No, ssh server is not on the VPN network. My laptop is at work WiFi, openvpn client running on laptop connects to my VPN subscription (Private Internet Access), ssh server is a machine at home connected to internet via ISP.
Interestingly, even though the
route command in my previous post
works, if I try that same approach (based on destination ip) with pf, like this...
Code:
pass out to $remote_ip route-to athn0
or
Code:
pass out to $remote_ip route-to $athn0_gateway
...again ssh authentication hangs then times out. The only conclusion I can draw is that pf's
route-to does not work as intuitively as route(8).