You are quite correct there is no
NMAP FAQ
There is a lot of information in the support forum however, but I do need to add an up to date FAQ. Will get on to that early next week, time permitting.
Meanwhile, a brief synopsis.
Nmap probes for open ports on network attached devices. It uses various methods to do this, as most firewalls will spot a simple
scan, and put their shields up. So
NMAP uses "...softly softly" tactics to ensure the machines will
report the maximum information. (See the
nmap site for how this works)
You need a copy of
NMAP installed on your machine, either in the scripts folder, or somewhere in your PATH, Alternatively, edit the
nmap script, and point it to your
nmap executable.
Once this is done, you should be able to run the script.
If you want to glean the maximum information about devices, such as guessing the OS and manufacturer, this relies on examining the MAC address of the device, and this information is only available on the local subnet (a limitation of TCP/IP and ethernet, not
NMAP) This is why you need to
scan from a machine attached to the same subnet as the device. MAC info doesn't get passed between routers, only IP info.
You can run from one subnet to another, but your results will be limited.