Sound like wrong routing table or poorly configured firewall. 23.11.2015 9.34 ip. "Tianyi Yang" <[email protected]> kirjoitti:
> I tested wget from scanner side to retrieve web page running on the > scanned host. The packets on tcp port 80 were seen (and not discarded) by > the kernel of the scanned. So it appears the scanned host can receive > packets on port 80, and the scanner host can send packets to port 80 over > the VPN. Does this indicate the firewalls do not block communications for > http server? > > TY > > On Mon, Nov 23, 2015 at 12:26 PM, Eero Volotinen <[email protected]> > wrote: > >> >> >> 2015-11-23 20:21 GMT+02:00 Tianyi Yang <[email protected]>: >> >>> The VPN connection seems ok. It's tested to be up after the scan job. >>> And when the scan was running, I monitored on the scanned device side and >>> saw packet incoming from and outgoing to the scanner. >>> >>> Could you provide more guidance about how the firewall (iptable) should >>> be set up on the scanned host to allow scanning over VPN? It seems to be >>> not banning all probes from VPN, e.g. ICMP, TCP 22 and UDP 69 are seen. An >>> example kernel log is as follows: >>> >>> >> Well, no. Please contact your network administrator team to help with >> firewall settings. >> >> -- >> Eero >> >> _______________________________________________ >> Openvas-discuss mailing list >> [email protected] >> https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >> > >
_______________________________________________ Openvas-discuss mailing list [email protected] https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss
