Skip to main content

Published: in Videos

pfSense Plus 25.11 Release Notes – Changes and What to Check Before Upgrading

By Sam Sheridan - 12th December, 2025

Netgate has released pfSense Plus 25.11, bringing a set of updates and changes that administrators should review carefully before upgrading. While this release is not a major feature overhaul, it does include important security-related changes, particularly around OpenVPN, as well as general improvements and clean-ups.

Video walkthrough:

OpenVPN Changes (Important)

One of the most notable changes in pfSense Plus 25.11 relates to OpenVPN configuration defaults and validation.

Deprecated Diffie-Hellman Parameters

OpenVPN configurations using Diffie-Hellman parameters smaller than 2048 bits are now deprecated. This aligns with modern cryptographic best practices and helps ensure stronger security by default.

What this means for you:

  • Older OpenVPN configurations may trigger warnings

  • Some legacy setups may require regeneration of certificates or parameters

  • It’s a good idea to review existing OpenVPN server and client configs before upgrading

If you’re running long-standing VPN setups that haven’t been touched in years, this is an area you should check carefully.

General Improvements and Maintenance

As with most pfSense Plus releases, 25.11 includes:

  • General system improvements

  • Bug fixes and stability enhancements

  • Code clean-ups and maintenance updates

While these changes may not be immediately visible in day-to-day use, they contribute to overall reliability and long-term maintainability of the platform.

Upgrade Considerations

Before upgrading to pfSense Plus 25.11, consider the following:

  • Back up your configuration (always)

  • Review OpenVPN settings, especially cryptographic parameters

  • Check Netgate’s official documentation for appliance-specific notes

  • Avoid upgrading production systems without testing if possible

For home lab users, the upgrade should be straightforward, but it’s still worth taking a few minutes to review the release notes in full.

Final Thoughts

pfSense Plus 25.11 is a solid maintenance release with a particular emphasis on keeping cryptographic standards up to date. While it may not introduce headline-grabbing features, the OpenVPN changes alone make it a release that administrators should be aware of.

If you’re interested in a full walkthrough of the release notes and a discussion of what these changes mean in practice, check out the embedded video above.

Tags:

pfsense firewalls networking

Got Questions?

Find quick answers to common IT support questions

How quickly can you respond to IT issues?

While many companies claim a 15-minute response, we guarantee a one-hour response time for urgent issues. This realistic timeframe allows our expert team to mobilise properly and arrive fully prepared to diagnose and resolve the problem efficiently - ensuring quality support rather than a rushed service.

How long has Sheridan Computers been established?

We've proudly been established for over 15 years. Our enduring presence in the IT industry is a testament to our commitment to quality, innovation, and reliable service. We’re here for the long haul, continuously evolving to meet the needs of our customers today - and in the future.

IT Emergency?

24/7 emergency IT support available for existing clients

Call Emergency Support
Help & Support
Standard Support Hours

Monday - Friday 8:00 - 17:00
Saturday Closed
Sunday Closed
Client Access
Remote Support Tool Client Portal Login
Other Ways to Reach Us
Email Support
24/7 Emergency Support

Critical issues? Our emergency team is available 24/7 for existing clients.

Emergency Support Line