We introduced a kernel-mode version of WireGuard to our most recent pfSense® software releases - pfSense® Plus Version 21.02 (which has since been superseded by Version 21.02-p1), and pfSense Community Edition (CE) software version 2.5.0. As noted in a follow-on blog, questions and concerns with the implementation have surfaced that require attention.
Given that kernel-mode WireGuard has been removed from FreeBSD, and out of an abundance of caution, we are removing WireGuard from pfSense software pending a thorough review and audit.
We will follow the FreeBSD developments on kernel-mode WireGuard. Should WireGuard again be accepted into FreeBSD, we will re-evaluate it for inclusion in a future version of pfSense software.