Hiya, just getting into networking and recently completed my Tp-link Omada stack, which I’m very pleased with. Have heard great thing about all three mentioned services above, but struggle to understand which to go for. Do they have different use cases? Is one easier than the other? Which one is recommended to begin with?
You must log in or register to comment.
pfsense and opnsense are very similar. The pfsense devs has acted like jackasses towards the opnsense gang. They are both great for a router/firewall/vpn device. I would use external access points with them.
I think there are more addons to pfsense than opnsense.OpenWrt is great when it comes to WiFi, but I find it much less intuitive to use for router/firewall parts. Could be that I am used to the way pfsense and opnsense do things.
Neither do switching from what I know, so pair the router with a switch of your choice.
Also worth noting that pfsense was ready and intending to knowingly ship a broken and insecure wireguard integration
The pfsense devs has acted like jackasses towards the opnsense gang.
And toward their users. Ask the wrong question on the pfSense subreddit or forum and expect to get lit up. The Opnsense community is much more helpful and inviting in my experience.
Yeah, that was the reason I switched from pfsense to opnsense about 4 years ago
Lots of comments already mentioning the differences. I have tried these, including the mentioned ipfire, and decided on the end to use opnsense plus openwrt on two different devices.
I chose opnsense at the time many years ago because it supported wireguard out of the box, where as pfsense required some weird install process I didn’t want to deal with. Plus I liked the UI to opnsense more.
My moden has been literally replaced by my firewall so I have the ONT connected to it and then use it to do all the heavy lifting for… Well, firewall stuff. It connects to a VPN so my entire network routes through the VPN. Then my openwrt device is connected to that. It also handles firewall stuff, but more at an internal level (keeping network devices only permitted to communicate with devices I say are okay, blocking internet access, etc) and also hosts my nginx setup to route to various servers.
While I could do everything on one machine with opnsense, I’ve got a particular setup that allows me to have multiple devices at the firewall level, truly isolated from the rest of my internal network (for a couple of internet open port services). And it gives me peace of mind that if someone found a zero day in opnsense, I’m not totally screwed unless they also got one in openwrt.
To answer “which is better to begin with”, I personally find opnsense way more flexible and robust than the other 2 options. Has a lot more capabilities and upgrading is super easy without requiring jumping through weird hoops and such like openwrt does.
This thread has reminded me that I have Ruckus APs that mesh. But support had been dropped because they are “old”. Presumably there is no open source solution that I can flsh these with, still allowing me the meshing?
OpenWrt with 802.11r and 802.11s configured will work as a mesh network with roaming functionality.
https://openwrt.org/docs/guide-user/network/wifi/mesh/80211s
https://openwrt.org/docs/guide-user/network/wifi/roamingNot many Ruckus devices that are supported though:
Brand - Model - Supported Version
Ruckus - ZF7025 - 23.05.2
Ruckus - ZF7321 - 23.05.2
Ruckus - ZF7341 - 23.05.2
Ruckus - ZF7343 - 23.05.2
Ruckus - ZF7351 - 23.05.2
Ruckus - ZF7352 - 23.05.2
Ruckus - ZF7363 - 23.05.2
Ruckus - ZF7372 - 23.05.2https://openwrt.org/toh/start?toh.filter.supportedcurrentrel=22.03|23.05
Open vs closed solutions
I also like how OpenWRTs implementation of 802.11r doesn’t require any central controller
Edit: the closed solution I’m referring to it TP-link
What’s closed about OPNSense?
