OPNsense Reviews

It's open source.

There are a few weaknesses. For example, there is a lack of some features that I have in certain commercial products.

Some of the features include classified traffic and better blocking of newly registered DNS domains.

I have been working with OPNsense for about three years. I use it both in my company and at home.

OPNsense is very stable, rock-solid.

It is a scalable solution. We haven't encountered any performance issues.

The initial setup was easy. 

Overall, I would rate OPNsense an eight out of ten. There is still some room for improvement.

OPNsense it's a multi-platform operating system. So we can install it on PC platforms and do not need dedicated hardware.

The WireGuard VPN is the most valuable feature.

They should improve IPEs for security in the future.

We have been using this solution for about three years and are using the latest version. It is deployed on-premises.

It is a stable solution.

It is a scalable solution. We have 20 connections between sites, and about 100 users use the solution.

The technical support is very good.

Before using OPNsense, we used Cisco Fortinet. Other solutions are more expensive than OPNsense.

The initial setup was easy. There are no issues with performance.

I rate this solution a nine out of ten and recommend it to others.

Our primary use case of this solution is for VPN connections. We are currently supporting an SAP company, which has many customers, and most customers need a site-to-site active set connection for maintaining the SAP systems. We currently have round about 200 VPNs.

The feature I find most valuable is that the program helped me to realize all the requested functionality that was needed:

- IPsec VPN connections to remote gateways from various Vendors

- IPsec VPN connections with SNAT (our local network in use at remote site)

- IPsec connections with DNAT (remote network in use at our local site)

- Let's Encrypt certificate for WebGUI

- SSH Access by Putty to the device

Something that needs to improve is the translation. This comes into play when you have a remote and a local site and you have to work with two different transfer networks for each direction. What I'm missing is user portal for downloading the configurations for SSL VPN clients. It's still not implemented so it seems that this product is still in a developing process. 

Sometimes it's a little difficult to find some examples for special scenarios. But we have to keep trying and I believe it is possible. It's quite a suitable possibility to use it for VPN connections.

The monitoring is a little complicated and I have tried to use a plug-in, but it's quite complicated to configure. I had to write my own script.

With the VPN solutions, it is possible  to cover up all the scenarios which we have. For instance, if you have a customer and your local network is already in use, you have to work with source nat. It is possible and it works. Another issue that customers sometimes have Networks, which are already in use on out local site. It means you have to work with a destination nat but it is possible to create. 

I would, therefore, like to see the monitoring of the firewall being easier to configure, or to have more templates for this so that you can download the configurations for each scenario and get more detailed descriptions like how all the available plug-ins are performing.

I am currently running it on Hyper-V and so far I have had no problems. It is currently stable enough.

We have 250 people in our company using this program who are able to run the SAP systems with side-to-side connections between the company and the customers. We have six people for deployment and maintenance. I am responsible for the networking. 

There is no technical team in the Netherlands, but so far I fixed my own issues by reading up on the internet.

We are using several VPN gateways. We are using our primary solutions in our company, making all the IT for the complete caller group. The caller group has around about 1,600 people in 10 companies. They are part of this group. We have one, main office and several branch offices.

We are using Juniper SSG Firewalls for Site2Site IPsec connections to customers and this Equipment is working really good. Unfortunately this devices will be running out og supprot soon, so we have to look for some alternatives.

The central equipment we use is Sophos UTM/SG and Sophos XG configured as high availability. The branch offices are connected by Sophos RED and we mainly use Sophos RED 50 with the AP 55 access points configured as WPA2 Enterprise. For central management, everything is managed in the main office. We are using SMTP proxy with anti-span and anti-virus on SG solutions. This is the only one that doesn't work because we have a problem in that our exchange users are too many, and there are too many accounts - this fact caused the Appache runnig out of ressources.

