InsightVM agents getting stop due to unencrypted handshake?

Has anyone else had the issue of trying to deploy insight VM agents in to an AWS environment which is protected by Proxies which don’t allow unencrypted traffic out?

the Insight VM agents send a unencrypted handshake of and expect a rapid7.pong in return in which after that is done, a SSL connected is established. however in this case our proxy is stopping the ping and thus the pong don’t come back and thus no connection is established.

1 Like

Having the same issue. Were you able to find a solution?

Working with the tech team in Rapid 7, we did finally find a solution.

You can put the console from ‘Smart Mode’ into ‘ordered mode’, this is done on the cloud side of things and allows you to order the route the agents go through. The one issue as I understand it, is that you won’t be able to use cloud collectors but if all of your agents are going through the proxy, then that is no issue.

Thanks Matt! We have an open case with Rapid7 now. When switching the modes on the insightvm console, does this change the need to have that plain text “ping” on https successful? Or does it change how rapid7 receives the ping? We will only be using agents and through the proxy. All connection tests pass except for this ping request.

Was just speaking to my engineering team, turning on ordered mode instructs the agent to not try ping-pong at all. The agents will go through the proxy but sometimes attempt to go direct to the cloud which you’ll have to be aware of as it can mess up the log if you don’t expect it.

Thanks again Matt! This fixed the issue for us as well. Support did not even mention the different modes until I brought it up, so thank you.