pfSense, Announcements, Releases

Netgate Releases pfSense CE Software Version 2.7.0 and pfSense Plus Software Version 23.05.1

June 30, 2023 (AUSTIN, TX) Netgate® is happy to announce that pfSense® CE software version 2.7.0 and pfSense® Plus software version 23.05.1 are now available.

"This new release of pfSense CE software reflects Netgate's commitment to the pfSense project and the open source community, as well as our continuing focus on stability, quality, and an excellent user experience," said Jamie Thompson, Netgate CEO.

Some of the key changes in pfSense CE software version 2.7.0 include:

  • Captive portal and limiters moved from ipfw to pf: pf is the default packet filter in pfSense software. These changes leverage L2 features previously added to pf and upstreamed to FreeBSD, and improve performance and stability of the captive portal by eliminating the need for packets to traverse both pf and ipfw.

  • UPnP and multiple game systems: A fix has been added to address an issue with UPnP and multiple game systems. This resolves the problems some game systems experienced connecting to the internet when UPnP was enabled and multiple consoles are in use.

  • New gateway state killing options: These options give the user more flexibility in how the firewall decides to kill states automatically during failover events and also adds several new manual ways to selectively remove states.

  • Improved Firewall/NAT rule usability: The Firewall/NAT rule interface has been improved to make it easier to create and manage rules. This includes new buttons to toggle multiple rules and copy rules to other interfaces.

  • Upgraded OpenVPN: OpenVPN has been upgraded to version 2.6.4. This includes a number of security fixes and performance improvements.

  • Upgraded PHP: PHP has been upgraded to version 8.2.6. This includes a number of security fixes and performance improvements. This change may cause problems in packages that have not yet upgraded their use of PHP libraries.

  • Moved to track the 'main' branch of FreeBSD: pfSense CE has been moved to track the 'main' branch of FreeBSD. This means that pfSense CE will now benefit from security updates and bug fixes more quickly, without incurring additional technical debt to backport to older versions of FreeBSD.

  • Deprecated older IPsec transforms: This means that they will no longer be supported in this or future versions of pfSense software. Please check the release notes to determine if you need to migrate your IPsec infrastructure to a supported transform before updating.

  • Added support for ChaCha20-Poly1305 to IPsec: ChaCha20-Poly1305 is also used in WireGuard and OpenVPN w/DCO, and provides an additional secure AEAD transform for all three VPN systems.

  • Addressed issues with unbound crashes: A number of issues with unbound crashes have been addressed. These include a fix for an issue that could cause unbound to crash when receiving certain DNS queries.

  • Added new packet capture GUI: A new packet capture GUI has been added, enhancing the ability to capture and analyze network traffic.

  • Added UDP broadcast relay package: A new UDP broadcast relay package has been added. This package can be used to relay UDP broadcast packets between networks.

The changes in pfSense Plus software Version 23.05.1 include a number of bug fixes and stability enhancements.

For cloud platforms where pfSense Plus is available (AWS and Azure), pfSense Plus software version 23.05.1-RELEASE will be available as soon as the publishing process for each platform completes.

For more information on these releases see our associated blog, and release notes for pfSense CE software 2.7.0 and pfSense Plus software 23.05.1. To learn more about pfSense Plus and pfSense CE software go to If you have questions or need additional information contact Netgate at +1 (512) 646-4100 or

About Netgate

Netgate is dedicated to developing and providing secure networking solutions to businesses, government and educational institutions around the world. Netgate is the only provider of pfSense products, which include pfSense Plus and pfSense Community Edition (CE) software - the world’s leading open-source firewall, router, and VPN solution. TNSR® extends the company’s open-source leadership and expertise into high-performance secure networking – capable of delivering compelling value at a fraction of the cost of proprietary solutions.

Netgate is a registered trademark of Rubicon Communications, LLC in the United States. pfSense is a registered trademark of Electric Sheep Fencing, LLC in the United States and other countries. All other brands or product names are the property of their respective holders.