Opnsense vs Pfsense ~ My own thoughts and concerns

Поделиться
HTML-код
  • Опубликовано: 15 дек 2024

Комментарии • 149

  • @kevinthomas7478
    @kevinthomas7478 2 года назад +71

    pfSense does have some great documentation and a large community, but unfortunately, some of their most knowledgeable community members seem to have ego problems. If you ask a question, they won't hesitate to tell you how stupid your question is and tell you to google it. The OPNsense forum is much more newbie friendly.

    • @herkku007
      @herkku007 Год назад +5

      😁You are so right about that. I mean pfsense community stars on their high horsies. Actually I thought I was the only one to get that treatment but sadly not. Don't know yet how opnsense community is - I haven't needed them yet thanks to all info on the web so I would not say it's too little info floating out there.
      I also like the GUI better on opnsense, feels snappier and more logic. Pfsense GUI is like something from the days of win 3.1 the looks wise and the slower response.

    • @ErickGuerra-tk8fb
      @ErickGuerra-tk8fb Год назад +6

      Sounds like Stack Overflow

    • @vt20247
      @vt20247 Год назад

      I was looking for a good reason to pick which one!
      This might be the best reason I can find. Thx for sharing your experience!

    • @kevinthomas7478
      @kevinthomas7478 Год назад +16

      @@vt20247 If you need another good reason, the PfSense developers got really petty and childish when some of the crew decided to split off and start their own project (OPNsense). They (PfSense) took over the domain name used by OPNsense to deface it and degrade the OPNsense developers. It actually went to court and OPNsense won. It’s a shame that grown adults were acting this way.

  • @jimlynch9390
    @jimlynch9390 2 года назад +30

    Thank you for this video. I looked at both and was exposed to pfsense when I was helping administer a system installed at a local charter school. Even though I had used pfsense, I felt that opnsense was easier to administer so that's what I went with at home when I gave up on network "appliance" routers. You've confirmed that my decision was the right one for my situation.

  • @JaguarInfinity
    @JaguarInfinity Год назад +37

    After hearing lots about Pfsense I was definitely leaning towards it for my firewall choice. Hearing about the development history, controversial actions and having the lack of regular updates for the CE version pointed out I'm definitely taking a closer look at OPNsense. Thanks for such a balanced comparison.

    • @rhone733
      @rhone733 Год назад +1

      Agreed

    • @cma-n5e
      @cma-n5e Год назад +3

      same here Im glad I caught this

    • @fatlip8315
      @fatlip8315 7 месяцев назад

      OpnSense has the ability to run it from a Thumb drive. I like that.

    • @ecotts
      @ecotts 6 месяцев назад

      More and more people are moving to OPNsense.

    • @fatlip8315
      @fatlip8315 6 месяцев назад +1

      @@ecotts like the top commenter of this thread points out.
      I'm thinking OpnSense should become the Community Leader of the Open Source area, as they are the ones pioneering the open source version.

  • @musicinsession
    @musicinsession Год назад +9

    This guy makes some real good points and he isn't afraid to call out ppl! Subbed!

  • @MeticulousTechTV
    @MeticulousTechTV Год назад +20

    After a recent breach of my local network using a popular brand of home all in one router/switch/access point, I decided to finally pull the trigger and ordered a ProtectLi box. It’s coming pre installed with OPNSense and at first I was hesitant as I wanted PfSense. After watching through your video series, I feel way better about sticking with OPNSense, especially due to the updates! With how many vulnerabilities are constantly being uncovered, no updates is not an option when it comes to network defense!

    • @cma-n5e
      @cma-n5e Год назад +1

      where did you purchase yours . Im looking at the same hardware ??

  • @LampJustin
    @LampJustin 2 года назад +20

    Thank you very much for addressing all of the controversy!! This was definately totally needed. You said what I never could have!

  • @aliancemd
    @aliancemd 2 года назад +19

    The fact that the m0n0wall developers recommend OPNSense and FreeBSD maintainers closely coordinate with OPNSense maintainers tells me something already...
    As far as I am aware, pfSense did contribute something to FreeBSD but it was an Intel NIC driver they needed to be maintained in FreeBSD for their new hardware.
    1 thing to note here, OPNSense Bussiness edition is mostly adding a management console for all your remote firewalls and cloud backup of your configs, which you could set locally on your own, with a storage device - it doesn't hide patches or firewall features.

