Outbound SSH rule

  • Hey guys,

    Quick run down of what I have. Latest version of PFsense running as a virtual on VMware, it's also running squid and being used as main proxy. It has a LAN interface of, and respective WAN interface. Have multiple clients on different internal VLANS, there DG is the VLAN interface, there using the PFSense as proxy fine. I have some devs that need to get to external servers using SSH.

    I can SSH to the PFsense box, and anywhere internally. But for the life of me, I cannot establish an SSH connection from LAN, through PFSense, to external server.

    Before you say it yes I am a n00b. Any help would be awsome.


  • Also if I SSH to the PFsense box, then SSH from there back out to external servers it works fine.

  • Is it only SSH that does not work, or all traffic from LAN to WAN?

    Generally speaking outbound rules are not required for any LAN to WAN traffic as there should be a default rule LAN -> Any in place. Is that rule there?

  • LAYER 8 Global Moderator

    I would check to see if you have something else blocking, unless you have changed the rules - the default lan rule is to allow any OUTBOUND port..  So you should be able to go anywhere you want.  Now if your doing something with squid and only allow squid to go outbound..  That could be your problem?  I have not played with squid on pfsense in quite some time.

    Are you using squid as transparent or explicit proxy?  I would look to your rules to make sure you didn't limit only squid to be able to go outbound on say 80 and 443?

Log in to reply