We’ve noticed an issue on some agent installs. During the manual process, we get this screen:
it seems that we can continue past this screen and the agent installs. Our local firewall has full access to *.endpoint.ingress.rapid7.com.
Are you performing any kind of SSL or Deep Packet Inspection and have you allowed our traffic to bypass that?
Also sometime firewalls don’t permit url whitelisting, so that rule may or may not be functioning as intended. We list IP addresses on that page linked above if IP whitelisting is an option.
Also after you install the agent can you see it show up in agent management? It can take some time for it to appear in the console so agent management would be the place to look?
No, we do not preform any SSL or Packet inspection.
Are firewalls are set to allow exceptions for *.endpoint…
The agent does eventually show up in the console (InsightVM). Is there any “system features/functionality” that we may be missing without contact to those urls?
We would need to review the agent logs to be sure its not running into any other issues, however if you see the agent in agent management as online (assuming the service and machine are running) with no errors then it should be fine.