An example would be if you have one workstation with two smartphones, and each person has maybe three or four sessions opened on the exchange. If you have 1,400 accounts, you can reach 8,000 sessions. If the Appache message scoreboard is full is comming up, no further users can connect. We have contacted Sophos support to solve this but they were not able to do this - the only effect was a correction of the sizing guide from Sophos. 

The setup was straightforward and the only mistake you can make is not to log in at the installer during the setup. I made this mistake once and configured a lot of features. After doing this I could not save the configurations on a disc. Generally, it was quite easy to install and to configure. 

The initial deployment took about two hours but figuring out how it works in detail and to run a roundabout took two or three days. 

There are no licensing costs for OPNsense.

We had to evaluate other solutions because our primary solution was Juniper SRX, but we were not happy with the features. So we had no other choice and we were forced to look for something else. We use the Sophos XG firewall because we can configure it directly from Azure. 

We found the OPNsense solution interesting because there are no costs. In Azure, you only pay for the virtual machine. 

My advice would be to compare all the solutions because they all offer something different. Find out what's available and get a feeling for the product and look at the configurations on the firewall. 

In the next version, I would like a friendlier user interface where the users can look at and download the configurations for the OPNsense clients.

My rating for this solution is a seven out of ten.

I'm using OPNsense as an open VPN and a firewall to control the traffic.

OPNsense improved my organization in terms of controlling the bandwidth. Limiting the bandwidth is the primary purpose of the solution in the organization.

What I like best about OPNsense is that, as a firewall, it's pretty good. I'm quite impressed with it.

I had an excellent experience with OPNsense, which helped me achieve the targets I wanted.

An area for improvement in OPNsense is the hardware, which needs to be updated more frequently.

An additional feature I want to see in OPNsense is a transparent proxy.

DNS blocking is another good feature I want to be added to the solution, as that helps make processes faster.

pfSense has a peer-blocking feature that I also want to see in OPNsense.

I've been using OPNsense for more than one year.

OPNsense is a stable solution. Stability-wise, it's seven out of ten.

OPNsense is a scalable solution, and I find it very good, but it still depends on your requirement and what you want to achieve from OPNsense.

I didn't use OPNsense technical support because I resolved any issues myself.

I used pfSense before using OPNsense, and OPNsense covered most of my environment's needs. My organization uses only one firewall, and that's OPNsense.

Setting up OPNsense was easy for me. Even if you don't have experience, there is so much data available that you can follow so that the setup can be done easily.

The initial setup for OPNsense is an eight out of ten, especially if you know what you want to do and achieve from the solution. You also must try blocking methods based on what and how you want to block.

It took me two weeks to implement OPNsense completely. I set up the network and made a lab before using OPNsense in a production environment.

We implemented OPNsense in-house.

I'm using the free version of OPNsense. I didn't check the pricing for the solution because I still need to test it before getting the approval to purchase OPNsense, and it isn't easy to get approval from the higher-ups.

I'm using two products, OPNsense and pfSense.

I upgraded to the latest version of OPNsense.

My organization is planning to move OPNsense to the cloud, in particular, hybrid cloud, but right now, it's deployed on-premises. Cloud deployment will be much more efficient than the current on-premises deployment, but I still need to test it before getting approval from the higher-ups.

Within my organization, fifty people use OPNsense because one department is trying it out. Still, when the solution is fully deployed, there could be from five thousand to six thousand users of OPNsense.

Ten to twelve people help maintain the solution yearly for the whole campus.

I advise anyone who wants to implement OPNsense to look into the suppliers and pick the right one because having the right supplier helps you achieve what you want from the solution.

My rating for OPNsense is eight out of ten.

I use OPNsense for network security.

What I like the most about OPNsense is that it offers an easy-to-use dashboard for device management and control. It also provides good security.

In terms of improvement, the performance could be enhanced.

I have been using OPNsense for a year.

Overall, I would rate OPNsense as a ten out of ten. I would recommend it to others.

