So I’ve been using OPNsense for a few years. I have an extensive config inclduing vlans, plugins, policies, suricata, VPN, routes, gateways, HAProxy, etc.
Over the past few months, I’ve noticed certain bugs, weirdness, and slowness within OPNsense. I recently watched Tom Lawrence’s video on the licensing changes and he touched on the openssl vulnerability that OPNsense has yet to remediate.
The Plus license cost (per year) which entitles you to some limited support options is also appealing. Every time I get stuck figuring out something complex in OPNsense, I have to hope someone else has tried to do the same thing and posted about it so I can troubleshoot.
I also don’t like having to constantly update. A more “stable”/enterprise focused cycle like pfSense has seems like my pace. It broke on me last year with one of the upgrades and I had to clean install.
Don’t get me wrong, I love the UI (mostly), plugins, etc. in OPNsense, but these past few months have got me thinking.
I’ve also heard that people don’t like Netgate as a company, so that could definitely factor into not switching.
What are everyone’s thoughts?
Nope. I have moved away several years ago from pfsense and could not be happier. I am running production off a 2 node, 24 vlan cluster and it’s rock solid
OPNSense is far more willing to add “experimental” features and as a result you get a firewall that has more features out of the box, but is less stable.
pfSense is very slow to add new functionality, but the platform is rock solid as a result.
It all comes down to what you want. Do you want to play around with an appliance that has all the knobs, but also some eccentricities, or do you want an appliance that may not have bleeding edge features, but is far less prone to error.
I personally, choose to not support companies who are assholes.
And, especially companies who call their open source competition, “Nazis”.
Screw netgate.
opnsense seems to be made by people who don’t hate me, so I use that.
I actually switched from pfsense to opnsense last week. The licensing debacle and the stand Netgate took against the community was enough for me to switch. It took a bit of time getting used to the UI, but I’m starting to enjoy using opnsense more than pfsense. First thing that made me happy was the automatic backups to nextcloud haha
pfSense is what happens when you take OPNsense and put a chick in it and make her gay and lame. Always go with open source.
Do it. OPNSense is starting to not make sense anymore. I had the same conflicts as you. But PFSense has more support and features.
I use pfSense for the stability of it.
Netgate as a company has certainly done a few things which have had me looking at other router options but at the moment, pfSense CE works, is stable, and I don’t need to faff with it, so I’m happy staying put.
Used both, from pf to opn maybe 15months ago. Never had issues with either but I’ve had issues with how pf is managed and just seems to get another reason to dislike every so often.
Depends on your issues but go raise bug report with opn. If opn started to cause me issues then I’d be more likely to goto openwrt I think,rather than pf.