Pfsense standard Vs paid edition?

qbhatti

qbhatti

qbhatti

Associate
Joined
4 Oct 2021
Posts
160
Location
Uk
Hi.

I run a forcepoint 1100 at home now due it having a nice 10gb port and it runs great.

Wondering if anyone has upgraded from the standard version (last updated Jan 2022) to the free paid for version (forget what it's called )..I'm a bit reluctant to make the jump as I'm not that familiar with how to reinstall pfsense should it all go balls up.
 
You don't have to pay to apply an pfsense Plus license. I've got a couple of firewalls with 23.01 pfsense plus.

pfSense Software Types

Explore our subscription table below. Find the option that is best for you. Check out our Subscriptions FAQ for more detail.
www.netgate.com www.netgate.com

Again other free options out there such as Sophos XG Home or OPNsense. Find what works for you and roll with it etc.

Tried Opnsense, but didn't like the UI and TBH haven't given it enough time.

I was an early adopter of Unifi UDM-Pro, didn't like it, had a crack with Untangle for a period, but with the license increase on Home Pro etc. and Arista purchasing Untangle these days it's Sophos XG or pfsense that gets my time.
 
Last edited:
Mikey said:
You don't have to pay to apply an pfsense Plus license. I've got a couple of firewalls with 23.01 pfsense plus.

pfSense Software Types

Explore our subscription table below. Find the option that is best for you. Check out our Subscriptions FAQ for more detail.
www.netgate.com www.netgate.com

Again other free options out there such as Sophos XG Home or OPNsense. Find what works for you and roll with it etc.

Tried Opnsense, but didn't like the UI and TBH haven't given it enough time.

I was an early adopter of Unifi UDM-Pro, didn't like it, had a crack with Untangle for a period, but with the license increase on Home Pro etc. and Arista purchasing Untangle these days it's Sophos XG or pfsense that gets my time.
Click to expand...
Hi Mikey, thanks for that.

The issue is that this is for the main router in my house, and if t'internet goes down, then my hell hath no fury like a teenager robbed of internet! - thats why the device I have already runs PFSense and its running really well - just wondered if there was any point in moving to the PFS+ - i have the free license for it, just worried if i bugger it up then what am i going to do....with no internet to download it again or anything...
 
qbhatti said:
Hi Mikey, thanks for that.

The issue is that this is for the main router in my house, and if t'internet goes down, then my hell hath no fury like a teenager robbed of internet! - thats why the device I have already runs PFSense and its running really well - just wondered if there was any point in moving to the PFS+ - i have the free license for it, just worried if i bugger it up then what am i going to do....with no internet to download it again or anything...
Click to expand...

pfsense does have a few extra features and it's more up to date than the current CE version of 2.6. 2.7 is coming, but when. Pass.

I'm no pfsense fanboy. Depends what features you are needing etc. Are you using anything over the basic firewall or have a requirement for more scanning etc?
 
mikey - im just using it as a router. nothing fancy on my end. i need it to remain operational so as not to have any downtime - thats it.
i forward a few ports with it and it uses my pppoe connection which has my static ip so no cgnat issues.
 
ChrisD. said:
Just use OPNsense.
Click to expand...
This, for a multitude of reasons. It will do everything pfSense can do and more, won't cost you money and doesn't have deranged or criminal devs, unlike some... If you're base-OS agnostic, also consider OpenWRT and IPFire if you don't need IPv6. They're all solid, well supported, and will give you more uptime than any ISP can throw at you unless you do something stupid to break them.
 
It's not such an easy thing to pick a router platform if you don't want to go down the x86 box route with the footprint and power consumption that comes with that. Opnsense and Netgate both make some fairly decent hardware but they come with appropriate price tags. Getting more powerful Openwrt hardware can be a bit of a challenge if you're trying to stick to the SOC route.

I'm about to test the limits of an EdgeRouter X SFP that cost me nothing by putting it on a symmetric 500Mbps connection and I am totally aware that a dual core MIPS box from a decade ago isn't the best platform to run on, but there aren't that many firewall options that have nice CLIs to use. I may end up picking up something that runs Junos.
 
Last edited:
Caged said:
It's not such an easy thing to pick a router platform if you don't want to go down the x86 box route with the footprint and power consumption that comes with that. Opnsense and Netgate both make some fairly decent hardware but they come with appropriate price tags. Getting more powerful Openwrt hardware can be a bit of a challenge if you're trying to stick to the SOC route.

I'm about to test the limits of an EdgeRouter X SFP that cost me nothing by putting it on a symmetric 500Mbps connection and I am totally aware that a dual core MIPS box from a decade ago isn't the best platform to run on, but there aren't that many firewall options that have nice CLIs to use. I may end up picking up something that runs Junos.
Click to expand...
The forcepoint 1100 I am using runs a pentium d1508, 16gb ram and seems to be handling what I'm throwing at it (admittedly little) very well.
The guy I brought it off had put pfsense on it when he shipped it...and I'm quite petrified of bringing it to the point of no return then we have no home internet
 
If you have one device that you are reliant on for your home internet to work, and you don't feel comfortable maintaining it or managing it, then you need to get a backup, even if it's just the ISP-supplied router. If you are "petrified" of breaking the install then presumably you're never going to do a software update - and then what happens when there's a vulnerability in the version you're running?
 
Last edited:
qbhatti said:
The forcepoint 1100 I am using runs a pentium d1508, 16gb ram and seems to be handling what I'm throwing at it (admittedly little) very well.
The guy I brought it off had put pfsense on it when he shipped it...and I'm quite petrified of bringing it to the point of no return then we have no home internet
Click to expand...

Get a couple of decent USB thumb drives. Install Ventoy to them and add ISOs for every router distro you care to test and/or run. If your main device dies then just reinstall from your USB (with one as backup in case a stick dies) and restore your config. As Caged said, always have a backup or cold spare if you *need* (or really want) your connection to be interrupted in case of failure.
 
Last edited:
Rainmaker said:
Get a couple of decent USB thumb drives. Install Ventoy to them and add ISOs for every router distro you care to test and/or run. If your main device dies then just reinstall from your USB (with one as backup in case a stick dies) and restore your config. As Caged said, always have a backup or cold spare if you *need* (or really want) your connection to be interrupted in case of failure.
Click to expand...
Ah okay..I need to look into this...it's currently running off a CF drive inside the box.
 
Will look at Opnsense over the weekend. Requirements are WireGuard, OpenVPN and ACME as a basic aspect.

TBH what extras over CE is a requirement. It's funny how the world has come to an end for some of Redditt. Really lol
 
Yes, loads of Drama Llamas over the change. It's more about trust and belief that netgate will make good decisions communicated to their customers (paying or otherwise).
If they had offered the plus version lite for $129 it may have been accepted.
 
Indeed, it is comical though :D

I think the other thing that is lost between CE and Plus is the supported hardware crypto (QAT etc). I think. I'm running on an Sophos XG 125 Rev 3 unit atm that supports QAT via the C3000 based Atom CPU. Real world, prob makes little difference anyway due to the "lack" of VPN connections etc.

I do have Duo configured for 2FA, so need to look at the 2FA setup in Opnsense. Failing that I can always put Sophos XG Home back on.
 
You must log in or register to reply here.
Back
Top Bottom