    • @ecotts
      @ecotts 6 месяцев назад +1

      That's because the people who started OPNSense were the devs of Monowall. 😀

  • @jerryfaircloth
    @jerryfaircloth Год назад +6

    Good review. I used pfsense for years and for the most part had no issues until I needed to implement AQM with dual WAN's. This worked fine for a while until a software update came out and it broke dual WAN AQM. It was a real pain to fall back to the previous version. So at the time I tried OPNsense and it just worked. And not only did it work but it was way more intuitive on how you control pipes and queues along with their associated rules. Its true that OPNsense has lots of updates which might introduce problems but so far I have not had any. Like you said they are both good firewalls but I am going to stick with OPNsense from now on until something bad happens and I need to re-evaluate. It is for now the best firewall for my needs.

  • @AG-no8zq
    @AG-no8zq 2 года назад +14

    Thank you for mentioning the concerns about the CE. I feel like nobody talks about this.
    To me it looks like Netgate slacks on the progress of the CE to lure people to switch to the business edition. There's a free licence you can use. "So what's the problem?" you might think. Maybe they want to let the CE die because it's free and brings them no money. As soon as they let it die in a future point of time they will sooner or later kill the free business licence and force you to pay if you want to keep using your pfSense. Think about it - it's every companie's goal to make money.
    I switched from pfSense CE to OPNsense CE about 3 weeks ago and don't regret a thing.

    • @fatlip8315
      @fatlip8315 7 месяцев назад

      If it's Open Source, the community could get involved and help.
      I'm not seeing it.
      As for open source and freeware, a lot of freeware devs back in the day, had donation forms that accepted various forms of payment processing. Some even had a crypto public address.
      Idk if OpnSense or pfSense or many others offering freeware shareware subscriptionware. But, maybe they should.
      Apache https does.
      MySQL does
      PHP does.
      Maybe it's only Apache and the free scripts and code snippets community. I could be wrong.

  • @XNAdam
    @XNAdam Год назад +1

    been looking into setting up an open source firewall at home and have been considering both of these. I've watched a few vids on it, and I think after this one I'll be going with opnsense. thanks for all the great info! subbed for sure

  • @TheQuartzMatrix
    @TheQuartzMatrix 9 месяцев назад +1

    We need more free minded youtubers like you man! Thank you so much for clearing this up for me!

  • @merlingt1
    @merlingt1 Год назад +2

    I switched to OPNsense about 2 years ago and could not be happier.

  • @defaultroute
    @defaultroute 2 года назад +6

    Quality review. Fair and comprehensive cover of the two platforms. I’ve personally been running pfsense for about 10 years and it’s been solid.

  • @rpsmith
    @rpsmith 2 года назад +4

    Excellent comparison between the two firewall. I support both but the once a year updates and the current direction of netgate/pfSense will likely cause me to switch to OPNSense for all new customers.

  • @AdrianuX1985
    @AdrianuX1985 2 года назад +23

    My impression is that Netgate is similar to Oracle.

  • @martyb3783
    @martyb3783 7 месяцев назад

    This is a great unbiased comparison. Thanks for making this video.

  • @Sheikhazeemsh
    @Sheikhazeemsh 4 месяца назад

    thanks for your honest comments trying to keep peace in the world :)

    • @TheNetworkBerg
      @TheNetworkBerg  4 месяца назад

      Yeah sometimes trying to keep the peace or being neutral can be difficult. I am still quite shocked at a fake website being created to scare off potential customers.

  • @henninb
    @henninb 2 года назад +2

    These firewalls are solid, i have tried both of them. I am more familiar with pfsense so that is what I use.

  • @Daphoid
    @Daphoid 5 месяцев назад

    I ran m0n0wall and DD-WRT back in the early 2000's good stuff indeed. I do remember "being there' when the project winded down but I can't recall the reasoning 20 odd years later.

  • @pedromartinezdeaguilar9187
    @pedromartinezdeaguilar9187 5 месяцев назад +2

    Question: Mikrotik vs one of this two software, witch one you recomend?
    Regards

  • @ztech-consulting
    @ztech-consulting 2 года назад

    I've been using OPNSense for over 2 years now and it works perfectly for my needs. PFSense is great too :)

  • @rdwatson
    @rdwatson 2 года назад +7

    I considered switching to OPNsense when I replaced my old NetGate router hardware. In the end I stayed with pfSense primarily because they have much better documentation. OPNsense is like a man page describing available settings whereas pfSense has that plus practical examples, reasons you might choose one option over another, explanations of higher level concepts, and links to additional info.

    • @TheNetworkBerg
      @TheNetworkBerg  2 года назад +4

      That makes total sense Randy and is a great reason to stick with pfSense.

    • @kevinthomas7478
      @kevinthomas7478 2 года назад +9

      I understand your reason for doing this, but on the flip side, you could probably use those same pfSense documentation resources with OPNsense since they are very similar. I've done this myself. The biggest difference is how they label some of the settings, but if you can figure out the difference, you should be able to work your way through it.

  • @jonathan.sullivan
    @jonathan.sullivan 2 года назад +2

    One cool fact about Pfsense is that even if you acquire their appliances second hand, you just need to provide a picture of the serial number and they'll give you an iso for their plus edition OS. They do it pretty quickly too.
    I have a netgate 7100 I've been toying with the idea of running OPNsense on it.

    • @TheNetworkBerg
      @TheNetworkBerg  2 года назад +2

      That's pretty cool, I wasn't aware of that at all. Thanks for the info 😃

  • @kevinthomas7478
    @kevinthomas7478 2 года назад +21

    I noticed you didn't call it out directly, but the bad faith trademark stuff they did was against the OPNsense team. The pfSense development team was mad that some developers decided to go their own way and had the audacity to try to make something better, so the pfSense folks acted like children.

  • @danbrown586
    @danbrown586 2 года назад +20

    I used pfSense at home for 5-6 years before switching to OPNsense earlier this year, after an unsuccessful attempt to switch a couple of years earlier. The Netgate drama was a big part of my reason for wanting to switch, as was the Wireguard issue. On the latter, it wasn't so much that they'd contributed garbage code (they'd hired a dev whom they had every reason to trust to do good work), but their response when it became apparent that the code was garbage was to blame everyone but themselves. You provided this code, folks; you're responsible for it. Another point, not mentioned in this video, is that there's some serious question whether pfSense is truly Open Source--the claim is being made (and pretty credibly to my uneducated eye) that ESF/Netgate/whatever they're calling themselves now *have not* released all the source code, and that it's impossible to build pfSense with what they have released.
    As you say, functionality between the two is about the same, and so is the logic--if you know how to do something on pfSense, you can probably figure it out pretty quickly on OPNsense (more so for the core features than for the plugins). OPNsense's GUI is *much* better IMO than pfSense's--not only in terms of "it looks better" (though it does), but also in that the organization is more logical (which of the pfSense UI designers thought that (1) the reboot/shutdown options should be in the Diagnostics menu, rather than System; (2) they should *not* be adjacent to each other in that menu; (3) they should be labeled "halt system" rather than "shut down"; and (4) they should just be in alphabetical order in a 20+-item menu?). Hairpin NAT works for me under OPNsense; I was never able to make it work under pfSense.
    The biggest downside in my experience has been the OPNsense forum, which has been useless for me. I've been working with F/OSS for 20+ years--I know how to ask a question and provide a reasonable amount of supporting detail. I recognize that the vast majority of the people there are volunteers, not paid staff. But when the response to "DNS isn't working" with a good bit of supporting detail is crickets, that's a bit of a problem. I found more support on the TrueNAS and Nethserver forums than I did on the OPNsense forum.

    • @TheNetworkBerg
      @TheNetworkBerg  2 года назад +2

      Thank you for posting about your experience Dan. I have definitely seen people joke about how pfSense/Netgate reacts to criticism on forums and reddit.

    • @danbrown586
      @danbrown586 2 года назад +1

      @@TheNetworkBerg That's its own issue as well, and one that I've seen, but haven't personally dealt with.

    • @autohmae
      @autohmae Год назад +2

      I suspect reddit is more active

    • @TecraTube
      @TecraTube Год назад

      saying you found more help from TrueNAS boys than OPNsense boys is concerning. TrueNAS is not pleasant at all. I'll stick to pfsense and considering going on all in this year with a negate 4100

    • @MeticulousTechTV
      @MeticulousTechTV Год назад +3

      Only we can change that! Hopefully everyone here watching this video will make a small effort to join up at the OPNSense forums and Reddit! Just a couple minutes a month of browsing and answering questions can help out future community members for years to come

  • @cheebadigga4092
    @cheebadigga4092 2 года назад +4

    FreeBSD 12.3 supports these NICs from the LTT video, however, they forgot to add boot configuration to enable them. Kinda like Linux kernel modules, in a sense. Just to note.

    • @TheNetworkBerg
      @TheNetworkBerg  2 года назад +2

      Thanks for the info :)

    • @cheebadigga4092
      @cheebadigga4092 2 года назад

      @@TheNetworkBerg you're welcome :)

    • @ClauSalvio
      @ClauSalvio 2 года назад

      Hello Cheeba Digga
      Can you please add a link to the LTT video you mentioned?

