<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Mike A. Leonetti wrote:
<blockquote cite="mid:4BC019B5.8010400@evolutionce.com" type="cite">
<pre wrap="">On a Linux<->Linux VPN all machines can talk to each other through ping,
SSH, RDP, and those protocols work. But port 445 is showed as
"filtered" by nmap who also complains and says "Note: Host seems down.
If it is really up, but blocking our ping probes, try -PN". What might
specifically be blocking this port on machines on either side of the VPN?
On both iptables on the VPN all traffic from the source network is Accepted.
Essentially the SMB shares aren't working.
_______________________________________________
<a class="moz-txt-link-abbreviated" href="mailto:Users@openswan.org">Users@openswan.org</a>
<a class="moz-txt-link-freetext" href="http://lists.openswan.org/mailman/listinfo/users">http://lists.openswan.org/mailman/listinfo/users</a>
Building and Integrating Virtual Private Networks with Openswan:
<a class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>
</pre>
</blockquote>
As a follow up to my own post (lame as it is), the strange thing is the
difference in the nmaps:<br>
<br>
<b>From in the network:</b><br>
Starting Nmap 4.76 ( <a class="moz-txt-link-freetext" href="http://nmap.org">http://nmap.org</a> ) at 2010-04-11 04:42 EDT<br>
Interesting ports on 10.1.1.123:<br>
Not shown: 997 filtered ports<br>
PORT STATE SERVICE<br>
139/tcp open netbios-ssn<br>
445/tcp open microsoft-ds<br>
3389/tcp open ms-term-serv<br>
MAC Address: 00:0D:56:03:B5:52 (Dell Pcba Test)<br>
<br>
Nmap done: 1 IP address (1 host up) scanned in 4.78 seconds<br>
<br>
Starting Nmap 4.76 ( <a class="moz-txt-link-freetext" href="http://nmap.org">http://nmap.org</a> ) at 2010-04-11 04:42 EDT<br>
mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is
disabled. Try using --system-dns or specify valid servers with
--dns-servers<br>
Interesting ports on 10.1.1.123:<br>
Not shown: 997 filtered ports<br>
PORT STATE SERVICE<br>
139/tcp open netbios-ssn<br>
445/tcp open microsoft-ds<br>
3389/tcp open ms-term-serv<br>
MAC Address: 00:0D:56:03:B5:52 (Dell Pcba Test)<br>
<br>
Nmap done: 1 IP address (1 host up) scanned in 4.78 seconds<br>
<br>
<b>Over the VPN:<br>
<br>
</b>Starting Nmap 5.00 ( <a class="moz-txt-link-freetext" href="http://nmap.org">http://nmap.org</a> ) at 2010-04-11 04:41 EDT<br>
Interesting ports on 10.1.1.123:<br>
Not shown: 999 filtered ports<br>
PORT STATE SERVICE<br>
3389/tcp open ms-term-serv<br>
<br>
Nmap done: 1 IP address (1 host up) scanned in 4.77 second<br>
<br>
When NMAP is run over the network it doesn't even SEE port 139 and 445.<br>
</body>
</html>