Finding the intermediate hops en route to internet from behind VPN

0

I'm new to this.

I'm doing an audit for a network, and will be drawing a network diagram for it.

I have got the IP address list using nmap scan, I can see about 5 networks.

The issue I'm facing is that I can't see my immediate ly connected router.

I tried tracert, and I get the first hop as an APIPA address, the second IP I believe is the ISP address.

I'm remotely doing this from behind a VPN, if that helps.

Could someone clarify where I'm going wrong, or what I might not be understanding.

Thank You

Huud Rych

Posted 2019-03-07T09:17:51.873

Reputation: 25

Answers

1

To find this out, determine the IP address of the VPN endpoint (you can look in the config file or go to whatismyaddress.com or similar) then disconnect the VPN and do a traceroute/mtr and it will show how the hops to that endpoint.

Alternatively if you know the non-vpn IP address and can find a test server on the same network (and with the same routing policies) as your vpn box, you can traceroute back from that System to your non-vpn IP address, which will show the path traffic returns on. Note the incoming and outgoing paths could be different and the IP addresses you see will be different in each direction - but very broadly speaking this will typically shiw the providers and links veing traversed.

davidgo

Posted 2019-03-07T09:17:51.873

Reputation: 49 152

Thanks, can I know if it would it be possible to know the gateway of each subnet with being a client in the subnet.. – Huud Rych – 2019-03-08T21:04:41.007

I do not understand your comment. – davidgo – 2019-03-08T21:08:37.747

Sorry, what I wanted to know was is it possible using nmap or any other tool to know what the gateway address of each subnet is, without being part of that subnet, for example, currently I can know only my gateway address, I cannot know what the IP address of the next subnet gateway is, I tried nmap, it does show the IP address but does not identify if the IP is a gateway.. – Huud Rych – 2019-03-08T21:22:25.897

When using any variant of MTR or traceroute from your computer, each address (except the last one) which shows up is the gateway address. – davidgo – 2019-03-08T21:25:38.507

A gateway us an address associated with the router that traffic goes through. By manipulating the TTL value.of packets, mtr/traceroute get the router en-route to the destination to reply. This reply comes from the gateway. – davidgo – 2019-03-08T21:28:06.313

OK, here is a different question asking the same thing, so I have access to a network with 1 exit gateway router to ISP, internally I have multiple subnet routers interfaces, now each subnet has a router interface that connects to the gateway. I am willing to know both the subnet router interface address and the exit gateway address, can I achieve this without being changing subnets.. – Huud Rych – 2019-03-08T21:32:03.807

Your.comment does not make sense. "Multiple subnet routers" is gibberish. You might want to ask another question, including a network diagram. I expect the answer will be this is not possible, as I am unaware.of a way to get other gateway details for a router and, because MAC addresses are not included in IP/icmp packets we cant use them to infer data. (Very often MAc addresses on a router will be sequential, and usually the first 3 octets infer the manufacturer) – davidgo – 2019-03-08T21:38:16.103

Sorry that would be subinterfaces on the gateway router for inter-VLAN traffic, how do I know what each subnet subinterface address on the gateway is.. – Huud Rych – 2019-03-08T21:50:15.740

As per my last comment - you dont – davidgo – 2019-03-08T21:54:17.577

You could log onto the router and list them. – davidgo – 2019-03-08T21:54:44.850

Much appreciate your assistance, I believe I get the picture.. – Huud Rych – 2019-03-08T21:55:28.463

Asked: 2019-03-07T09:17:51.873

Viewed: 48 times

Active: 2019-03-07T18:12:50.097