Hi. I have a basic OPNsense setup, with a LAN interface for my Desktop, and a Wifi interface that has my AP. When I connect to a VPN and run a nmap scan on my public IP, it shows that all my ports are open? Is this normal or is there something critically wrong with my setup?
I am a noob to OPNsense, any help is appreciated.
My Firewall log gets spammed with the default deny rule from the VPN IP, then the port when I do a nmap scan, which makes me feel a bit more comfortable.
Why does nmap say ALL my ports are open though?
If you connect from inside which LAN or VPN would imply your WAN rules are not executed, because they do not need to be executed because you are accessing WAN from the inside as opposed to the outside where the rules do work. ;)
Cheers,
Franco
I still don't understand.. I am connecting through a ProtonVPN server connected from a different country. So I am connecting from outside
A VPN tunnels a connection from the outside to the inside where your traffic including port scan will originate.
Cheers,
Franco
As mentioned, all you're doing is scanning your network from within your network. To get a true result, create a Linux instance on a cloud provider like Linode and then scan your public IP from there.
you can also use Shields up to test open ports
https://www.grc.com/x/ne.dll?bh0bkyd2