|
|
|
|
|
|
by StillBored
73 days ago
|
|
|
I recently dumped opnsense because they took a stand against a few things I was trying to do (ex, webUI on wan port IIRC) which make sense at a high level. But I _HATE_ devices that think they know better than me. I was trying to configure it on a _LAN_ such that the identified WAN side was actually my local lan, and I spent an hour hacking it to work and was like "you know if they can't get this shit right i'm out". There are a lot of places in the technology world where someone who thinks they understand my use case makes a decision based on some narrow world view because they can't understand that not everyone trying to use their product is some idiot home user using it for their home network. |
|
|
Some recent changes are driving me up the wall though - their new UIs for configuring VPNs (IPSEC and OpenVPN) are far less intuitive than what they've termed the 'legacy' UI and I note that recent versions have introduced a firewall rule migration feature that I'm not touching with a 9-ft barge pole.
These changes are making me wary about using opnSense in future, which is a pity because other than pfSense there isn't really a fully-featured, open-source firewall OS that comes close to matching it (and pfSense has its own issues). Linux is great and all - and I do use it for routing/firewall/VPN in places on our network - but there doesn't seem to be a dedicated network appliance distro that bundles in a comprehensive Web UI. Apart from OpenWRT and its ilk, but I'm not convinced that that's suitable for enterprise deployment.