    • @cheebadigga4092
      @cheebadigga4092 2 года назад +2

      ​@@ClauSalvio I can't post links since YT doesn't like links in comments. But the title is "I hope you don't need internet.... - Server Room Upgrade". They ended up using OPNsense because of the NIC issue they probably didn't bother to research. For me it was the first Reddit post on Google that presented the fix.

    • @ClauSalvio
      @ClauSalvio Год назад +1

      @@cheebadigga4092 Thank you ! 🙏

  • @PhilipLemon
    @PhilipLemon Год назад +17

    I dropped pursuing pfsense after the trademark trolling and then the wireguard debacle. You can't trust a company with securing your infrastructure when they behave in such an unethical way and have such poor quality control.

    • @TheNetworkBerg
      @TheNetworkBerg  Год назад +6

      I was enjoying making videos around pfSense and how to perform certain parts of configuration until I read through the /selfhosted reddit about the trademark thing. I stopped making any tutorial videos about pfSense afterwards.

  • @alimibrahem8120
    @alimibrahem8120 2 года назад +1

    Welcome back.. 🌹🕊️

  • @ckong3309
    @ckong3309 5 месяцев назад

    Great video. I learned a lot. Thanks!

  • @jules.marshall
    @jules.marshall 2 года назад +3

    I use them both and each has a specific purpose. PHP on pfSense is buggy, hence the restart option from console. OPNSense update cycle can be seen as too frequent.

    • @Perra1901
      @Perra1901 2 года назад +1

      But you can CHOOSE to not update to latest and greatest if that dont tickle youre fancy..
      Let other do the testing and update when they fixed certain issue that may come.
      Aswell its so much easier to add sideloaded stuff to my opnsense box than pfsense.
      Such as sideload AdGuardHome directly via freebsd instead of a application where you depend on the ones updating the "built" in app.
      Were as sideload AGH you use their own code for freebsd.
      more options, more control.

    • @jules.marshall
      @jules.marshall 2 года назад +3

      @@Perra1901 This is true for domestic installs, in a business audited environment, I am required to be running the latest version within a few hours of release, I find this a tiresome issue with OPNSense. Thankfully there are product choices for different install scenarios.

    • @jonathan.sullivan
      @jonathan.sullivan 2 года назад +3

      I agree, quarterly updates would be sufficient. I too deal with audits at the workplace.

  • @Waremonger
    @Waremonger 2 года назад +3

    I used pfSense for years and had no issues until the update from 2.4.5-p1 to 2.5.0 and then the router started to hang intermittently. I stuck with it until 2.6.0 but the hanging continued and actually became worse. I re-installed and set it up again manually since re-installing and re-importing my config did not resolve the hanging issue. Shortly after 2.6.0 I ditched pfSense and went to OPNsense and was very happy with it until the last update and now a specific use case is not working correctly (SOCKS5 proxy via SSH) - I can't even get 1 Mbps throughput, whereas previously I was getting normal throughput. I've been doing this since about 2009 (on DD-WRT, EdgeOS, pfSense, and OPNsense). I did not like the constant updates with OPNsense as that leads to issues with stability. Now I'm ready to go back to pfSense after they move to FreeBSD 14 and hope the intermittent hangs go away. I know the intermittent hanging on pfSense is related to my SOCKS5 proxy via SSH because if I don't use the proxy the router is stable and never hangs. Ultimately I may have go back to pfSense 2.4.5-p1 or the original version of OPNsense that I installed which I really don't want to do due to security issues... The hangs with pfSense are not hardware related as I had it happen on two completely separate hardware devices (that are very much overpowered for pfSense / OPNsense).

  • @ecotts
    @ecotts 6 месяцев назад +3

    In 2024
    - OpnSense has been using the latest version of FreeBSD way before PFSENSE.
    - In 2023-2024 Pfsense recommended everyone moved over to PFSENSE plus, so they did, they then said you shouldn't (screwed everyone).
    - Pfsense is less open-source in 2024 than OpnSense.
    - Pfsense in 2024 will absolutely mess up your routers config if you add another NIC to your Proxmox virtualisation server, it absolutely shits itself.
    - Opnsense tends to get more newer stuff sooner than pfsense.
    - Opnsense developers are more active in the community than pfsense.

