Looking for a "fing"-like program who can find all units on the other end of my openvpn connection

llarsx

Getting the hang of it
Joined
May 7, 2018
Messages
215
Reaction score
17
I have an Asuswrt-Merlin router on the other end where I can use Network Map, but it shows only active units. When I am there locally I use Fing to find all units incl. power units like Deltaco's and Verisure's, but am looking for a program who can do the same via the openvpn connection.

I have tried Fing for computer, but with no help.
 

llarsx

Getting the hang of it
Joined
May 7, 2018
Messages
215
Reaction score
17

llarsx

Getting the hang of it
Joined
May 7, 2018
Messages
215
Reaction score
17
Thanks again. I'll try it, but first do an extra backup as I always am afraid for unwanted/complicated errors. Of course Norton accepted it, but inside 756 files is very much and could keep much unwanted.
 

llarsx

Getting the hang of it
Joined
May 7, 2018
Messages
215
Reaction score
17
I count not use 64 bit, but 32 bit was OK, spite it did not find anything more than my asus router. Passive ip units like Deltaco power unit was not found. Therefore the program was useless for me and I am looking for a better one.
 

Mike A.

Known around here
Joined
May 6, 2017
Messages
3,825
Reaction score
6,377
I don't think that you'll find anything that will work in the way that you want. What happens with the VPN is that your client is not truly assigned an IP address on your same network. It's assigned an IP outside of your network which the VPN server within the router then internally routes traffic coming over the separate TUN interface established for the VPN from that IP address into your local network.

So say that your internal network is using 192.168.1.x/255.255.255.0. The IP assigned to your client by default with OpenVPN on the Asus would be in the 10.8.0.x/255.255.255.0 range. Different IP address space/network. The router also has a 10.8.0.x address on the VPN interface so Fing, et. al. can find the router. But beyond that it won't find anything since such tools need to be on the same network and don't work over a routed connection. (Otherwise, you could map any network anywhere that you could access.)

Not sure whether there's some way to set up OpenVPN to permit that but kind of doubt it. Have to let someone better at such things respond to that.

What you could do is RDP over the VPN and then run a scanner locally from a machine inside of your network. There also are various network management systems with agents that you set up to run inside of your network which then can report that information out to whatever management platform but that's probably way beyond the scope of what you're trying to do.
 
Last edited:

biggen

Known around here
Joined
May 6, 2018
Messages
2,539
Reaction score
2,765
I don't think that you'll find anything that will work in the way that you want. What happens with the VPN is that your client is not truly assigned an IP assigned an address on your same network. It's assigned an IP outside of your network which the VPN server within the router then internally routes traffic coming over the separate TUN interface established for the VPN from that IP address into your local network.

So say that your internal network is using 192.168.1.x. The IP assigned to your client by default with OpenVPN on the Asus would be in the 10.8.0.x range. Different IP address space/network. The router also has a 10.8.0.x address on the VPN interface so Fing, et. al. can find the router. But beyond that it won't find anything since such tools need to be on the same network and don't work over a routed connection.

Not sure whether there's some way to set up OpenVPN to permit that but kind of doubt it. Have to let someone better at such things respond to that.

What you could do is RDP over the VPN and then run a scanner from a machine inside of your network. There also are various network management systems with agents that you set up to run inside of your network which then can report that information out to whatever management platform but that's probably beyond the scope of what you're trying to do.
This.

Any network scanner will be limited to the subnet it's located in unless you give tell it a specific range of hosts with the subnet. That's because broadcast traffic that network scanners rely on can't cross broadcast domains (e.g. subnets).

nmap is probably the best known tool for this.
 
Last edited:

alastairstevenson

Staff member
Joined
Oct 28, 2014
Messages
15,930
Reaction score
6,778
Location
Scotland
nmap is probably the best known tool for this.
Yes, nmap is a directed scanner, doesn't rely on broadcasts and will work across domains where there is routing or NAT capability.


