miclog last edited by
I discovered that a remote consultant who helped setup our PFsense router installed a VPN link to himself. I can understand why he needs a login to router to help configure but why would he need access to our network? I have worked with him before but this seems a bit strange. Should I be concerned? Is there a way to see what he is accessing?
Why don't you just ask him? It is not unreasonable in my opinion as scope tends to creep to LAN-side things eventually.
Regarding logging you could turn on logging on the VPN rules. That will log every connection over the VPN. It might be pretty voluminous.
Make him call to get access and enable/disable the account accordingly if that helps you feel better.
With just HTTPS access he can make a VPN/ssh tunnel, etc any time he feels like it anyway. If you don't trust him you're probably using the wrong guy in the first place.