Re: Not able Work with VPN connection.

["DePriest, Jason R." <jrdepriest () gmail com>]

I have the same problem when trying to use nmap through a Juniper VPN
tunnel.  They are both IPSec and I'm pretty sure they both create a
virtual adapter.

If it matters, my SA ends up with AES/SHA1 for encryption / integrity
in ESP transport mode and LZO is used for compression.  I don't manage
the box, but it probably uses DH key exchange to set up the SAs.  I
never had to enter a pre-shared key.  It does that stuff via an SSL
web page (I think) before handing it off to the VPN client, proper.

It creates a 'Juniper Network Connect Virtual Adapter' that doesn't
show up in ipconfig or the Network Connections Control Panel applet.

I'll try out Brandon's suggestion, too and see what comes out of it.

Tried it.  Didn't work.

A debug shows that an ARP from my system is failing.

ARP who-has {VPN Client IP} tell {VPN Client IP}

which doesn't make sense.  I am trying to get my own MAC via an ARP and failing.

What format do you use to force something through a particular interface?

I tried using
-e "Juniper Network Connect Virtual Adapter"
-e 3 (after using windump -D to find out what order they were in)
-e \Device\NPF_{C44E890A-E2FC-4DE4-A55A-FBB83C45F2C5}
and they all fail.

-Jason


On Wed, May 27, 2009 at 6:25 PM, Arun Adikesavan -X (aadikesa - IBM -
INS at Cisco) <> wrote:
> Hi,
>
> I am using Zenmap 4.62 frequently for resolving port's opened on server
> .  My job is to troubleshoot  with ACL and providing need access for
> user. Using Zenmap is one of my troubleshooting method.
>
> Facing a issue with VPN login. Getting following error message
>
> Using Cisco System VPN client Version 5.0.05 (new version).
>
> Looking forward for a solution or suggestion.
>
> Regards,
>
> ARUN

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org