• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

SSH port forward NAT rules

Scheduled Pinned Locked Moved NAT
2 Posts 2 Posters 3.7k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • F
    frwlnb
    last edited by Sep 6, 2010, 9:45 AM

    Do I have to create a port forward NAT rule for every server that I want to access via SSH from behind pfSense - including those I indirectly access?

    What I mean is - I prefer to ssh to one server that's NAT'd to the puplic IP address and then ssh to the others from that.

    Because I'm a noob I have a NAT port forward rule for ssh for each server I access, which is probably 'wrong' and insecure.

    Is this unnecessary? Can I just port forward ssh on the first server then ssh to the others without forwarding their ports too?

    1 Reply Last reply Reply Quote 0
    • D
      danswartz
      last edited by Sep 6, 2010, 2:20 PM

      Not only can you, the extra forwards are useless.  If you are ssh'ing to server X, and then once you get to X you say 'ssh Y', that second ssh is invisible to pfsense, since the traffic is inside the first ssh tunnel.

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received