The TCP connections to your servers are made by the VPS monitor from 87.253.155.96/27 & 2a01:7c8:7ca:ba11::/64. Allow these IP ranges in your firewall if you want to monitor ports that are blacklisted in your firewall.
For the VPS firewall in the control panel, the IP addresses of the TCP monitor are automatically whitelisted (you won't see this in the control panel).
Depending on which firewall you are using, you can use the following commands:
ufw (Ubuntu/Debian):
sudo ufw allow from 87.253.155.96/27
sudo ufw allow from 2a01:7c8:7ca:ba11::/64
firewalld (CentOS Stream, AlmaLinux, Rocky Linux):
sudo firewall-cmd --permanent --zone=public --add-source=87.253.155.96/27
sudo firewall-cmd --permanent --zone=public --add-source=2a01:7c8:7ca:ba11::/64