Over 550 issues are resolved, including bug fixes, new features and other significant changes.
Changes and updates to pfSense CE include:
- The basic operating system has been updated to FreeBSD 12.2-STABLE
- OpenSSL updated to 1.1.1
- Performance improvements
-
Implementing the WireGuard Kernel , as mentioned in a previous post on the WireGuard blog
- WireGuard is a new VPN Layer 3 protocol designed for speed and simplicity
- The pfSense documentation site includes information on how to configure WireGuard, as well as examples of configuration recipes
-
IPsec enhancements
- The configuration for the strongSwan IPSec back-end has been changed from the deprecated ipsec.conf / stroke format to the new swanctl / VICI format
- Various tunnel configuration improvements, including better lifetime and rekey options, to avoid duplicate security associations
-
OpenVPN has been updated to 2.5.0
- OpenVPN 2.5.0 now requires negotiating data figures, but also tries to be friendly with older customers
- ChaCha20-Poly1305 is now supported, which is the same cipher used by WireGuard and can provide speed improvements on some platforms.
- OpenVPN now disables compression by default because it is insecure, but can still decompress traffic received from clients while not transmitting compressed packets.
-
Certified Manager Updates
- GUI now accepts renewal of certificate manager entries (certification authorities and certificates)
- Notifications are generated for expiring certificate entries
- Certificate keys and PKCS # 12 archives can now be exported with password protection
- Added support for elliptic curve certificates (ECDSA)
- Internal and imported CA inputs can be added to the trusted store at the system level
- Significant changes in the backend of the captive portal and HA behavior
Upgrading from an earlier version to this version is possible from the graphical interface:
- Navigate to System> Update
- Set the Branch to the next stable version
- Click Confirm to begin the upgrade process
- What is your reaction?
- powered by Verysign
-
Like -
Unmoved -
Amused -
Excited -
Angry -
Sad
TENDINTA | OpenMandriva passes the infrastructure to ARM servers
- Comment
- powered by Verysign