I tested wget from scanner side to retrieve web page running on the scanned host. The packets on tcp port 80 were seen (and not discarded) by the kernel of the scanned. So it appears the scanned host can receive packets on port 80, and the scanner host can send packets to port 80 over the VPN. Does this indicate the firewalls do not block communications for http server?
TY On Mon, Nov 23, 2015 at 12:26 PM, Eero Volotinen <[email protected]> wrote: > > > 2015-11-23 20:21 GMT+02:00 Tianyi Yang <[email protected]>: > >> The VPN connection seems ok. It's tested to be up after the scan job. And >> when the scan was running, I monitored on the scanned device side and saw >> packet incoming from and outgoing to the scanner. >> >> Could you provide more guidance about how the firewall (iptable) should >> be set up on the scanned host to allow scanning over VPN? It seems to be >> not banning all probes from VPN, e.g. ICMP, TCP 22 and UDP 69 are seen. An >> example kernel log is as follows: >> >> > Well, no. Please contact your network administrator team to help with > firewall settings. > > -- > Eero > > _______________________________________________ > Openvas-discuss mailing list > [email protected] > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
