AnsweredAssumed Answered

Internal scanner setup, communication not working

Question asked by Alan Geoffrion on Sep 26, 2014


I've been trying to get a virtual appliance up and running for a few days now and am stuck at the personalization step.  The error message is unable to communicate with https://dist01.sjdc01.qualys.com/ .  So far in talking with both Dell and Qualys we have repeatedly been told it is a DNS error.  The problem is that we can do nslookup and ping on the dist01 address and get the IP back, so DNS is working.  The support also suggested we verify firewall rules, and all outbound traffic on port 443 is allowed, the firewall logs show the traffic going out just fine.  My data center team even went so far as to configure a temp VM with the same networking info as the virtual appliance and try to connect using IE, which didn't work, but nslookup/ping did.

 

Yesterday to help try to troubleshoot the problem my network team hooked up two laptops in the datacenter one with Wireshark and the other to generate traffic using IE.  The network team found that when using https the Qualys host is sending a RST packet, ending the communication.  The other odd thing is from our backup datacenter and local offices we can use IE to hit the dist01 site.  Until I saw the RST packet I was convinced it was a network issue on our end, but seeing that makes me think it is on the Qualys side.

 

Has anyone else seen anything like this with thier internal scanner, or have any suggestions?  I've got a case open with Qualys but hoping for a quick resolution.

Outcomes