Nmap Development mailing list archives

Nmap not play nice w/ Cisco VPN

From: "Wagner, Chris (GEAE, CBTS)" <chris.wagner () ae ge com>
Date: Wed, 27 Sep 2006 22:02:24 -0400

It seems nmap doesn't like Cisco VPN.  The VPN creates a virtual
ethernet interface to take the VPN traffic but trying to nmap something
across the VPN link doesn't work right.
Starting Nmap 4.11 ( http://www.insecure.org/nmap ) at 2006-09-27 21:37
EDT
nexthost: Failed to determine dst MAC address for target x.x.x.x
QUITTING!

It does this even though the target IP is not within the VPN adapter's
subnet.  If my IP was 1.2.3.4/24 and I was scanning 1.2.3.5, then yeah,
it should go local.  But scanning 2.3.4.5 should go to the gateway but
it's not.  If I specify the VPN interface with -e it still doesn't
work.  I have to specify the physical interface to get it to work.  The
host is pingable.

Starting Nmap 4.11 ( http://www.insecure.org/nmap ) at 2006-09-27 21:45
EDT
************************INTERFACES************************
DEV  (SHORT) IP/MASK          TYPE     UP MAC
eth0 (eth0)  x.x.x.x/20  ethernet up 00:05:9A:3C:78:00
eth1 (eth1)  10.252.250.92/23 ethernet up 00:03:47:DD:82:16
lo0  (lo0)   127.0.0.1/8      loopback up

nmap -e eth1 -P0 host   works.
nmap host               "should" work, fails.

Ideas?



-- 
Chris Wagner
CBTS
GE Aircraft Engines
Chris.Wagner () ae ge com

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Nmap not play nice w/ Cisco VPN Wagner, Chris (GEAE, CBTS) (Sep 27)
- Message not available
  - Re: Nmap not play nice w/ Cisco VPN Wagner, Chris (GEAE, CBTS) (Sep 27)
    - Re: Nmap not play nice w/ Cisco VPN Andreas Ericsson (Sep 28)
    - Re: Nmap not play nice w/ Cisco VPN Daniel Roethlisberger (Sep 28)
    - Re: Nmap not play nice w/ Cisco VPN Wagner, Chris (GEAE, CBTS) (Sep 28)