[Openswan Users] Certain packets not traversing the VPN
Mike A. Leonetti
mleonetti at evolutionce.com
Sun Apr 11 04:45:33 EDT 2010
Mike A. Leonetti wrote:
> On a Linux<->Linux VPN all machines can talk to each other through ping,
> SSH, RDP, and those protocols work. But port 445 is showed as
> "filtered" by nmap who also complains and says "Note: Host seems down.
> If it is really up, but blocking our ping probes, try -PN". What might
> specifically be blocking this port on machines on either side of the VPN?
>
> On both iptables on the VPN all traffic from the source network is Accepted.
>
> Essentially the SMB shares aren't working.
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
As a follow up to my own post (lame as it is), the strange thing is the
difference in the nmaps:
*From in the network:*
Starting Nmap 4.76 ( http://nmap.org ) at 2010-04-11 04:42 EDT
Interesting ports on 10.1.1.123:
Not shown: 997 filtered ports
PORT STATE SERVICE
139/tcp open netbios-ssn
445/tcp open microsoft-ds
3389/tcp open ms-term-serv
MAC Address: 00:0D:56:03:B5:52 (Dell Pcba Test)
Nmap done: 1 IP address (1 host up) scanned in 4.78 seconds
Starting Nmap 4.76 ( http://nmap.org ) at 2010-04-11 04:42 EDT
mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is
disabled. Try using --system-dns or specify valid servers with --dns-servers
Interesting ports on 10.1.1.123:
Not shown: 997 filtered ports
PORT STATE SERVICE
139/tcp open netbios-ssn
445/tcp open microsoft-ds
3389/tcp open ms-term-serv
MAC Address: 00:0D:56:03:B5:52 (Dell Pcba Test)
Nmap done: 1 IP address (1 host up) scanned in 4.78 seconds
*Over the VPN:
*Starting Nmap 5.00 ( http://nmap.org ) at 2010-04-11 04:41 EDT
Interesting ports on 10.1.1.123:
Not shown: 999 filtered ports
PORT STATE SERVICE
3389/tcp open ms-term-serv
Nmap done: 1 IP address (1 host up) scanned in 4.77 second
When NMAP is run over the network it doesn't even SEE port 139 and 445.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100411/d39f0878/attachment.html
More information about the Users
mailing list