Date: May 18, 2021
pfSense: Installer handles root on ZFS and GELI encryption options. The latter is of limited use in a firewall appliance but ZFS has its merits when you deploy devices at sites with flaky power or that are designed to be used in the field by road warriors who are unlikely to shut down before pulling … Read More
Date: May 14, 2021
pfSense: Curate their plugin repository very conservatively. The ethos is very much that “A Firewall should be a firewall and not moonlight as a Unifi controller or Plex Media Server”. OPNsense: Has many cool things in the official repo. Tayga, ZeroTier, Shadowsocks. TOR. Sensei. Prometheus and Munin exporters. And for the adventurous there is … Read More
Date: May 13, 2021
This is an easy one. pfSense: Since 2.5.x has Telegram bot and Pushover API capbilities along with the trusty old SMTP. They work reliably for us in all cases. And for low volume both are free to use. Albeit pushover will charge a nominal fee for their mobile apps but it is basically free. … Read More
Date: May 12, 2021
Both OPNsense and pfSense offer FRR. FRR is very versatile. It offers OSPF, BGP etc. At work we use BGP to route some IPv4 and IPv6 prefixes. I wanted to test both but can only use pfSense. More on that below: pfSense: Offers FRR version 7.5.1. Latest version. Jim Pingle (who is a Saint, btw) … Read More
Date: May 11, 2021
This is a short one because both OPNsense and pfSense offer themes. Both have some dark mode options and the rest of the topic is too subjective to be worthy a long debate. Beauty is in the eye of the beholder. pfSense: You can choose between light and dark themes and a bunch of accent … Read More
Date: May 10, 2021
Restoration from backups works well for both OPNsense and pfSense but the way backups are created is very different. pfSense: Has the now free of charge ACB (auto configuration backup) module. This used to be a sweetener for people who paid for pfSense Gold, which was a nice way home users or small biz users … Read More
Date: May 9, 2021
We use OpenVPN extensively with RADIUS or LDAP authentication. tls-crypt is used in all cases. Because… reasons. pfSense: Has this feature exposed in the GUI and working fine for years. OPNsense: Has the feature not exposed in the GUI. But this is not necessarily a big deal because an admin can easily paste the relevant … Read More
Date: May 9, 2021
This is an issue that no doubt has brought many people to look at OPNsense again or for the first time. WireGuard has enjoyed increasing popularity in the last year or so. Due to its stateless nature it performs really well on mobile devices that may switch between LTE, 5G, WiFi networks. There is no … Read More
Date: May 9, 2021
Round 1 – WireGuard. Tally: OPNsense 1 : pfSense 0 Round 2 – OpenVPN. Tally: OPNsense 1 : pfSense 1 Round 3 – Backups. Tally: OPNsense 2 : pfSense 1 Round 4 – GUI. Tally: OPNsense 3 : pfSense 1 Round 5 – BGP Routing. Tally: OPNsense 3 : pfSense 2 Round 6 – Notifications. … Read More
Date: May 9, 2021
This is like an Apple vs. Microsoft / BMW vs. Mercedes / Coke vs. Pepsi thing. First off let me clarify I am by default in the pfSense camp. We used their hardware and software at my old job, we are using some in my current job and when I moonlight as a consultant I … Read More