4. SSH port forward NAT rules

SSH port forward NAT rules

  • F

    Do I have to create a port forward NAT rule for every server that I want to access via SSH from behind pfSense - including those I indirectly access?

    What I mean is - I prefer to ssh to one server that's NAT'd to the puplic IP address and then ssh to the others from that.

    Because I'm a noob I have a NAT port forward rule for ssh for each server I access, which is probably 'wrong' and insecure.

    Is this unnecessary? Can I just port forward ssh on the first server then ssh to the others without forwarding their ports too?

    0
  • D

    Not only can you, the extra forwards are useless.  If you are ssh'ing to server X, and then once you get to X you say 'ssh Y', that second ssh is invisible to pfsense, since the traffic is inside the first ssh tunnel.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy