Monday, September 21, 2009

Using NMAP via VPN

This morning, tried running nmap for the first time via VPN which means dual interfaces meaning dual routes to target etc. etc. and since this is a windows box the nmap -e wasn't working for me.

I received the "failed to determine dst mac address  for target" error.

Anyway, the solution I found worked and it was simple.

Find your mac address, ipconfig /all or arp -a and tie it to the current VPN IP.

From windows command line just enter

arp -s "vpn ip" "mac address"

When you run nmap it should work.



Brandon Perry said...

Just to be clear on what is happening, you are adding a static (-s) entry into your ARP table. This may not be the best solution and can lead to confusion down the road. Another option is to use Winpcap to route the raw packets.

cktricky said...

Your probably right and thank you for the information, good to know. Do you mind posting a link to a blog post of yours regarding this? I can edit this article (later in the week or weekend) to include more info with the link you give me.