Navigating to Buy pfSense +
-
OK, so now I can buy two years of TAC Lite for $200 after discount. That's a bit expensive but bordering on reasonable.
However, I run pfSense under Proxmox and my NDI has changed after certain Proxmox updates in the past. Is this license transferable between NDIs? Is there a web portal to deactivate NDIs and free up the license? Would I have to fight with Netgate support to transfer it?
-
Thanks for the link to the 2-year support option which I used in conjunction with the discount code. Through the normal store link, I couldn't see a two-year option available so this saved me some money.
-
Posted over on the other thread, but I think it bears saying again here...
Why do we need to saddle the homelab community with yet another tax on our hobbies? I'd be fine with a one-time cost. Hell, I'd even buy one of the foolish devices and keep it in the box if it meant I could enjoy the "one time" cost for continued access.
In my homelab setup, which I've been running for well over 15 years, I've never once contacted TAC support, save for the exception of when their new "licensing" model messed up my Plus upgrade and another when swapping NICs due to a failed one caused my Netgate ID to regenerate.
Why can't this just be a one-time fee?
-
@joedan said in Navigating to Buy pfSense +:
Thanks for the link to the 2-year support option which I used in conjunction with the discount code. Through the normal store link, I couldn't see a two-year option available so this saved me some money.
I went ahead and did the same thing too as wanted to support the project. I've been using pfsense far as back to early pfdns days which is 15+ years of continuous use for my home and home lab. Long as I can continue to use my own hardware with the plus version without limits I'm ok paying for Tac Lite.
-
@Darkk said in Navigating to Buy pfSense +:
@joedan said in Navigating to Buy pfSense +:
@Darkk
I went ahead and did the same thing too as wanted to support the project. I've been using pfsense far as back to early pfdns days which is 15+ years of continuous use for my home and home lab. Long as I can continue to use my own hardware with the plus version without limits I'm ok paying for Tac Lite.Were you able to update with the new key?
-
I didn't need a key (I was already running PFSense+ on my own hardware). After ordering with my Device ID, my Netgate Services and Support widget displayed I was under a TAC Lite contract after about 20-30 mins.
-
@chudak said in Navigating to Buy pfSense +:
@Darkk said in Navigating to Buy pfSense +:
@joedan said in Navigating to Buy pfSense +:
@Darkk
I went ahead and did the same thing too as wanted to support the project. I've been using pfsense far as back to early pfdns days which is 15+ years of continuous use for my home and home lab. Long as I can continue to use my own hardware with the plus version without limits I'm ok paying for Tac Lite.Were you able to update with the new key?
I haven't received the new token yet. I am assuming it's a two part process of the order so hopefully I will receive an e-mail soon.
-
I haven't received the new token yet. I am assuming it's a two part process of the order so hopefully I will receive an e-mail soon.
That’s my case as well, thx
-
@chudak said in Navigating to Buy pfSense +:
I haven't received the new token yet. I am assuming it's a two part process of the order so hopefully I will receive an e-mail soon.
That’s my case as well, thx
Actually it looks like my instance just got updated showing the new effective start and end dates. If you add the Netgate Service and Support widget on your dashboard it will show you the current support info.
It would make sense that I never received the new token as my instance is already registered with Netgate.
-
@Darkk said in Navigating to Buy pfSense +:
@chudak said in Navigating to Buy pfSense +:
@Darkk said in Navigating to Buy pfSense +:
@joedan said in Navigating to Buy pfSense +:
@Darkk
I went ahead and did the same thing too as wanted to support the project. I've been using pfsense far as back to early pfdns days which is 15+ years of continuous use for my home and home lab. Long as I can continue to use my own hardware with the plus version without limits I'm ok paying for Tac Lite.Were you able to update with the new key?
I haven't received the new token yet. I am assuming it's a two part process of the order so hopefully I will receive an e-mail soon.
Are you sure this process involves a new token ?
I just did a bunch of TAC lite checkouts and I had to provide the NDI of the already running system there. I got an email receipt but no tokens. The new compliance status then showed in the support widget on the dashboard moments later.
These were commercial use systems I'd been waiting for TAC lite to be launched for.
Still on the fence for actual home and lab. My home and lab is legit home and lab, not commercial use and the very nature of lab, as 50+ people already pointed out above, means tbe NDI will surely not live as long as the TAC lite. And 129 a year is too much for lab
Legit lab use = helps me evangelize pfSense.
Legit lab use = helps me be useful in Redmine - no way I can reboot a production system or hack around try to break stuff in prod.Paying 129 a year for either of these things makes no sense. Paying 129 per release makes no sense. Paying x dollars lifetime with no way to reassign an NDI makes no sense. Some of my test NDI live a few days then are never seen again.
