Homelab

22 readers

1 users here now

Rules

Be Civil.
Post about your homelab, discussion of your homelab, questions you may have, or general discussion about transition your skill from the homelab to the workplace.
No memes or potato images.
We love detailed homelab builds, especially network diagrams!
Report any posts that you feel should be brought to our attention.
Please no shitposting or blogspam.
No Referral Linking.
Keep piracy discussion off of this community

founded 1 year ago

MODERATORS

communick@selfhosted.forum

rglullis@communick.news

Am I crazy to move to pfSense from OPNsense? (alien.top)

submitted 11 months ago by cjchico@alien.top to c/homelab@selfhosted.forum

35 comments fedilink hide all child comments

So I've been using OPNsense for a few years. I have an extensive config inclduing vlans, plugins, policies, suricata, VPN, routes, gateways, HAProxy, etc.

Over the past few months, I've noticed certain bugs, weirdness, and slowness within OPNsense. I recently watched Tom Lawrence's video on the licensing changes and he touched on the openssl vulnerability that OPNsense has yet to remediate.

The Plus license cost (per year) which entitles you to some limited support options is also appealing. Every time I get stuck figuring out something complex in OPNsense, I have to hope someone else has tried to do the same thing and posted about it so I can troubleshoot.

I also don't like having to constantly update. A more "stable"/enterprise focused cycle like pfSense has seems like my pace. It broke on me last year with one of the upgrades and I had to clean install.

Don't get me wrong, I love the UI (mostly), plugins, etc. in OPNsense, but these past few months have got me thinking.

I've also heard that people don't like Netgate as a company, so that could definitely factor into not switching.

What are everyone's thoughts?

you are viewing a single comment's thread
view the rest of the comments

[–] SamSausages@alien.top 1 points 11 months ago (1 children)

No, I like pfsense because it has less frequent updates and is better documented.

Here is one of the better guides that helps you config much of what you are talking about:

https://nguvu.org/pfsense/pfsense-baseline-setup/

Plus, opensense gets most of their code from the work done by pfsense, and often have to wait on them to push the code. Just look at what happened with TLS 1.3

[–] SamSausages@alien.top 1 points 11 months ago

chuckle, butthurt downvotes but not one comment to dispute anything I said. Enjoy the depreciated OpenSSL without security updates.