  • @maliciousloki
    @maliciousloki 2 года назад +11

    Solid review, and excellent timing for me (considering which to use on some new installs)! Every company has some kind of bad blood (maybe not as bad as pfsense's), I think it's down to three major things - what interface do you prefer, do you want hardware from the authors of the firewall, and how often do you want updates? For me, I think it'll be opnsense. I've loaded both on a small firewall appliance and the only major difference was the four interfaces loaded in the reverse order on opnsense! :)

    • @edwinkm2016
      @edwinkm2016 2 года назад

      Another point to add. Companies usually want support. So for America is makes sense to use pfsense. Target of Opnsense is Europe

  • @V1N_574
    @V1N_574 2 месяца назад

    Just for the fact that opnsense is continuously being updated for everyone is reason enough, specially for security reasons. I'm probably cjamging over the weekend to opnsense or as soon as I have the time to set it up virtually and then deploy it on physical hardware.

  • @cheebadigga4092
    @cheebadigga4092 Год назад +2

    I don't wanna spam the comments, but I'll leave one last comment here just for completeness. pfSense 2.7 has been released on 2023-06-29 with FreeBSD 14 and ConfigRev 22.9. It is essentially pfSense Plus 23.05.1 (most current release mind you) without the Plus features, or rather the Plus variant is pfSense 2.7 with the Plus features added. Meaning: yes, pfSense (no Plus) will always release on a slower cadence, however, judging by its history, when it will release, it is on par with pfSense Plus base-feature and base-patch wise. If you're not missing any features that pfSense (no Plus) already provides, I see no point in switching to Plus.

  • @MrIous99
    @MrIous99 2 года назад +2

    very informative video, thanks for that. but I am still struggling to choose. I have run a TrueNAS server for the past 5 years, with no dedicated firewall (just diy geoblocking) and now want get into the topic. for a complete firewall newbee, which one do you think is easier for me to start? The one with the more intuitive GUI or the one with the huge community with a recipe for every need?

    • @TheNetworkBerg
      @TheNetworkBerg  2 года назад +3

      Both firewalls will do the job just fine for a complete beginner, the OPNsense documentation has also grown over the years and has many configuration examples as well. Though I think personally for someone completely new that the pfSense community will definitely help ease you into firewalling. So I guess try pfSense and see how you feel about it, though I do highly suggest joining their reddit community as well.

    • @kevinthomas7478
      @kevinthomas7478 2 года назад +1

      As someone who has used both quite a bit, I'd recommend OPNsense.

    • @MrIous99
      @MrIous99 2 года назад

      @@kevinthomas7478 thanks, glad to hear. My gut told me to go for OPNsense (nobody stopping me from browsing through both communities for help), and I am really happy with my choice..

  • @rickstokes2239
    @rickstokes2239 4 месяца назад

    The best one is the one you can manage effectively for your purposes.

  • @JosephJohnson-sq4bu
    @JosephJohnson-sq4bu 2 года назад +3

    So glad I came across your channel. I am curious if you have in mind a video to demonstrate how one could connect datacenters with OPNsense w/ospf at the edge. Full mesh without using IPsec tunnels would be incredible.

  • @brettlaw4346
    @brettlaw4346 5 месяцев назад

    Are updates in pfSense CE lacking security patches or is it feature lag?

  • @PicyPoe
    @PicyPoe 2 года назад +1

    The background in the intro is the best! Also can you please share your homelab setup

    • @TheNetworkBerg
      @TheNetworkBerg  2 года назад +2

      Thank you for the kind words! The background is V's apartment from Cyberpunk2077. I love the atmosphere of that game or anything Bladerunner. My homelab is basically run off of my gaming PC, I would love to have custom hardware but I just don't have the cashflow for that :C Perhaps one day!
      My gaming pc specs are:
      Mobo: ROG Strix B460-H Gaming
      CPU: Intel Core i5 10600K
      Memory: 32GB DDR4 Corsair Vengeance @2666 MHz (can't clock higher)
      GPU: GeForce GTX 1070 (Could never get a hold of a newer GPU without paying an arm and a leg. THANKS MINERS)
      Storage: Various different SSD drives (total storage comes to around 1TB)
      For my actual labbing most of this is done on either my hypervisor or on a network emulator so let me give those details as well:
      Hypvervisor: VMware Workstation Pro ( I am considering moving this as creating custom VLANs is not as easy as it should be)
      Network Emulator: EVE-NG

  • @jimle7097
    @jimle7097 Год назад

    100% agree. I was thinking about the pfSense update a few months ago. I'm going to look into OPNsense soon. Do you have any video how to get started on OPNsense.... Thanks for sharing!!!

  • @jeremyrichey4243
    @jeremyrichey4243 Год назад +2

    It might seem trivial but I don't think it is: OPNsense isn't really born from PFSense, any more than PFSense community edition is, it's a continuation of PFSense caused by a split in the community when they changed the license (similar to LibreOffice/MaraDB/etc...). OPNsense Business Edition is really just a more conservatively updated/tested version of OPNsense, that comes with professional support (a phone number to call). OPNsense however has feature parity between it's editions (the reason for the PFSense split), and is a far better product IMHO.

