how does opnsense block my port scans

Started by DavyBlorBlop, August 14, 2022, 12:30:52 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 14, 2022, 12:30:52 AM
So i have opnsense setup, and a plex media server too. Recently I have enabled my plex server to stream remotely rather then just my local home network. IE if I am outside the home, I can still stream my plex media libraries.

With that enabled I thought why don't I do a nmap scan on my public IP and see if I can see the plex port being used 32400. I can not. Even while the stream the going on.

I also have plans to setup the same for my vscode remote dev too.

Here is my testing setup:
1. leave home, go to local coffee shop and use their wifi.
2. ubuntu 20 laptop with nmap
3. connect to my plex via the publicIP:32400. able to stream.
4. nmap my public IP, and nmap reports all ports are down and host is not up. which is freaking awesome.


But i really thought 32400 would be at least up.

these are my cmds that I have tried:

sudo nmap -sP 32400 publicIP/32
sudo nmap -sV -version-intensity 9 publicIP/32
sudo nmap -sPn publicIP/32
August 16, 2022, 05:34:30 AM #1 Last Edit: August 16, 2022, 05:36:46 AM by axsdenied
It doesn't unless you have a WAN firewall rule blocking the IP the scan is coming from.  If you don't have a port forwarded it won't show.

Another option is that Plex has poked a hole for you via in between servers.
OPNsense 24.7.7 running on:
Dell Optiplex 3050
Intel I5-7600 @ 3.5Ghz (4 Cores)
Intel I350-T4 Nic
8G DDR4
256G SSD
Print
Go Up Pages1
User actions