Over 550 issues are resolved, including bug fixes, new features and other significant changes.

Changes and updates to pfSense CE include:

  • The basic operating system has been updated to FreeBSD 12.2-STABLE
  • OpenSSL updated to 1.1.1
  • Performance improvements
  • Implementing the WireGuard Kernel , as mentioned in a previous post on the WireGuard blog

    • WireGuard is a new VPN Layer 3 protocol designed for speed and simplicity
    • The pfSense documentation site includes information on how to configure WireGuard, as well as examples of configuration recipes
  • IPsec enhancements

    • The configuration for the strongSwan IPSec back-end has been changed from the deprecated ipsec.conf / stroke format to the new swanctl / VICI format
    • Various tunnel configuration improvements, including better lifetime and rekey options, to avoid duplicate security associations
  • OpenVPN has been updated to 2.5.0

    • OpenVPN 2.5.0 now requires negotiating data figures, but also tries to be friendly with older customers
    • ChaCha20-Poly1305 is now supported, which is the same cipher used by WireGuard and can provide speed improvements on some platforms.
    • OpenVPN now disables compression by default because it is insecure, but can still decompress traffic received from clients while not transmitting compressed packets.
  • Certified Manager Updates

    • GUI now accepts renewal of certificate manager entries (certification authorities and certificates)
    • Notifications are generated for expiring certificate entries
    • Certificate keys and PKCS # 12 archives can now be exported with password protection
    • Added support for elliptic curve certificates (ECDSA)
    • Internal and imported CA inputs can be added to the trusted store at the system level
  • Significant changes in the backend of the captive portal and HA behavior

Upgrading from an earlier version to this version is possible from the graphical interface:

  • Navigate to System> Update
  • Set the Branch to the next stable version
  • Click Confirm to begin the upgrade process

Cititi mai multe stiri/noutati despre pfSense aici ... Source: netgate.com

  • What is your reaction?
  • powered by Verysign
  • like gnulinux.ro
    Like
  • unmoved gnulinux.ro
    Unmoved
  • amused gnulinux.ro
    Amused
  • excited gnulinux.ro
    Excited
  • angry gnulinux.ro
    Angry
  • sad gnulinux.ro
    Sad
TENDINTA  |  OpenMandriva passes the infrastructure to ARM servers
FlorinM                   gnulinux.ro
FlorinM
Utilizator Linux - Solus OS, pasionat de calatorii.
2181 articole



  • Comment
  • powered by Verysign

Nici un comentariu inca. Fii primul!