Proxy Settings

Configure Proxy Settings

You can configure a Tenable Nessus Agent to connect to its manager (Tenable Nessus Manager or Tenable Vulnerability Management) via a proxy in one of the following ways:

• During initial installation and linking.

  For more information, see the linking command proxy settings in Tenable Nessus Agent CLI Commands .

• After you have installed and linked.

  After initial linking, you can configure a proxy or change existing proxy settings via the command line. For more information, see Tenable Nessus Agent Secure Settings.

Proxy Connection Fallback

If an agent is using a proxy to connect to its manager, there is a built-in proxy fallback in case of a connection failure.

The automatic fallback process happens as follows:

1. If the agent is unable to access its manager through the proxy, and fails three times in a row, the agent tries connecting directly to the manager.
2. If the agent successfully connects directly to the manager, the agent automatically sets the secure setting ignore_proxy to yes. When you enable this setting, the agent will connect directly to the manager on future attempts, instead of using the proxy.
3. However, if the agent fails to connect directly to the manager 10 times in a row, the agent retries connecting via the proxy again. If the agent successfully connects via the proxy, the agent automatically sets ignore_proxy to no, meaning the agent will connect using the proxy on future attempts.
4. The process repeats as needed, depending on whether the agent fails to connect to the proxy or directly to the manager.

At any point, you can manually change the secure setting ignore_proxy to yes or no to interrupt the automatic fallback process. This forces the agent to attempt to connect either directly or via the proxy, depending on what you set. However, if at any point the agent meets one of the conditions listed above (for example, fails to connect via proxy three times in a row), the automatic fallback process resumes.