pfSense® software version 2.4.4, now available for new installations and upgrades!
pfSense software version 2.4.4 brings security patches, numerous new features, support for new Netgate hardware models, and stability fixes for issues present in previous pfSense 2.4.x branch releases.
pfSense 2.4.4-RELEASE updates and installation images are available now!
2.4.4 includes a number of significant new features:
- OS Upgrade: Base Operating System upgraded to FreeBSD 11.2-RELEASE-p3. As a part of moving to FreeBSD 11.2, support is included for C3000-based hardware.
- PHP 7.2: PHP upgraded to version 7.2, which required numerous changes to syntax throughout the source code and packages.
- Routed IPsec (VTI): Routed IPsec is now possible using using FreeBSD
if_ipsec(4)Virtual Tunnel Interfaces (VTI).
- IPsec Speed Improvements: The new Asynchronous Cryptography option under the IPsec Advanced Settingstab can dramatically improve IPsec performance on multi-core hardware.
- Default Gateway Group: The default gateway may now be configured using a Gateway Group setup for failover, which replaces Default Gateway Switching.
- Limiter AQM/Queue Schedulers: Limiters now include support for several Active Queue Management (AQM) methods and Queue Scheduler configurations such as FQ_CODEL.
- Certificate Subject Requirements: The Certificate Manager and OpenVPN wizard now only require the Common Name to be set, and all other fields are optional.
- DNS over TLS: The DNS Resolver now includes support for DNS over TLS as both a client and a server, including for domain overrides.
- Captive Portal Authentication: Captive Portal authentication is now integrated with the User Manager system. Captive Portal instances may now use RADIUS, LDAP, or Local Authentication like other integrated services.
- Captive Portal HTML Design and Usability: The default Captive Portal page has been redesigned. Controls have also been added which allow the logo and background images and Terms of Service text to be customized without editing and uploading custom HTML code.
- Integrated Switch Improvements: Netgate devices with integrated switches such as the SG-3100 and XG-7100 can now configure per-port speed and duplex settings, discrete port configuration interfaces can now be tied to switch ports for up/down status, and LAGG support is also now available (Load Balance mode only)
- New Hardware: Support has been added for the new SG-5100.
- … and more!