We have refreshed all IPFire images across our supported cloud providers — AWS, Hetzner, and Exoscale — and we are introducing support for Hetzner’s ARM instances for the first time. This update gives cloud architects and system administrators more options to deploy IPFire as a full-featured firewall and security gateway in environments where the native networking features are limited or inflexible.
Why Run IPFire in the Cloud?
Most cloud providers offer basic firewalling and routing functionality, but these services can be inconsistent across platforms and often require complex, provider-specific configuration. With IPFire, you deploy a familiar, self-contained platform that provides:
- Comprehensive VPN support Native IPsec, OpenVPN, and WireGuard allow you to build site-to-site tunnels or remote-access VPNs using open standards.
- Stateful firewalling & advanced routing Fine-grained packet filtering, NAT, VLANs, and policy-based routing — independent of provider limitations.
- Intrusion Prevention System (IPS) A full Suricata-based IPS with signature updates to detect and block threats in real time.
- Consistent administration A single web-based management interface across all environments, avoiding provider-specific tooling.
This approach makes it easy to create secure hybrid networks, linking cloud workloads to on-premise infrastructure without relying on proprietary VPN services or third-party appliances.
Hetzner ARM Support
The highlight of the IPFire 2.29 - Core Update 197 release cycle is full compatibility with Hetzner’s ARM-based cloud instances. These instances are cost-effective and energy-efficient, making them ideal for lightweight deployments, edge workloads, or high-density environments. And, they are fast! IPFire now runs seamlessly on these systems, giving you a consistent security stack across x86 and ARM.
Updated Images Everywhere
All images on AWS (ARM64 & x86, Documenation), Hetzner (Documentation), and Exoscale (x86, Documenation) have been rebuilt with the latest IPFire release. This includes updated kernels, packages, and security fixes to ensure that new deployments start from a secure, fully patched baseline.
If you need IPFire on a different platform, we want to hear from you. Community feedback helps us prioritise future cloud integrations.
Deploying IPFire in the cloud provides a portable, open-source security layer that behaves the same way everywhere, regardless of the underlying infrastructure. With the latest updates and new Hetzner ARM support, it has never been easier to build secure, provider-agnostic networks.