Example :
Code:
nmap www.microsoft.com
Starting Nmap 7.80 ( https://nmap.org ) at 2021-09-30 22:07 BST
Nmap scan report for www.microsoft.com (104.95.181.163)
Host is up (0.019s latency).
Other addresses for www.microsoft.com (not scanned): 2a02:26f0:6000:388::356e 2a02:26f0:6000:39d::356e
rDNS record for 104.95.181.163: a104-95-181-163.deploy.static.akamaitechnologies.com
Not shown: 998 filtered ports
PORT    STATE SERVICE
80/tcp  open  http
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 7.65 seconds
 

user8963

Known around here
Joined
Nov 26, 2018
Messages
1,465
Reaction score
2,315
Location
Christmas Island
nmap -sn 192.168.0.0/24

which is really fast ... but fing is not using this method.
nmap -sn fails to find all network devices ;) ...

fing uses multicast dns lookup...

nmap --script=broadcast-dns-service-discovery 192.168.0.0/24

should find all devices !
 
Last edited:

llarsx

Getting the hang of it
Joined
May 7, 2018
Messages
215
Reaction score
17
nmap -sn 192.168.0.0/24

which is really fast ... but fing is not using this method.
nmap -sn fails to find all network devices ;) ...

fing uses multicast dns lookup...

nmap --script=broadcast-dns-service-discovery 192.168.0.0/24

should find all devices !
Thanks. Is "nmap --script=broadcast-dns-service-discovery 192.168.0.0/24" the exact program line or should "script" be replaced by a script.
 

user8963

Known around here
Joined
Nov 26, 2018
Messages
1,465
Reaction score
2,315
Location
Christmas Island
the script is build into nmap on windows... its just the command which you paste ..

-sn dont show you devices which have disabled ping answer, so they only can be seen if you trick them ;)
but i dont think it is working over VPN
 
Last edited:

llarsx

Getting the hang of it
Joined
May 7, 2018
Messages
215
Reaction score
17

llarsx

Getting the hang of it
Joined
May 7, 2018
Messages
215
Reaction score
17
My case is to check active and passive devices via OpenVPN to my summer house about 500 km away. There I also have a couple of ubnt nanobeams for wifi to nearby cottages - as subnet to the main net in my summer house. As mentioned before, the setting in my local asuswrt merlin router show me any live (active) units even on the subnets - everything via VPN, but not the passive.
When I am there locally I use Fing and can see every passive units which don't show in the router.
Learning a lot now here in this thread, I suppose nmap can give me much better control. Thanks for intro and info.
 

llarsx

Getting the hang of it
Joined
May 7, 2018
Messages
215
Reaction score
17
Just finished all the possible commands in nmap (all I found). It worked OK, found TCP and UDP, ports etc., but sad to say, not what I am looking for - the "passiv" units like Deltaco and Verisure power sockets etc.

Any more suggestions?
 

toastie

Getting comfortable
Joined
Sep 30, 2018
Messages
254
Reaction score
82
Location
UK
Thanks for starting this thread and others. I checked on my Ubuntu PC running nmap and a couple of my Dahua cameras were DNS active, though probably not a security issue because they are on my camera sub-net. I went back over the settings for the two cameras and they are now clean. I'm not really sure how things like bonjour and other things came to be back on, perhaps after firmware upgrades.
 

alastairstevenson

Staff member
Joined
Oct 28, 2014
Messages
15,930
Reaction score
6,778
Location
Scotland
sad to say, not what I am looking for - the "passiv" units like Deltaco and Verisure power sockets etc.
I'm probably being a bit dumb - but I don't understand what you mean by 'passive' units.
Can you explain?

Are these devices that don't always have a LAN interface enabled but do so occasionally, such that a router will have added it to the list of historically known devices?
 

llarsx

Getting the hang of it
Joined
May 7, 2018
Messages
215
Reaction score
17
I'm probably being a bit dumb - but I don't understand what you mean by 'passive' units.
Can you explain?

Are these devices that don't always have a LAN interface enabled but do so occasionally, such that a router will have added it to the list of historically known devices?
"Passive" are units like Deltaco power unit. Those can be placed between a heater, outdoor lightning, a cleaning robot or simular. They appair i the deltaco app on mobil even if they is shut down, but not in the asus router. But fing find them even if the are "off". Verisure power units are quite simular as I only can reach them through the verisure app. As some of these units (cleaning robot etc.) are important, I like to check or stop them now and then.

I just discover something on my asus router at home. The client list is 11, but clicking on it I only get 8 units. Some units don't show. Choosing Client List give me 8. It seems that the difference is my internet radio connected to a wifi extender and verisure home station connected to another wifi extender. Fing found all 11 and 3 "passive" too.
 
Top