Yes. The modem/edge router will need a static route pointing the VPN client subnet back to pfSense
When there is only one interface it is WAN
That's a bit vague, but in general you'll still need a few things. pfSense will have to use the modem for its default gateway, you'll need firewall rules on pfSense to pass the VPN traffic in WAN and OpenVPN tab rules to pass VPN traffic in there.
If that domain firewall.connecta gets forwarded to some other dns, then yes its a rebind when it returns rfc1918. If you do not want the rebind protection then you need to tell what your using unbound or dnsmasq that is doing the forwarding of this domain that this domain is private and is ok to return rfc1918 space.
https://www.netgate.com/docs/pfsense/dns/dns-rebinding-protections.html
I take it your doing a domain override on this domain? If this domain is the domain pfsense is in, then it shouldn't be giving rebind if it returns the IP for it.
Buen Día, tengo un cliente que quiere acceder a una pagina de otro país, la cuestión es que el proxy no esta permitiendo esta conexión, se creo la excepción en el navegador y funciono pero son mas de 200 usuarios que intenta acceder a esta pagina, que otra forma existe para que desde el Pfsense esta pagina se salte el proxy y puedan Navegar.
Agradezco su ayuda, Muchas Gracias.
Because my SG-3100 is out in the open the flashing blue LED is distracting, so I simply entered a cron entry to turn the LED off after 20 minutes post-startup.
*/20 * * * * root /usr/sbin/gpioctl 2 duty 0
Adding the WAN rule will not add a port forward.
You add a port forward in Firewall > NAT, Port Forward. There you can optionally (recommended) have the port forward automatically maintain the firewall rule on WAN for you.
Yes, you need both ports forwarded.
In your case you can do a range from 5198 to 5199 and do it in one rule.
