Agents fail to connect to bootstrap or storage.endpoint during install

We’ve noticed an issue on some agent installs. During the manual process, we get this screen:

Agent_Connectivity

it seems that we can continue past this screen and the agent installs. Our local firewall has full access to *.endpoint.ingress.rapid7.com.

Any suggestions?

Are you performing any kind of SSL or Deep Packet Inspection and have you allowed our traffic to bypass that?

https://docs.rapid7.com/insight-agent/requirements

Also sometime firewalls don’t permit url whitelisting, so that rule may or may not be functioning as intended. We list IP addresses on that page linked above if IP whitelisting is an option.

Also after you install the agent can you see it show up in agent management? It can take some time for it to appear in the console so agent management would be the place to look?

David

No, we do not preform any SSL or Packet inspection.

Are firewalls are set to allow exceptions for *.endpoint…

The agent does eventually show up in the console (InsightVM). Is there any “system features/functionality” that we may be missing without contact to those urls?

We would need to review the agent logs to be sure its not running into any other issues, however if you see the agent in agent management as online (assuming the service and machine are running) with no errors then it should be fine.

David