Greetings,

I've setup a PF OBSD bridge for my DMZ, with public servers in the DMZ
then a PF firewall protecting my LAN.

I log into my LAN via VPN remotely, & do RDP to my workstation from there.
Then I use my workstation @ work to establish a SSH connecting to my DMZ
servers

One really weird thing is I can't log into one of my OBSD servers in the
DMZ when I have the rules activated on the front end PF bridge? Trying
to connect via SSH. The target SSH server uses DNS resolution from
upstream ISP. It can do dns resolution fine. I've allowed all ICMP thru
PF bridge.

Not sure why the upstream PF bridge would obstruct my SSH connection
between LAN & DMZ when its not in the connection path.

ie. LAN <-> ROUTING FIREWALL <-> DMZ <-> PFBRIDGE <-> INET