I have the following situation. I should have the access to a VM via SSH but trying to connect to this machine I obtain no response. I suspect that some firewall rules are blocking my request (so it should be considered as filtered).
How can I correctly use NMap (or some other tool) to check if the connection to the 22 port is filtered to discover if it is a firewall issue?
Best Answer
Does the VM respond to a ping ?
if not, where does a traceroute stops at ?
Nmap can only tell you if the port is closed(TCP FIN), open (TCP ACK) or filtered(no response), not where it is filtered.
You might want to check the logs / tcpdump on the vm to see if it sees the TCP SYN. Also check the logs on the firewalls between you and the VM.
Edit: nmap -sS -p 22 [VMIP]
-sS : Syn scan
-p 22 : port 22