OPNsense 19.7, codenamed “Jazzy Jaguar”, has been released and brings numerous improvements to the popular open-source firewall distribution.
Release Highlights
New Firmware Upgrade System
The firmware upgrade system has been completely redesigned. Updates can now be applied more reliably and faster. The new system is based on improved package management and ensures smooth updates.
Multi-WAN Improvements
Multi-WAN functionality has been significantly improved:
- Gateway groups with more flexible weighting
- Improved failover detection
- Optimized load balancing algorithms
- Faster switchover times during connection failures
Firewall Improvements
- Improved alias management with new types
- Optimized NAT rule management
- Extended logging options
- Improved ruleset for IPv6
VPN Updates
- WireGuard support available as a plugin
- Updated OpenVPN with security fixes
- Improved IPsec configuration
- Extended VPN status overview
Web Interface
The user interface has been further modernized:
- Faster loading times
- Improved dashboard with customizable widgets
- Redesigned navigation
- Responsive design improvements
Security Updates
OPNsense 19.7 includes numerous security updates:
- Updated FreeBSD kernel with security patches
- OpenSSL updates
- Suricata IDS/IPS update
- Various CVE fixes
Migration from 19.1
The upgrade from OPNsense 19.1 to 19.7 can be performed directly via the web interface. It is recommended to create a backup of the configuration beforehand.
Conclusion
OPNsense 19.7 is a solid release with many practically relevant improvements. The Multi-WAN optimizations and WireGuard support in particular make the update attractive. As an experienced OPNsense integrator, we are happy to advise you on planning and implementing your firewall infrastructure.
More on these topics:
More articles
Linux Server Hardening: 15-Minute Checklist
Ten concrete hardening steps for a freshly installed Debian, Ubuntu or Rocky Linux server — SSH, updates, firewall, auditing, sudo, limits, services, NTP, logging, kernel sysctl. With commands, doable in a quarter of an hour.
Backup Encryption: Key Management Done Right
Encrypted backups are useless if key management is sloppy. Symmetric vs. asymmetric, vault options, rotation, recovery scenarios and the tool-level practice for PBS, Restic and TrueNAS.
OPNsense 26.7 Release: What's Coming
OPNsense 26.7 is due: what to expect from the traditional July major release — HardenedBSD/FreeBSD update, plugin refresh, GUI improvements. An honest look at the public roadmap.