Version 4.11.0 Scheduled Release is out for pfSense® and ASUS® and VyOS® as of 25 January 2024.
It includes a few improvements and fixes as outlined in previous 4.10 rapid releases. The most significant improvements are:
- TCP 443 reject rule to “This firewall” no longer a required rule as the muscle will issue
RSETpacket to endpoints attempting to reach outgoing TCP443 connections at “stranger” destinations
- When dashboard DTTS feature is turned on or off, firewall rule changes are no longer required, provided the default tag of
adamone_passrule remains in place as the second last rule
- Improved dual-stack IPv4/IPv6 functionality including retries for failed hole creations
- Improved Reflex connections and monitoring
- Optimized ACME renewals
router.asus.comto always resolve to ASUS LAN interface
- Added a config switch of
packet-monitor-excluded-discovery-subnetswhich allows devices to be added to the dashboard that are IP-locked
locked-hw-ipfeature added to allow devices to be specified to ignore source MAC address
- traffic reporting now supports IPSec and OpenVPN tunnels via per-interface config switch specifications
Special thanks to all the testers that made this possible.
For installation of adam:ONE® see:
adamone-setup configure installation wizard, we recommend the default to automatically upgrade adam:ONE® software. When that default is selected, the attempt will be made based on contents in
/etc/crontab (pfSense®) or
cru l (on ASUS®).
However, in some circumstances, the internet will fail after automatic upgrade, specifically if these conditions are all met:
- your pfSense is older than what is listed at adamnet.io/pfsense
Disable the Dashboard auto-update checkis checked (System → Update → Update Settings)
- the cronjob has executed and upgraded to
The solution is to:
- upgrade pfSense®
- re-install adam:ONE®
Automatic upgrades have been completely disabled for any pfSense® versions prior to 23.01.
– Adam Networks team