OPNsense has released version 24.1. The release, codenamed “Savvy Shark”, brings numerous improvements to the open-source firewall platform.
Key New Features
Modernized Interface
OPNsense 24.1 brings a modernized MVC-based interface with improved user guidance. The interface has been redesigned in many areas and offers a more consistent user experience.
Improved Authentication
- Deferred Authentication for multi-factor authentication (MFA)
- Improved LDAP/RADIUS integration
- Extended TOTP support
Firewall and Networking
- Improved firewall alias management with new types
- Extended traffic shaping functionality
- IPv6 improvements
System Updates
- Update to FreeBSD 13.2-p9
- PHP 8.2 with security updates
- Updated Phalcon 5 framework
- Unbound DNS updated to version 1.19
VPN and Security
- Improved WireGuard support
- Updated IPsec configuration via swanctl
- OpenVPN improvements
- Updated Suricata IDS/IPS engine
API Improvements
- Extended REST API for automation
- Improved API key management
- New API endpoints for configuration management
Upgrade Notes
Existing OPNsense installations can be updated to version 24.1 via the built-in update system. It is recommended to create a complete backup of the configuration before updating.
Implementation Support
DATAZONE supports you with the implementation and operation of your OPNsense firewall. Contact us for individual consultation.
More on these topics:
More articles
Linux Server Hardening: 15-Minute Checklist
Ten concrete hardening steps for a freshly installed Debian, Ubuntu or Rocky Linux server — SSH, updates, firewall, auditing, sudo, limits, services, NTP, logging, kernel sysctl. With commands, doable in a quarter of an hour.
Backup Encryption: Key Management Done Right
Encrypted backups are useless if key management is sloppy. Symmetric vs. asymmetric, vault options, rotation, recovery scenarios and the tool-level practice for PBS, Restic and TrueNAS.
OPNsense 26.7 Release: What's Coming
OPNsense 26.7 is due: what to expect from the traditional July major release — HardenedBSD/FreeBSD update, plugin refresh, GUI improvements. An honest look at the public roadmap.