, It seems a little sketch in pfSense; Any thoughts?

I am using UTM at home; Sophos XG there is no IP limit for home but it is very confusing coming from the UTM to configure. Feature parity is not complete that I recall either, no lets-encryot for example.

I am new to pfsense as well and I think the plugins :

  • acme: for lets-encrypt SSL for management and capture portal as well as HAProxy
  • pfBlocker is the IP region blocking (I have not tried this yet)
  • HAProxy is a better replacement to UTM WeebApplicationFirewall and maybe include snort as well but snort needs managing.

I prefer using Cloudflare Tunnel for service I want to be exposed to the internet.

Hope this helps.

Web Filtering / Web Application Filtering is not good at all in pfsense. When people have that as a requirement I push them towards Untangle.

1 Like

Thanks Tom.

I appreciate your vids.

1 Like