Allow incoming ports with VPN

  • Quick question…  I have a cable modem that goes into the pfsense router and multiple internal subnets.  I have one subnet for machines that I want to use an openvpn client (PIA).

    If I wanted to allow incoming SSH on the cable modem IP (not going through the VPN), do I just create the rules like I normally would and it all works?  I hope that kind of makes sense....  I thought I tried it before and it seemed like it opened ssh on the VPN side but not the cable modem side.


  • Rebel Alliance Developer Netgate

    If you allow it inbound on the WAN to the firewall itself (or a port forward) it will work independently from the VPN.

    That said, unless you have SSH access restricted to key-based authentication only, you should not expose SSH to the Internet from any type of connection.

Log in to reply