@ibbetsion said in sshguard complaining about an attack from the pfSense system itself?: 192.168.1.2 is assigned IP of the pfSense firewall from my ISP router. It is the only device connected to the ISP router This is a WAN interface ... 192.168.7.1 is the IP of the pfSense firewall itself (WAN1) Another WAN interface ... 192.168.5.2 is the assigned IP of the second WAN port on the pfSense firewall (WAN2) And another WAN interface ... No LAN(s) ? Remove all rules on all WAN interfaces. The default action will be block all (DROP) - so sshguard won't be bothered again.

@kom The first link I glanced over before but I can now access the web server both on the WAN and LAN. I'm even able to ssh to it from LAN to OPT1. I don't remember if it was one of the videos you linked or some random third video but I didn't understand that request get sent out on a random port. So those source ports would have never worked. Sorry for not understanding that sooner. Thank you for the references and your time.

@jimp Thank you! It worked.