The Netgate company has released a new update for the pfSense Plus operating system, that is, for all those who have a valid license for this version and not those who have the pfSense CE version. After the company said that the Home&Lab version They would not receive any more updates due to the license they gave for free a year and a half ago, and they put the new license at $399 per year, the company has backed down and they have put the price back to $129 per year as promised. Now Netgate has released a new version with important improvements, and in principle this version would be available to everyone because they do not indicate otherwise. Find out all the details below.
Netgate has caused quite a stir in the pfSense community, since from one day to the next it decided that the Home&Lab version was going to disappear, and that the annual subscription would go from the initially promised $129 to $399 annually. , that is, triple the price. Many users went straight to migrating from pfSense to OPNsense, the best alternative that currently exists and is completely free. Now Netgate has released a new version with important improvements, although there are some problems when updating.
What’s new in the new version
The main novelty that has been incorporated into this new version is the OpenSSL update to version 3.0.12, this means that certain old and weak ciphers have been removed from the library, so we will not be able to use it anymore. Security certificates that were created with old or weak hashes have also been removed, with the aim of providing the best possible security. This directly affects the OpenVPN server and client, since some encryption such as ARIA, Blowfish, DES, IDEA and many others that are not secure have now been removed, in addition, hashing algorithms such as MD4, SM3 or Whirlpool have also been removed to have always the best available.
The software has now been incorporated Kea DHCP server, the basic functionality is present in this new version 23.09 but not everything is implemented correctly yet. To activate it, you will have to go to the “System / Advanced / Networking” section and enable the option in “Server backend”. An important aspect is that if you have static DHCP enabled with different hosts, it will be completely ignored.
It has been improved SCTP support in pfSense for firewall, NAT and logging rules. Now you can configure the rules to update on SCTP packets, previously it was only possible to filter by source and destination IP address. Other changes that have been made in this new version are that PHP has been updated to version 8.2.11, the FreeBSD 14 base operating system It has been updated to the latest version, and different detected bugs have also been solved.
Problems updating
Right now there are problems if you try to update the pfSense Plus operating system, on some occasions, in the main menu it appears that there is a new version 23.09 available, as you can see here:
However, if we go back to the operating system it will tell us that we have the latest version:
When we get into the «System/Update»No information will appear, it seems that the Netgate servers are quite collapsed, on Reddit people are beginning to echo this problem.
Right now we have the pfSense Plus Home&Lab version with the free license that they provided, we do not know if when the problem with the servers is solved, it will allow us to update the operating system or not.
