Openvpn – Running nmap over vpn on Mac OS X 10.7 Lion fails

networkingnmapopenvpnvpnvpn-client

When connected to VPN (I have used OpenVPN and TunnelBear VPN service) nmap stops working. Ping, nc and other network tools work however nmap doesnt.

When not running vpn, I get:

$ sudo nmap 8.8.8.8

    Starting Nmap 5.51 ( http://nmap.org ) at 2011-12-07 15:38 CST
    Nmap scan report for google-public-dns-a.google.com (8.8.8.8)
    Host is up (0.082s latency).
    Not shown: 998 filtered ports
    PORT    STATE  SERVICE
    53/tcp  open   domain
    113/tcp closed auth

When running over vpn, I get the following:

$ sudo nmap 8.8.8.8

    Starting Nmap 5.51 ( http://nmap.org ) at 2011-12-07 15:08 CST
    Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
    Nmap done: 1 IP address (0 hosts up) scanned in 3.07 seconds

It is like nmap loses the traffic. Doing tcpdump captures shows that the traffic is making it back to the box.

Any mac osx, OpenVPN or nmap experts have an idea?

I am using the latest macports nmap…

Best Answer

Try adding the nmap -e option to the command line to specify the interface to use. For example, if tun0 is the VPN interface, then do:

% nmap -e tun0  (plus whatever options) target_IPs

  • -e : Use specified interface

  • --iflist to list the interfaces as Nmap sees them.

Related Topic