Hi, I have been using the scanner in our network across Ipsec VPN tunnel to scan branch locations, and it has been working for a while. Recently the MAC address information stopped working well. A few are still reported, but most are not.
My co-workers were using Angry IP scanner and noticed that it does not report the MAC, Hostname, or NetBios info. The Softperfect Scanner can still get the hostname and comment for most. Does anyone know what may be happening and what is not working?
Generally there are 3 ways the scanner uses to determine target MAC addresses:
The ARP works well in a LAN subnet, but is not usually transmitted over a VPN link. You can try ticking the Allow ARP outside current subnet option in the scanner, though granted Angry IP scanner did not work, this wouldn't work either.
The NetBios request is a regular UDP packet that works in VPN, however it will only resolve the MAC address on the devices that implement this protocol. This is what gives you some MAC addresses.
The Router SNMP MIB query works by querying router's iso.org.dod.internet.mgmt.mib-2.at.atTable or iso.org.dod.internet.mgmt.mib-2.IPList.ipNetToMediaTable for IP-to-MAC-address mappings. This method is off by default and can be configured if your router has this information.
My best guess to answer the question is that for some reason the ARP requests or responses are not sent through the VPN link. This could be because of the option mentioned above, a firewall or a change in configuration of the VPN link.