    • @TheNetworkBerg
      @TheNetworkBerg  Год назад +1

      Thanks Jeremy, yeah you are correct and I totally agree with you.

    • @jeremyrichey4243
      @jeremyrichey4243 Год назад

      @@TheNetworkBerg I did enjoy the video though and thought it was a good summary.

  • @---tr9qg
    @---tr9qg 2 года назад

    I have a strange problem with opnsense appliance that working on hyper-v. When I'm using console of appliance to ping something, the only way to stop this process is to ssh to appliance and kill the process from command line. And i'm still don't find more comfortable solution 😥

  • @StaK_1980
    @StaK_1980 2 года назад +3

    After watching this video, I'd go with OPNsense. The only thing that is good on PFsense is the ZFS.
    Wasn't OPNsense built on hardenedBSD or did they dropped that?

    • @edwinkm2016
      @edwinkm2016 2 года назад +3

      Yes they switched

    • @StaK_1980
      @StaK_1980 2 года назад

      @@edwinkm2016 Ah, good to know, thank you!

    • @lopezd-rd7wm
      @lopezd-rd7wm 2 года назад +4

      OPNsense has ZFS option

  • @DaleEarnhardtsSeatbelt
    @DaleEarnhardtsSeatbelt 2 года назад +1

    I went opn since I have i-226 nics. I'd like to try pf too.

  • @gjkrisa
    @gjkrisa 2 года назад +1

    only two things that made me switch back from opnsense was looking at the traffic graph it didn’t really show current talkers but more it didn’t show me the names so i’d have to know the ip of devices or look at the ip tables. also not having tailscale in the plug-in or packages. but opensense was super fast doing anything or doesn’t make you wait before you can do anything else. i guess zerotier is similar to what i need tailscale for just need to look into it more how to use.

    • @kevinthomas7478
      @kevinthomas7478 2 года назад +1

      You can send your suggestion to the developers and they may incorporate it in a future release.

  • @autohmae
    @autohmae Год назад +1

    It's not just the updates, but also the code of opnsense is more moderm

  • @manicmarauder
    @manicmarauder Год назад +2

    I was already heavily leaning towards Opensense just due to the more frequent update cycle. However, after hearing about what PFsense did to their competitors it's a solid lock on Opensense. Then them adding the super buggy module just to get it out there was icing on that decision. That shows multiple poor decisions for profit over morality. I fully expect they'll make more questionable decisions in the future. Given past poor decision making for profit, it wouldn't surprise me to hear over the next few years that "someone" contributed bad code to some of the packages that "their" version has patched out. I'm not aware of them doing that, but it does seem like one of the next logical steps since they got caught on the other stuff.

    • @rpsmith
      @rpsmith 10 месяцев назад

      You will find 100x more how-to videos for pfSense vs OPNSense here on RUclips making it much faster and easier to get up to speed and solve problems with pfSense.!

    • @manicmarauder
      @manicmarauder 10 месяцев назад

      @@rpsmith Maybe in total volume, but a lot of that is repeat info from multiple people. It's funny, you can see the same blocks of creators come out with videos about the same topics all around the same time, just based on the trends like every other RUclips subject. Once you filter out the repeats you're left with a lot less useful info. Still likely more I'll admit, but nowhere near what you might think.

  • @cma-n5e
    @cma-n5e Год назад

    can I use OPN Sense with Protectli Vault ?

    • @TheNetworkBerg
      @TheNetworkBerg  Год назад

      Never tried to so don't know, can't see why not. Anything you can load a pfSense image onto you should be able to load OPNsense on as well.

  • @sohaiblodhi
    @sohaiblodhi 2 года назад +1

    Is wireguard secure enough. Like ikev2

    • @TheNetworkBerg
      @TheNetworkBerg  2 года назад +5

      Wireguard is very secure.

    • @sohaiblodhi
      @sohaiblodhi 2 года назад

      @@TheNetworkBerg Somebody told me there are firewalls which look in IPsec traffic. I guess it was Noris Firewall.

  • @camaycama7479
    @camaycama7479 2 года назад

    Thanks a bunch!

  • @AmrShalabyofficial
    @AmrShalabyofficial 9 месяцев назад

    I think opensense has a little bit lag connection to the internet
    I feel that when I start to call website
    Or test internet speed connection

  • @DarkNightSonata
    @DarkNightSonata 2 года назад +1

    I have tried both, and used pfsense for long time. however, currently, I switched over to VyOS and its been running flawlessly and feels snappier than pfsense tbh. Also, it is based on Debian 11, which has much better hardware compatability than both. also, its fully opensource. I really wish that you give it a shot and make a video on it. Thanks, and your video is awesome btw very comprehensive and fair to both.

