Jump to content
RESET Forums (homeservershow.com)

pfsense packages?


scottbakertemp
 Share

Recommended Posts

Another vote for Sophos. Drashna turned me on to it also. Transition from pfsense to it and haven't turned back. More turnkey, stable and definitely a more polished UI.

 

Is there a free version?  Where are on the website can you download it?

Link to comment
Share on other sites

I have somewhere between 40 and 50 IPs now so I guess I'm sticking with pfsense.

If you're pushing the edge of 50, then it may be a good idea to stick with pfsense. 

Though, if you're really interested it at least checking Sophos UTM out, it does have good VM support.

 

Okay now you guys have me thinking of switching to Sophos.   :unsure:  Sophos sounds like I can combine my pfsense and Untanlge onto just one box. 

It handles the firewall stuff and the web filtering stuff very "turn key". Even supports HTTPS inspection. Either passively (inspects the URL) or actively (decrypts, inspects, and re-encrypts). Fairly simple to setup, fairly simple to manage. Though, it's not a cake-walk. But simplier than pfsense in most cases.

Link to comment
Share on other sites

Drashna, what has your experience been with active HTTPS inspection in the latest version? I've disabled that feature since it was interfering with my Cisco Anyconnect VPN client connectivity. Would like to take advantage of it given higher power hardware in my Sophos box. Just curious what your experience has been.

Link to comment
Share on other sites

Drashna, how would you compare it to Untangle?

Depends on what you mean here, and what you need.

 

IIRC, it does most, if not all the same stuff. 

TBH, the best option is to try it yourself. Sophos is "VM ready", so it should work on ESX or HyperV without doing anything (I mean other than installing). So testing should be dead simple.

 

Drashna, what has your experience been with active HTTPS inspection in the latest version? I've disabled that feature since it was interfering with my Cisco Anyconnect VPN client connectivity. Would like to take advantage of it given higher power hardware in my Sophos box. Just curious what your experience has been.

 

It takes a "bit" to reign in everything with HTTPS inspection/web protection. 

Also, are you using the "inspect URL" or the "decrypt and scan" option. The inspect option is much simpler, and should be plenty for home use.  The decrypt is much more "invasive" and may case problems with programs, unless the proper exclusions have been set up.

 

I have .... a huge list of exclusions, not counting the default ones for it. Just to make sure everything works.

 

Also, on the profile options section, the last tab ("Misc" I think), you can completely exclude URLs and hosts. 

Link to comment
Share on other sites

In trying to explore the benefits of pfSense, I just spent a few frustrating hours with this software. Yes there is definitely potential, but if you need anything beyond the preinstalled packages, be prepared for an adventure.I tried to get essential packages like HAVP and Dansguardian to run, with only limited success. I had to do a lot of command line magic to get HAVP to work at all, but trying to start over in a second VM I cannot recreate how I got this to work in the first VM. Dansguardian blacklist update is a nightmare. Apparently one needs to replace the update script, but the latest version provided does not work either. 

 

Before you go down a frustrating path and possibly wreck this perfectly nice weekend, I would like to remind people of SMOOTHWALL EXPRESS, which is completely free and has lots of frustration free packages. I have used this for close to 10 years now and it works great. As frustrating as the past few hours have been, it is gratifying to see I made a good choice many years ago.

 

Out of curiosity I will give Sophos a shot next. Because of the 50 devices limit I am unlikely to run this in production though.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share


×
×
  • Create New...