Re: host discovery fails - Nmap, tap interface and OpenVPN

[David Fifield <david () bamsoftware com>]

On Fri, Mar 30, 2012 at 04:32:36PM +0200, Agapito Malteni wrote:
> Hi,
>
>
> I'm using nmap (version 5.51) on Windows 7 64bit. I'm connected to a vpn
> (OpenVPN in tap ethernet bridging mode)
> A virtual device (tap) is used by Nmap and I'm scanning targets belonging
> to a vpn.
>
>
> Here is my network configuration (only meaningful)
>
> Tap device
>
>    Address IPv4. . . . . . . . . . . . . : 192.168.5.1
>    Subnet mask . . . . . . . . . . . . . : 255.255.255.0
>    Default gateway . . . . . . . . . . . :
>
>
> route print
> Network address             Mask          Gateway             Interface
>     Metrics
>        192.168.6.0    255.255.255.0       192.168.5.99      192.168.5.1
> 31
>        192.168.7.0    255.255.255.0       192.168.5.99      192.168.5.1
> 31
>
>
> The preceding routes are injected by the OpenVPN server. My IP is on
> network 192.168.5.0 and can reach networks 192.168.6.0,192.168.7.0
> via gateway 192.168.5.99.

Can you show us "ipconfig", "route print", and "nmap --iflist" both
before and after doing the OS ping? You can cut out any parts that you
don't think are unnecessary.

Somehow Nmap seems to think that the target is on a routed network in
the first case, and correctly determines that it is on the same subnet
in the second case. This usually has to do with interfaces, not routes.
But seeing the --iflist output will help us find out what's happening.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/