    • @mmrk_
      @mmrk_ 2 года назад +1

      +1 for VyOS

    • @edwinkm2016
      @edwinkm2016 2 года назад +1

      Not sure if they target the same people. AFAIK fully command line. Probably compete more with Microtik.

  • @kurdapio2k6
    @kurdapio2k6 2 года назад +4

    OPNSense + ZenArmor ftw! so easy to filter websites.

    • @TheNetworkBerg
      @TheNetworkBerg  2 года назад

      Yeah I've seen a few people loving ZenAmor with their Sense firewalls :D!

    • @kurdapio2k6
      @kurdapio2k6 2 года назад

      @@TheNetworkBerg yeah, also it is so difficult to implement filters in PFSense pfblocker, will also require that pfsense should be the primary dns thus rendering the internal dns useless for internal zones. I don't know why other tech tubers push pfsense to people 🤔 .
      I would only use Opnsense and untangle in my workplace.

    • @kevinthomas7478
      @kevinthomas7478 2 года назад +1

      @@kurdapio2k6 I think the reason so many RUclipsrs push new folks onto pfSense is because there is so much hype surrounding pfSense. They will repeat all of the same "gee whiz" cool features that pfSense has, but they won't get into any of the drawbacks like this video did.

  • @zaluq
    @zaluq Год назад

    Have you looked at the fork of Opnsense called Dynfi ?

  • @backslide311
    @backslide311 2 года назад

    Sadly I can't really use either as it's limited to 1 thread on pppoe

  • @shephusted2714
    @shephusted2714 2 года назад +2

    opnsense is better for better licensing - they are basically the same sw - opnsense is way better politically and it is more better for more updates #more

  • @tricogustrico
    @tricogustrico Год назад

    Opensense is what I prefer.

  • @ecotts
    @ecotts 6 месяцев назад

    Opnsense Franco 👍

  • @Viking8888
    @Viking8888 2 года назад +1

    This was a good video, but honestly, I still have no idea which one to go with after watching it. All of my hardware is seen by both so that makes things even more difficult. Choices are good, but can be frustrating!

    • @edwinkm2016
      @edwinkm2016 2 года назад +1

      Both are valid options and still supported. If you have some basic network skills (and a simple ISP without vlan crap) then a install should not be that difficult. After the “command line” (setting up the interfaces) part you should have a working and safe setup. If you have a simple setup you can also switch quite easily later.

  • @stan8926
    @stan8926 2 года назад

    FTPS on OPNsense?

  • @kurt120032002
    @kurt120032002 11 месяцев назад +1

    I am looking to move to a personalised router and I must say the open BSD makes me uneasy. I am working on linux for 7 years now and every time I wanted to flashed open BSD on a vm or available pc I ran in to driver problems that prevented me to install it. Why is that relevant ? Because dropping 700-1000€ to a fanless pc with powerful cpu and multiple NICs just to have BSD being BSD does not inspire trust.
    2nd pf sense is out. I can’t trust people who act like MW2 lobby trolls.

  • @DenofLore
    @DenofLore 6 месяцев назад

    🙌

  • @Wahinies
    @Wahinies 4 месяца назад

    Netgate has some evil in house. Thats enough for me to run OpnSense

  • @Sin3xtreme
    @Sin3xtreme Год назад +1

    new users i think are better of starting with PF

  • @jamesfatula5824
    @jamesfatula5824 27 дней назад

    Freebsd based have hardware drivers limited not even Intel based 10 g cards such as x520s do not work is prefer to debian based such as ipfire ,etc that works

  • @reanitkhmer3325
    @reanitkhmer3325 2 года назад

    Sir if possible I want u to show vpn site to site pfsense +mikrotik I tried many times not yet success. Thanks

  • @raughboy188
    @raughboy188 8 месяцев назад

    Don't be surprised is pf sense stops maintaing comunity edition altogether. Opnsense were clear about difference between paid stuff and free stuff and free version will be updated but not as fast as paid version so we all benefit. You can also get ETpro rulesets for suricata for free but in exchange you have to agree to allow them to collect your data but that's strictly data needed for creating and updating suricata rulesets or you can pay per year so it's up to you. Comunity for opnsense isn't big like one for pfsense but when it comes to how each of them treat users in myopinion opfsense wins because they don't focus mostly on paid version at the expense of free version so i can live with slower updates. Ons sense options are very resonable and very resonably priced and you pay per year,not per month like most subscription services so you have option even to pay business editon for 3yrs in advance.