Maybe I overestimate how many of us are making good bug reports but I'm sure it's not zero.
You can't reproduce a pfsense plus bug seen in the wild on CE because they are divergent code bases.
TL;DR: I'm happy TAC lite was finally launched for commercial use white boxes but H&L use still needs to be addressed seeing as CE is different.
To weed out nonsense like an OEM cloning one license to 200000 NDI, they need to work on their licensing backend. Kicking us all out seems counter productive -
@mfld Well said. We need a proper home/lab license path.
-
@mfld said in Navigating to Buy pfSense +:
@Darkk said in Navigating to Buy pfSense +:
@chudak said in Navigating to Buy pfSense +:
@Darkk said in Navigating to Buy pfSense +:
@joedan said in Navigating to Buy pfSense +:
@Darkk
I went ahead and did the same thing too as wanted to support the project. I've been using pfsense far as back to early pfdns days which is 15+ years of continuous use for my home and home lab. Long as I can continue to use my own hardware with the plus version without limits I'm ok paying for Tac Lite.Were you able to update with the new key?
I haven't received the new token yet. I am assuming it's a two part process of the order so hopefully I will receive an e-mail soon.
Are you sure this process involves a new token ?
I had to add the Support widget on my dashboard to see the new support dates so it's all good for me now.
-
As others have said, it would be great to implement a license for beta testers. I think the minimum number of licenses for testing should be 4, for correct testing on both real and virtual hardware. I think there are few people willing to pay for 4 annual licenses at once for the price over 100 or... you can forget about the effectiveness of the beta program for plus version.
-
I wonder how long the 23% discount is going be? Before throwing in all that money, I would like to see how this all resolves and if this will be their final solution...
-
@AMG-A35 said in Navigating to Buy pfSense +:
I guess I'm going opnsense, its only replacing pfBlockeNG which is holding me back.
They have a community repo with AdGuard Home that can probably replace a chunk of that functionality for you.
-
@w0w said in Navigating to Buy pfSense +:
As others have said, it would be great to implement a license for beta testers. I think the minimum number of licenses for testing should be 4, for correct testing on both real and virtual hardware. I think there are few people willing to pay for 4 annual licenses at once for the price over 100 or... you can forget about the effectiveness of the beta program for plus version.
I think the issue right now is that they don't have a way to distinguish a new NDI from an old one. Otherwise how can it be that some OEM can use one activation to activate one Home and Lab license, then image the entire disk to hundreds of devices and all these devices get to obtain a client certificate to access the update repo.
We have no portal for customers to see licences / NDI, expiry dates and revoke stuff.
The crux of the issue seems to be that at the back-end it isn't ready to handle this sort of stuff. Once they fix that they should be able to let us transfer a license to a new NDI and manage licenses.
-
@Darkk said in Navigating to Buy pfSense +:
Actually it looks like my instance just got updated showing the new effective start and end dates. If you add the Netgate Service and Support widget on your dashboard it will show you the current support info.
It would make sense that I never received the new token as my instance is already registered with Netgate.
Mine only shows me this (pfSense+ installed on bare metal earlier this month):
It looks correct on the Netgate webpage:
It shows as registered too:
At this point I am not sure what any of it will mean over the coming days or weeks. Nothing actually shows an expiry date either.
️
-
@w0w said in Navigating to Buy pfSense +:
or... you can forget about the effectiveness of the beta program for plus version.
I have been active testing pfSense + on white box and NetGate devices from alpha through beta then RC to release over the last few years. I am hard pressed to rationalize paying for the ability to continue this testing activity. As it now stands, I will place the 4100 MAX in production service and move the white box devices into deep storage and if things don't change, they will be sent off to be recycled. I will not run anything other than release on the 4100 MAX.
Sometimes things just suck!
Ted Quade
-
@mfld said in Navigating to Buy pfSense +:
Otherwise how can it be that some OEM can use one activation to activate one Home and Lab license, then image the entire disk to hundreds of devices and all these devices get to obtain a client certificate to access the update repo.
As far as I can tell the NDI is generated from the NIC MAC addresses. It's certainly possible that some shady vendor changed the NDI generation code to reuse the exact same NDI on different boxes with different MAC addresses, but this is only speculation. Ideally the firewall instance should use an authenticated token with Netgate online ID instead of the two step registration token / NDI, but getting crypto/license management right when the code is readily available for inspection is not as simple as it may first seen.
-
@RobbieTT Double check your Netgate hardware ID against the order. If it matches and still showing community support then I would put in a support ticket so they can look into it. Also on the widget there is a refresh button so give that a try.