Many of the configuration changes that are made via the Appliance web interface will not take effect until the corresponding service is restarted. For example, changing the XMLRPC port used by PVS from “8835” to another port will modify the configuration file; however, the “Restart PVS” button on the same page must first be clicked before the changes take effect (even though the page does not explicitly say a restart is required). This applies to most application-specific configuration items and is good practice when making configuration changes on the Tenable Appliance.
The Tenable Appliance configuration procedure is similar for both the VM and hardware appliances. The console screen enables you to display information about the appliance, configure a static IPv4 or IPv6 address, ping an IP address or hostname, revert to factory defaults (hardware appliance only), and shutdown/restart the appliance. All other functions are performed through the web browser interface.
When the Tenable VM Appliance is first booted, the system will attempt to obtain an IP address via DHCP. When the Tenable Hardware Appliance is first booted, a static IP address of 192.168.168.21 is configured by default. If you want to change this IP address via the web interface, follow the directions in the “Interfaces” section.
If an IPv4 or IPv6 address is configured from the console using the “Configure IP Address” option, the appropriate IP Address, Netmask or Prefix, and Gateway addresses must be known to properly configure the settings. A DNS server is required only if further configuration of the networking will not be performed via the web interface. Once entered, you will be asked to confirm your entries. Selecting the default of ‘N’ will abort the changes, while ‘y’ will accept the changes. This applies the settings to the NIC 1 (NIC 5 for Series 300) interface and will set the listening port for the appliance interface to the default of 8000. Only an IPv4 or IPv6 address may be configured at the console for connecting to the appliance. More detailed configurations must be made from the web interface.
To confirm that the correct IP address was set, use the arrow keys to highlight “Appliance Information” and press the “Enter” key. This will display information similar to the following:
If the console display becomes unreadable for any reason (e.g., diagnostic or log messages), use Ctrl-L (hold down “Ctrl” while pressing the “L” key) to refresh.
Using a web browser, enter the URL displayed under “Appliance Information”. For example, the URL in the example above for IPv4 is “https://192.168.133.136:8000/” and IPv6 is https://[fe80::20c:29ff:fe29:9147]:8000/. Note that when using a link-local IPv6 address the NIC identifier must be used at the end of the IPv6 address.
By default, the appliance uses a self-signed SSL certificate that may display a warning in your web browser indicating “the site’s security certificate was not issued by a trusted Certificate Authority (CA)”. During the initial installation, such errors may safely be ignored. You will be able to upload a custom certificate during configuration later. See the “Administration Tab” section for details on how to perform this action.
Once the administrative web interface is loaded, a license screen will be displayed as shown below:
Please be sure to read all the information in the License Agreement before proceeding with the installation. A text or PDF version of the license can be downloaded and saved, if desired.
Click on the “Accept License Agreement” button to proceed with the installation, or the “Shutdown” button to shut down the appliance without accepting the license.