nmap says 0 hosts up even though I can ping

I'm running Metasploit from Win 7 x64, and I've set up my Metasploitable 2 virtual machine on VMware Player. I can ping Metasploitable's IP address from the Metasploit console, however if I use nmap it says:

Note: Host seems down. If it is really up, but blocking our ping probles, try -Pn

I try it with the -Pn switch, it says

Nmap done: 1 IP address (0 hosts up) scanned in 0.64 seconds

I've disabled my Windows firewall and I'm running Metasploit as admin. Why can't I nmap my virtual machine?

Solution 1:

Using sudo often fixes it: sudo nmap [options]

Nmap needs root to construct raw packets (it doesn't rely on the system's ping binary for pinging, but it also does a lot of other custom packet crafting). When Nmap is allowed this raw capability, a ping scan works as expected.

Protip: sudo !! repeats the last command as root (the !! stands for "last command").

Solution 2:

If you are using an older (version 6.00 or 6.01) version of Nmap, this may be related to a known bug. Try running with --unprivileged, which will break some features of Nmap, but ought to work for port scanning. Alternatively, use the output of nmap --iflist to identify the interface name (e.g. eth1) that should be used for the scan, and pass it to Nmap with the -e flag, like so: nmap -e eth1 --other --args targets

Of course the best solution is to upgrade to an unaffected version of Nmap with the latest improvements.

Solution 3:

I had the exact same problem in my Windows 7 Enterprise x86.

When I added the -e option as bonsaiviking explained, it works well, though too slow. Additionally, I found it happens when your PC has multiple network adapters such as VM network (VMware Network Adapter VMnet8).

After disabling the vm8 adapter it works well without the -e option.