Archive for July, 2009

Next generation of pfSense embedded now available

Tuesday, July 14th, 2009

Embedded has historically been a second class citizen, with most development focus and most users ( > 80% of downloads) using full installs. Taking advantage of what a full install offers was in fact the original reason for this project, though embedded was later added. This has now changed considerably, with the introduction of the next generation of pfSense embedded. It’s been on the snapshot server for quite some time and been a work in progress for months, but now we want to alert people of its presence for wider testing. It is based on nanobsd, a standardized build methodology for FreeBSD embedded applications.

The changes it brings:

  • Reliable upgrades – Finally, no longer is there a need to re-flash your CF and restore your configuration.
  • Multiple firmware support – there are two partitions, each containing their own separate pfSense install. To test upgrades, you can upgrade the second partition, and roll back to the first if necessary.
  • Package support – packages that are suitable for an embedded platform are supported.
  • Multiple hardware architecture support – with some additional changes that are currently in the works, this will allow us to support non-x86 architectures in the future, where FreeBSD supports those architectures and specific platforms. Expect to see MIPS and ARM first, with others possible. Historically, these platforms had such limited CPU, RAM and flash that we would have been forced to spend an inordinate amount of time trimming things down, removing numerous features only to end up with a much less attractive offering. That development time is better spent elsewhere. With new MIPS and ARM platforms offering considerably more flash and RAM, this is no longer the case. Though these hardware limits are still applicable to your typical consumer grade Linksys and similar routers, they will never be supported. Specific information on supported hardware will come in the future.

There are 512 MB, and 1, 2 and 4 GB images available. The 4 GB images work fine with larger size CF cards. For now there won’t be any images larger than 4 GB, though expect that to change for 2.0.

1.2.3 embedded will be released based on nanobsd, and the old means of doing embedded will be discontinued. This means the minimum CF size for 1.2.3 embedded will be 512 MB. This is necessary because of the dual firmware support, it has to be twice as big, and we want to leave plenty of space for future upgrades.

What about my smaller than 512 MB CF card?
There isn’t an easy way to accommodate CF cards less than 512 MB. A 512 MB card can be found for under $20 USD including shipping, you’ll need to upgrade.

Download
You’ll find images in the nanobsd folders on the snapshot server.

Support
For problem reporting, please use the 1.2.3 board on the forum, or the mailing list.

pfSense at EuroBSDCon 2009

Monday, July 13th, 2009

I will be presenting on pfSense at EuroBSDCon 2009, September 18-20 at University of Cambridge, England. A summary schedule, subject to change, is available and registration is open.

This will be my first EuroBSDCon, though I’m sure it’s as well done, informative, and fun as BSDCan and DCBSDCon, of which I’ve attended 6 combined.

My presentation will be an updated version of the presentation given at BSDCan, covering all the new functionality in 2.0, and our plans for beyond that.

I look forward to meeting some of you there!

small Update:

Holger and Seth will be there too.

BSD Magazine lives on

Wednesday, July 8th, 2009

Karolina, editor of BSD Magazine, has left a comment here on our blog on my previous post that BSD Magazine will continue to be published!  This is great news, but of course it still needs the support of the BSD community.

So if you’re one of those who commented previously that you wished you had heard of it previously, you can still subscribe now.

Cisco killing off IPsec VPN Client, forcing even more licensing fees

Thursday, July 2nd, 2009

Doesn’t come as a surprise to me given that the client is still flaky on Vista and Windows 7 to this day, there is still no version compatible with 64 bit Windows (and never will be), but Cisco has ceased development of their IPsec VPN client. They’re forcing users to their SSL VPN product, which comes along with per-user licensing fees – something that did not apply to the IPsec VPN client. Cisco customers are paying an arm and a leg for the ASA and/or IOS hardware, and ought to have continued to be able to use any VPN without additional licensing fees on top of that.

But thanks Cisco, from a Cisco certified professional now making a good chunk of his living off replacing Cisco hardware with pfSense. I’m sure you’ve just driven a lot of folks to look at lower cost options, especially open source.

Can’t say I really care for the Cisco VPN Client anyway, it has blue screened Windows on me more in the past couple years than everything else combined (though the Mac version has never caused me any trouble).

Shrew Soft IPsec client is a nice, free alternative that’s proven to be more stable in my experience.

Help save BSD Magazine

Wednesday, July 1st, 2009

I have been a subscriber since the inaugural issue, and hope they can still make a go of it. Passing along an email from the editor of BSD Magazine.

I am sure most of you already heard that BSD magazine is going to be closed,
due to much lower benefits than expected and the economy in general…

There is one last chance thought – if I somehow manage to increase the sales
figures in stores the magazine will be published. I was given only one week
(till Monday). Not much, but better than nothing. I think it is worth trying!

I can’t do it alone -so I am asking you for your help and support. I know most
of you are already helping and I am really thankful for that.

If you could help me to promote the magazine on all forums, portals, blogs or
anywhere else I would be really grateful.

I have attached the cover of the most current issue of BSD magazine if you
would like to use it.

Please spread the word about BSD magazine!