Pritunl Zero -

vinzBravo · November 5, 2025, 4:32pm

Hello Support

Can the bastion’s listening port be different from the port used in the ProxyJump option in the ~/.ssh/config file?

I just found a unique configuration for this on the Authorities :
Bastion Hostname and Port

For context : i want to start the listening ssh on my bastion host on port 9801 but when client renew key the pritunl will send in ~/.ssh/config

ProxyJump bastion@bastion-pritunl.pritunl.net:9800

The goal is to use a tcp lb directly on the host and we cant because of the already used port from pritunl

zach · November 6, 2025, 2:24am

It will only configure one port which is set in the authority settings.

vinzBravo · November 6, 2025, 7:58am

You mean its mandatory to use external tcp load balancer for HA bastion host ?

zach · November 7, 2025, 3:02am

Yes it would need to be a load balancer that does not change the port.