How can I limit access to a a port forwarding rule to certain IPs



  • Hello,

    I am running pfsense 1.2.2 embedded and would like to forward port 8888 on the WAN interface to port 22 to an IP address in the LAN in order to get SSH access to a machine in the LAN from remote.

    I have created a Port Forwarding Rule and it works.

    However I don't want the whole world to access my server, so I would like to limit the access from a certain IP or network.

    How can I accomplish this using the webGUI?

    The GUI generates something like

    rdr on ng0 proto tcp from any to x.x.x.x port { 8888 } -> 192.168.3.4 port 22

    and I guess I need to replace the "from any" with the desired IP Address from which I want to allow access.



  • firewall –> rules --> WAN
    Modify the autogenerated firewall rule for your portforward.
    Probably the easiest is, if you create an alias containing all your sources you want to allow, and use this alias as "from".


Log in to reply