On Thursday 21 of April 2016 9:08:09 AM Gordon Messmer wrote:
> On 04/21/2016 03:11 AM, Marcin Trendota wrote:
> > But from host in another location (connected through VPN):
> What host serves the VPN? If it's another host, how is that host
> connected to the router? If it's "chamber," what type of VPN is it?
It's OpenVPN on chamber.
I've just noticed that it's similiar from home to the other location.
To clear things: 10.0.49.0/26 it's my home network
10.0.32.0/22 is one of VLANs in work ("the other location").
>From chamber:
[root@chamber ~]# nmap 10.0.32.7
Starting Nmap 6.40 ( http://nmap.org ) at 2016-04-21 22:12 CEST
Nmap scan report for 10.0.32.7
Host is up (0.053s latency).
Not shown: 988 closed ports
PORT STATE SERVICE
21/tcp open ftp
25/tcp open smtp
80/tcp open http
110/tcp open pop3
111/tcp open rpcbind
143/tcp open imap
389/tcp open ldap
443/tcp open https
993/tcp open imaps
995/tcp open pop3s
2049/tcp open nfs
5666/tcp open nrpe
Nmap done: 1 IP address (1 host up) scanned in 1.97 seconds
>From other host in home network:
[moonwolf@kazad ~]$ nmap 10.0.32.7
Starting Nmap 7.12 ( https://nmap.org ) at 2016-04-21 22:12 CEST
Note: Host seems down. If it is really up, but blocking our ping probes,
try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 0.03 seconds
When i move enp1s0 (external interface) to "home" zone, everything works
fine.
My observations:
* When enp1s0 and tun0 (VPN interface) are both in "external" zone i'm
able to scan ports of work's network from home.
But not the opposite:
[root@palpatine ~]# nmap 10.0.49.16
Starting Nmap 5.51 ( http://nmap.org ) at 2016-04-21 22:26 CEST
Nmap scan report for 10.0.49.16
Host is up (0.039s latency).
All 1000 scanned ports on 10.0.49.16 are filtered
Nmap done: 1 IP address (1 host up) scanned in 9.60 seconds
* When enp1s0 is in "external" zone (as only interface), and tun0 is in
"home" zone i can't scan ports in home nor work.
* When all interfaces are in "home" zone i can scan ports everywhere.
It's a bit chaotic, i know. Sorry about that.
--
Over And Out
MoonWolf
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
Re: FirewallD issue
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: FirewallD issue
- From: Marcin Trendota <moonwolf.rh@xxxxxxxxx>
- Date: Thu, 21 Apr 2016 22:33:15 +0200
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <5718FAE9.7020302@gmail.com>
- Organization: Trollslayers Brotherhood
- User-agent: KMail/4.14.10 (Linux/4.4.7-300.fc23.x86_64; KDE/4.14.18; x86_64; ; )
- Follow-Ups:
- Re: FirewallD issue
- From: Gordon Messmer
- Re: FirewallD issue
- References:
- FirewallD issue
- From: Marcin Trendota
- Re: FirewallD issue
- From: Gordon Messmer
- FirewallD issue
- Prev by Date: Re: Security patches list not showing
- Next by Date: Re: FirewallD issue
- Previous by thread: Re: FirewallD issue
- Next by thread: Re: FirewallD issue
- Index(es):
 |