Zonos
1
Hi!
I’ve setup my own OpenVpn server on AWS using an EC2 instance and I have a GL-AR150 router with OpenWRT configured to connect to the VPN Server.
Now, I want to have some EC2 running network scans such as NMAP on my VPN Network and all the devices that are latched onto it. The only problem is that whenever I run any scanning tools the only thing that is showing up is the router.
Is it possible/way to be able to view all the devices connected through a vpn router on the vpn server (or by a device connected on the same VPN server)? Or is the idea I’m looking for far fetched and impossible
Sorry if I’ve worded anything wrong or confusing!
Thanks!
jeffsf
2
Let’s say that your VPN end points are 198.51.100.150 (on your AR150) and 192.0.2.102 (in the cloud). Further, your internal net is 10.0.0.0/24. To scan the 10.0.0.0 net from the cloud instance, it needs a route to the internal net, and that internal net needs a route back to the instance itself. I’d bet that one or the both of those routes are missing. (Running your pen-test tooling on the network itself is also an option.)
Zonos
3
Thanks for the reply! I think you’re probably right, I’m pretty sure I have not routed the instance to the internal net and vice versa. Would something like this have to exist on both the server and client config files? I.e. I am slightly unsure where to add/implement these.
jeffsf
4
I’m not certain about the config files vs. static routes, but, yes, the cloud instance needs an interface and a route to the 10.0.0.0 net and the AR150 end point needs a route back to that interface on the cloud instance.
Zonos
5
Thanks for this! I understand in theory what needs to be done, going to do some digging around to see if i can actually implement it and hope it works.
1 Like