  • @cheebadigga4092
    @cheebadigga4092 2 года назад

    I don't understand the controversy for the pfSense community updates. Looking at the release table from their docs:
    pfSense CE version 2.6: Config rev 22.2
    pfSense Plus version 21.x: Config rev 21.7 (latest revision)
    pfSense Plus version 22.x: Config rev 22.2 (22.01), config rev 22.7 (22.05)
    pfSense CE version 2.7: Config rev 22.7
    So basically the Plus version gets the updates faster (in-between full releases), whereas the CE version gets them via full release. I think that's a fully understandable business move. To add to that, the Plus version has the proprietary components which get updates, too. So, because these components are not part of the CE version, there cannot be any updates for them in the first place.

    • @TheNetworkBerg
      @TheNetworkBerg  2 года назад +2

      I agree with you that it definitely makes sense from a business point of view to handle releases the way they are. Especially if they want to push people to migrate from CE to +, I mean the Tac lite support is even free at the moment which cost well over a 100 dollars. So they are really incentivizing people to move over from CE.
      I guess I am mainly just iterating what many others in the community tend to think. That the project has become more commercialized over the years and that there is less focus on CE. Personally I don't think they will drop CE, as this would probably cause a total riot from the community.
      But still these are the perceptions that tend to come up on Reddit or on Lawrence System's comment sections.

    • @edwinkm2016
      @edwinkm2016 2 года назад

      @@TheNetworkBerg if they just made a open source version with some closed source modules/plugins (usually enterprise features) the backlash would be negligible. That is not how they introduced it. I think they are somewhat building it from scratch (MVC) so the 2 will diverse over time. Also note the controversy about the state over how “open source” the CE really is. People tried to build the code but failed because important stuff seems missing.

    • @TheNetworkBerg
      @TheNetworkBerg  2 года назад

      @@edwinkm2016 yeah Edwin, that is a point I have not really brought up in the video as I haven't tried building it myself and I don't want to get pulled into a very bad whirlwind as I have seen discussions on this point be debated at length and get pretty volatile.

    • @cheebadigga4092
      @cheebadigga4092 Год назад

      just to reiterate my point: pfSense 2.7 has been released on 2023-06-29 with FreeBSD 14 and ConfigRev 22.9. It is essentially pfSense Plus 23.05.1 (most current release mind you) without the Plus features, or rather the Plus variant is pfSense 2.7 with the Plus features added.

  • @rpsmith
    @rpsmith 10 месяцев назад

    try to Execute a Shell Command from OpnSense GUI.

  • @camjohnson2004
    @camjohnson2004 Год назад

    I wonder if there will be a pfSense or OPNSense based on the Linux Kernel? like how Truenas has both BSD and Debian kernels

  • @abeau12345678
    @abeau12345678 Год назад

    good video all the way up to the competitor website war is war you and I don't know what happened its a fight which you now sided which is what happened between these 2 firewall companies Duche bag move

  • @martysdomain
    @martysdomain 2 года назад

    Higher end Netgate devices have support for VPP, which is a huge leap in performance that Opnsense doesn't have, to my knowledge.

    • @feekes
      @feekes 2 года назад +2

      VPP is only supported on the TNSR platform. TNSR is Linux based whereas PFSense is BSD.

    • @martysdomain
      @martysdomain 2 года назад

      @@feekes Nothing that I have stated was incorrect. Thanks for the info.

  • @zoomingby
    @zoomingby Год назад

    Bruh, you can't mention something like "wireguard" and not even give a brief summary of what it does. But great video overall. Thanks!

  • @BoltThrower321
    @BoltThrower321 Год назад

    Opnsense documetation SUCKS ... it's like the short nonsense recipes from Ubiquity.

  • @AnythingGodamnit
    @AnythingGodamnit 8 месяцев назад

    The dick move alone by pfsense is enough to convince me to go with opnsense, but it overall sounds a bit better anyway, especially the update frequency and openness of the platform. The only notable downside I'm seeing is higher prices for opnsense, but that's a price I'm willing to pay

  • @allaboutcomputernetworks
    @allaboutcomputernetworks 2 года назад

    Nice tutorial video.👍

  • @rrorge
    @rrorge 2 года назад +1

    From what I understand PFSense are going straight to Free BSD 14

  • @JasonFord-l3p
    @JasonFord-l3p Месяц назад

    Be sure to have clear consent before you.. OPNSENSE🫢😆🤣