Please share with the community what you think needs improvement with OPNsense.
What are its weaknesses? What would you like to see changed in a future version?
There should be more technical documentation.
The solution can't compete with next-generation firewalls. The solution would not be suitable for anything large-scale.
The feature that I would like to see in the next release, I think, would be to improve the VPN (Virtual Private Network) selection. Specifically, I would like to improve the section where you can set the VPN IP address to high availability.
So far, everything is okay. We've just started using the solution. As long as they continue to ensure that we are protected, it will be perfect.
Something that needs to improve is the translation. This comes into play when you have a remote and a local site and you have to work with two different transfer networks for each direction. What I'm missing is user portal for downloading the configurations for SSL VPN clients. It's still not implemented so it seems that this product is still in a developing process. Sometimes it's a little difficult to find some examples for special scenarios. But we have to keep trying and I believe it is possible. It's quite a suitable possibility to use it for VPN connections. The monitoring is a little complicated and I have tried to use a plug-in, but it's quite complicated to configure. I had to write my own script. With the VPN solutions, it is possible to cover up all the scenarios which we have. For instance, if you have a customer and your local network is already in use, you have to work with source nat. It is possible and it works. Another issue that customers sometimes have Networks, which are already in use on out local site. It means you have to work with a destination nat but it is possible to create. I would, therefore, like to see the monitoring of the firewall being easier to configure, or to have more templates for this so that you can download the configurations for each scenario and get more detailed descriptions like how all the available plug-ins are performing.
On the customer-side, because I'm a small business, I need a cheaper or free solution option. To scale, you need a different package application. It's not compatible with pfSense. Maybe there should be a different package or a different setup, but it's a problem. I need a little package because I'm a small business. It would be nice if the solution offered virtual servers in the future. Compatible mutual servers with firewall specifications.
In our experience, OPNsense showed me some problems when using it in different environments. The problem is integration with a virtual server. In general, OPNsense is sweet, pretty, and neat. It's still in development. I expect the next release in the fall. Maybe they are going to polish it more. I would love a buy a new VPN. We experience problems with the old one. In high variables, it shuts off. We want to switch to a new one.