We just raised a $30M Series A: Read our story
2019-06-27T08:13:00Z

What needs improvement with OPNsense?

35

Please share with the community what you think needs improvement with OPNsense.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
Guest
1313 Answers

author avatar
Top 10Real User

The logging could improve in OPNsense.

2021-09-09T15:23:33Z
author avatar
Top 20Real User

The interface needs to be simplified. It is not user-friendly. The bandwidth management is easy to use, but very hard to implement. The multi-provider internet is protected by OPNsence but the features are limited, and not stable. The high availability feature is not feasible when the hardware fails.

2021-07-22T08:59:55Z
author avatar
Top 20Real User

The solution could be more secure.

2021-06-03T09:24:00Z
author avatar
Top 5Real User

The vendor should offer compatibility-approved boxes, or at least stock one with OPNsense already installed. This would make it a one-stop-shop, and people would not have to worry about sourcing the hardware separately. I would like to see better SD-WAN performance. I think that could be a very good bonus because SD-WAN is all the rage these days. That is probably the big thing that people need to improve upon, in terms of combining two, three, or four links. The interface should continue to improve, which would make things a bit easier. For me, it was already easy, but nonetheless, it is quicker to install a FortiGate firewall.

2021-01-14T15:44:19Z
author avatar
Top 5Real User

The only thing that I would like to see improved is the Insight or the NetFlow analysis part. It would be good to have the possibility to dig down on the Insight platform. Right now, we can easily do only a few analyses. If this page becomes more powerful, it surely will be a well-adopted platform.

2020-10-13T07:21:30Z
author avatar
Top 10Real User

I have some issues with OPNsense. I have created a virtual machine that I've lost connection at times and I am not able to connect to the gateway or ping the internet. When I started with OPNsense, it worked right away. It may be an issue with the virtual machine itself. I am currently setting up the protection on all of the virtual machines so they will connect to OPNsense and the internet, or anywhere they need to access. I have tried to download some malicious files or a virus and it should dump the files and prevent the download, but I don't seem to get any notification or warnings. It may be an issue with the configuration but I am not sure. I would like to see improvements made to connectivity and alerting. I wanted to deploy this solution in our organization and some of the workstations from remote sites but it's not reliable enough to do that yet. In the next release, I would like to see real traffic monitoring and more visibility. Also, for the antivirus, I would like to see the files protected by ClamAV. I would like to see intelligence in OPNsense and have the option to apply it or not. They need a threat intelligence tool similar to the one they would find with Cisco. It will show you the file hashes, all of the IFCs, the niches, the address information, and more. With all of this information, you can be proactive and block the malicious file hashes, all of the malicious IP addresses, and the public IP addresses. It should help you be proactive. It would be helpful to have OPNsense be one of the plugins, and they should include traffic capturing. With Palo Alto, you can monitor and specify which interface you want to monitor, the source IP, or you can specify the network and see the traffic that is coming from the VLAN, the destination, and any files being transferred over the network. If you apply security profiles you can see the signatures.

2020-06-25T10:49:15Z
author avatar
Top 20Reseller

There should be more technical documentation.

2020-04-30T10:58:00Z
author avatar
Top 10Real User

The solution can't compete with next-generation firewalls. The solution would not be suitable for anything large-scale.

2020-03-09T08:07:50Z
author avatar
Top 10Real User

The feature that I would like to see in the next release, I think, would be to improve the VPN (Virtual Private Network) selection. Specifically, I would like to improve the section where you can set the VPN IP address to high availability.

2020-03-04T08:49:29Z
author avatar
Real User

So far, everything is okay. We've just started using the solution. As long as they continue to ensure that we are protected, it will be perfect.

2019-09-27T04:38:00Z
author avatar
Reseller

Something that needs to improve is the translation. This comes into play when you have a remote and a local site and you have to work with two different transfer networks for each direction. What I'm missing is user portal for downloading the configurations for SSL VPN clients. It's still not implemented so it seems that this product is still in a developing process. Sometimes it's a little difficult to find some examples for special scenarios. But we have to keep trying and I believe it is possible. It's quite a suitable possibility to use it for VPN connections. The monitoring is a little complicated and I have tried to use a plug-in, but it's quite complicated to configure. I had to write my own script. With the VPN solutions, it is possible to cover up all the scenarios which we have. For instance, if you have a customer and your local network is already in use, you have to work with source nat. It is possible and it works. Another issue that customers sometimes have Networks, which are already in use on out local site. It means you have to work with a destination nat but it is possible to create. I would, therefore, like to see the monitoring of the firewall being easier to configure, or to have more templates for this so that you can download the configurations for each scenario and get more detailed descriptions like how all the available plug-ins are performing.

2019-08-26T06:42:00Z
author avatar
Real User

On the customer-side, because I'm a small business, I need a cheaper or free solution option. To scale, you need a different package application. It's not compatible with pfSense. Maybe there should be a different package or a different setup, but it's a problem. I need a little package because I'm a small business. It would be nice if the solution offered virtual servers in the future. Compatible mutual servers with firewall specifications.

2019-07-04T07:00:00Z
author avatar
Top 20Real User

In our experience, OPNsense showed me some problems when using it in different environments. The problem is integration with a virtual server. In general, OPNsense is sweet, pretty, and neat. It's still in development. I expect the next release in the fall. Maybe they are going to polish it more. I would love a buy a new VPN. We experience problems with the old one. In high variables, it shuts off. We want to switch to a new one.

2019-06-27T08:13:00Z
Learn what your peers think about OPNsense. Get advice and tips from experienced pros sharing their opinions. Updated: October 2021.
542,029 professionals have used our research since 2012.