Recent news from Netgate blog…
Tom, regarding the block rule on the IOT interface. You used port 443…you must also be using/assuming HTTPS to access PfSense. However, for users that are using the default PfSense setting of HTTP, shouldn’t your block rule be on port 80 instead??
pfsense defaults to 443, but as I said in the video, block whatever port you have it on.
You said in the video you shouldn’t have the pfsense interface public facing but I presume it’s ok to use a VPN to access pfsense remotely.
Yes, you could access it via OpenVPN or SSH tunneling.