We upgrade our clients when they are ready for the newer versions of OPNsense.

We are one of the local cloud providers in Indonesia. We implement OPNsense for the VPN and IPSec. We also collaborate with Zerotier to provide SD-WAN.  

Our customers have solutions that integrate between on-premises and our cloud.

We provide this solution for several clients, in multi-location offices. We have several retail customers in the city and we provide OPNsense with plug-in remote access. 

We also use OPNsense for remote access, and IPSec gives them access to a cloud environment as well as on-premises.

OPNsense is easy to scale when running on the hardware.

The interface needs to be simplified. It is not user-friendly.

The bandwidth management is easy to use, but very hard to implement. The multi-provider internet is protected by OPNsence but the features are limited, and not stable.

The high availability feature is not feasible when the hardware fails.

I have been working with OPNsense since 2008.

Internally we are using the latest version. 

The stability of OPNsense needs improvement.

OPNsense is commonly used in large enterprise companies.

We have not yet contacted technical support. All of the technical issues are resolved within our company.

We are also using pfSense.

The initial setup is straightforward. It's an easy process.

It takes one hour to deploy.

We provide maintenance for our clients at a cost, however, 90% of our clients are familiar with the product and able to maintain the solution themselves.

We are implementors, and we provide this solution for our clients.

As an appliance, it's in the medium price range.

OPNsense is suitable for Small to Medium-sized companies.

I would recommend this solution to others who are interested in using it.

I would rate OPNsense an eight out of ten.

We just use the solution normally for its basic firewall functionality. OPNsense with WireGuard and CrowdSec bouncers handles all our requirements. 

This is a free and secure solution that is easy to use.

The normal security options are great. 

It's light and easy to manage.

The solution is very stable.

The initial implementation process is simple. 

The solution offers a free version.

While they do have paid options that actually give better features, for most of the clients, if they tend to take a paid option will instead opt for Fortinet.

They should make it so that it's easier to reverse proxy integration.

I have been using this solution for two years.

The product is quite stable and the performance is good. There are no bugs or glitches. It doesn't crash or freeze. 

We can easily scale the solution if we need to. It's not difficult. 

I've only used the free version of the solution. I just have to dig into the forums to find everything I need. There isn't a central place you can reach out to. I've found all the answers I've needed so far via the forums. There's a lot of information there. 

The initial setup is straightforward. It's not overly complex or difficult. 

We're a customer and an end-user.

We are using the telemetry-free version of the solution. 

Overall, the solution is quite affordable. 

I'm aware of Fortinet as well. 

It depends on price versus performance. If you're willing to pay, Fortinet's great. If you don't have the budget, OPNsense is more affordable.

We do supply the solution and we do use it for ourselves.

I'd advise users to get the Geo functionality. It's a nice add-on, which we make use of a lot. It allows which countries are allowed to access your instances, which is very helpful. 

I'd rate the solution at a nine out of ten. 

We use the solution for an SD-WAN firewall.

We have found pretty much all the features of the solution to be valuable.

The solution could be more secure. 

I have been using OPNsense for upwards of ten years. 

The solution is very stable.

The solution is scalable. 

As we have in excess of 2,000 solutions deployed in the field, there is no need for us to increase its usage. It is already sufficiently increased. 

In the past we used pfSense. We have also used Sophos and Palo Alto Firewall but have replaced many of these solutions.

Our initial setup was more on the straightforward side.

It did not take a long time, although this can hinge on what needs to be accomplished. 

We handled the deployment on our own. 

The technical team required for deployment and maintenance purposes is small, probably around five people for every 100 devices.

It consist of a combination of managers, administrators and engineers.

The choice of a license on a yearly or monthly basis is optional. 

The solution is not expensive. 

There are several hundred users in our organization who are utilizing the solution. 

I would absolutely recommend the solution to others who are contemplating its implementation.

I rate OPNsense as a ten out of ten.