When connected to VPN (I have used OpenVPN and TunnelBear VPN service) nmap stops working. Ping, nc and other network tools work however nmap doesnt.
When not running vpn, I get:
$ sudo nmap 8.8.8.8
Starting Nmap 5.51 ( http://nmap.org ) at 2011-12-07 15:38 CST
Nmap scan report for google-public-dns-a.google.com (8.8.8.8)
Host is up (0.082s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE
53/tcp open domain
113/tcp closed auth
When running over vpn, I get the following:
$ sudo nmap 8.8.8.8
Starting Nmap 5.51 ( http://nmap.org ) at 2011-12-07 15:08 CST
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.07 seconds
It is like nmap loses the traffic. Doing tcpdump captures shows that the traffic is making it back to the box.
Any mac osx, OpenVPN or nmap experts have an idea?
I am using the latest macports nmap...
Try adding the
nmap -eoption to the command line to specify the interface to use. For example, if tun0 is the VPN interface, then do:-e : Use specified interface
--iflist to list the interfaces as Nmap sees them.
Use other scaning options
The option --packet-trace reveals the first step of the packet, so you can be sure that you are using the interface you chose with -e
With the light from @Tate Hansen try other scan types like -sT -sN -sX, those already elicited some reply from the targets.
The debug output format activated with -d proved useful to activate the debug messages (it can be overwhelming)
The VPN is a security measure that, depending on the implementation, may have some functions set up in the origin (Firewall or VPN gateway) that may block some kind of traffic by default.