Dearest user,This is the EOL announcement for the 16.1 series of OPNsense. As such it will not receive any more updates, but the upgrade to the new 16.7 series is seamless, except for the following points:•The FreeBSD version changes from 10.2 to 10.3, mainly for driver updates and general sanity. Due to kernel interface changes plugins or custom-built kernel modules may stop working. Reinstalling the offending packages from the firmware pages or recompiling custom additions against the stable/16.7 source branch will resolve this problem.•Legacy VPN Servers for L2TP, PPPoE, and PPTP moved to plugins and need to be installed in order to still make use of them. Your configurations will persist, but may have to be adapted to adhere to the requirements of the MPD5 server daemon. The most important change is that your listening address needs to be a known address, preferably using a Virtual IP from the firewall settings.•The PPTP server redirection mode has been removed. It can be emulated by the two following NAT port forward rules: From incoming WAN interface, redirect all traffic to PPTP server IP target for protocol GRE. From incoming WAN interface redirect all traffic to PPTP server IP target for protocol TCP, port 1723. Note that due to the design of GRE, only one server can be reached by incoming clients at any given time.•The Maximum MSS option for VPN Networks moved to Firewall: Settings: Normalization, which can now be specified per interface and network.•The Disable firewall scrub option was removed. All scrubbing (including MSS clamping) can now be disabled using the Disable interface scrub option under Firewall: Settings: Normalization •The NAT+proxy reflection option was removed and will automatically switch to the more flexible firewall-based NAT.•Due to lack of support in FreeBSD itself, the floating rules actions can no longer use match. The custom kernel patch that previously enabled selection of this behaviour has been removed.•The Disable Negate rule on policy routing rules option is no longer available as automatic VPN skip rules for policy-based routing have been removed. If you want to skip your VPN, please add an explicit rule.•The IPv6 over IPv4 tunneling option was removed. You can use a regular NAT rule to achieve the same result.Please heed these points carefully before upgrading. Backup your configs, preview the new version via the live CD or in a virtual machine. Create snapshots. If all else fails, report back in the forums for assistance. You don't have to do this on your own. :)Crafty Coyote, you've served us well.
Same here, please tell which button to press ;-)
eeh, to me that's self-explanatory:"This is the EOL announcement for the 16.1 series of OPNsense."The 16.7 release date is currently 28.07.2016 iirc. So no need to panic :-D
As far as I can remember this is because otherwise you would upgrade to the release candidate version instead of stable.
pkg install -y opnsense-deve
16.7 will be out on the 28th of July. The general notion being set by "16" for 2016 and "7" for July. The release date is also on the roadmap page:https://opnsense.org/about/road-map/The upgrade will be as usual, except for making sure you read the migration points and make a backup of your system and/or configuration just in case.Since we had a release candidate series for the first time and 16.7-RC and 16.1 "merge" into 16.7 meant that once we've released 16.1.20 we had to temporarily disable the repositories so that 16.1.20 would not end up upgrading to 16.7-RC2 until 16.7 was out.We'll do this slightly different for 17.1. We've learned something here. Though all is fine. Just wait till Thursday. We know this is exciting but bear with us. Cheers,Franco
Hey Julien,Any 16.1 can directly update to 16.1.20, which is a "critical section" in programming terms. Once there, people will presented with the EOL message and can choose to proceed to 16.7.This is done solely to avoid 16.1 to upgrade directly into 16.7 without any warning.Cheers,Franco
