OPNsense 25.1 Released, What’s New!

The highly anticipated release of OPNsense 25.1 has officially arrived! Nicknamed “Ultimate Unicorn,” this update marks a significant milestone for the open-source firewall platform, celebrating its decade-long journey of innovation, security, and reliable performance.

Packed with exciting features, new integrations, and refined performance, OPNsense 25.1 brings a range of enhancements for network administrators and security enthusiasts.

Key Highlights of OPNsense 25.1

1. New UI Design

The update introduces a revamped user interface with both light and dark themes, making navigation more intuitive and visually appealing while improving overall user experience.

2. Improved Security Zones Support

Enhanced documentation and refined functionality for security zones provide administrators with better clarity and flexibility in configuring secure network environments.

3. ZFS and Disk Management Enhancements

Full ZFS snapshot support enables advanced system recovery options, while the installer now warns users about low RAM situations for ZFS installations and provides a new power-off option.

4. FreeBSD 14.2 and PHP 8.3 Integration

The platform now runs on FreeBSD 14.2, taking advantage of its latest advancements. Additionally, PHP 8.3 ensures improved backend performance and compatibility.

5. Firewall Advancements

Several firewall features have been overhauled, including a new multi-select option for address configurations in rules and experimental inline shaper support for filter rules.

6. System Improvements

• Migration of user, group, and privilege management to MVC/API.
• New notification features, including alerts for low disk space and static banners.
• Support for custom sshd_config additions and optimization of system status collection.
• Introduction of a certificate widget for tracking expiration dates.

7. Expanded Plugins and Port Updates

Popular OPNsense plugins like os-acme-client, os-haproxy, and os-tailscale have received updates. Key ports like OpenVPN (2.6.13) and Lighttpd (1.4.77) have also been upgraded, ensuring robust compatibility.

8. Improved Intrusion Detection and DNS Management

Enhanced intrusion detection features now include better cleansed metadata, while DNS management benefits from new blocklist options and the introduction of Hagezi blocklists.

This release introduces behavioral changes, particularly in access management. Some deprecated features, like the manual LDAP importer and certain privileges, have been removed. Administrators should also note that Let’s Encrypt no longer supports the OCSP Must Staple extension after January 30, 2025.

OPNsense 25.1 is now available for download via global mirrors, and installation guides are provided on the official OPNsense website. With its focus on performance, security, and usability, “Ultimate Unicorn” promises to empower users like never before.

Collect Threat Intelligence with TI Lookup to improve your company’s security - Get 50 Free Request