NMAP through VPN

When I tried to run a scan with NMAP over my VPN connection, I received the following error:

PS C:\> nmap -sP
Starting Nmap 5.21 ( http://nmap.org ) at 2010-11-18 09:35 W. Europe Standard Time
nexthost: Failed to determine dst MAC address for target

Alright… A quick search with Google revealed the following topic: http://seclists.org/nmap-dev/2008/q1/81.

So to get it working, perform the following steps:

  1. Open a console and type
    ipconfig /all

    Then look out for your VPN Adapter. Usually, the description of your adapter contains a line similar to this: “Cisco Systems VPN Adapter for 64-bit Windows”. For the next step, write down the MAC address (“Physical Address”) and the IP address (“IPv4 Address”).

  2. With this information, create a new static ARP entry:
    arp -s <IP> <MAC>


    arp -s 00-00-00-00-00-00

    This will create a static ARP entry for your VPN adapter. Note that creating a static ARP entry can create a whole set of new problems with your network configuration!

Hello world

My name is Simon Krenger, I am a Technical Account Manager (TAM) at Red Hat. I advise our customers in using Kubernetes, Containers, Linux and Open Source.


  1. GitHub
  2. LinkedIn
  3. GitLab