Nessus server does not appear to be operational
- Verify in the SecurityCenter UI that the Nessus scanner appears as “Unable to Connect” under “Status”.
- SSH to the remote Nessus host to make sure the underlying operating system is operational.
Confirm that the Nessus daemon is running (Linux example below):
# service nessusd status
nessusd (pid 3853) is running...
If the Nessus service is not running, start the service:
# service nessusd start
Starting Nessus services:
# ps -ef | grep nessusd
root 8201 8200 60 11:41 pts/2 00:00:05 nessusd –q
root 8206 7842 0 11:41 pts/2 00:00:00 grep nessusd
Cannot add a Nessus server
- Make sure the Nessus daemon was registered using the SecurityCenter option for registration.
- Check connectivity by telnetting from the SecurityCenter to the Nessus system on port 443. If successful, the response will include: Escape character is '^]'.
Nessus scans fail to complete
- Ensure that the Nessus service is running on the Nessus host.
- Ensure that Nessus scanner is listed in SecurityCenter under “Resources” and “Nessus Scanners” and that the status of the Nessus scanner is listed as “Working”. Click “Edit” to ensure that the IP address or hostname, port, username, password, and selected repositories for the Nessus scanner are all correct. Edit any incorrect entries to their correct state and click “Submit” to attempt to reinitialize the Nessus scanning interface.
- Right click the scan results and click “Scan Details” to obtain a more detailed description of the error. If the scan details indicate a “Blocking” error, this is indicative of a license IP count that has reached the limit. Either remove a repository to free up IP addresses or obtain a license for more IP addresses.
- Ensure that scan targets are permitted within the configured scan zones.
Nessus plugins fail to update
- Under “System”, “Configuration”, “License” in SecurityCenter, ensure that the Nessus Activation Code is marked as “Valid”.
- Ensure that the user used to connect to the Nessus server is configured as an ‘admin’ class user.
- Ensure that the SecurityCenter system is allowed outbound HTTPS connectivity to the Nessus Plugin Update Site. If it is not, refer to the Nessus 6.x Installation and Configuration Guide for information on offline plugin updates.
- Under “System”, “Configuration”, and “Update” in SecurityCenter, ensure that Active Plugins is not set to “Never”. Manually test a plugin update under “Plugins” with “Update Plugins”. If successful, the line “Active Plugins Last Updated” will update to the current date and time.
- For all other Nessus plugin update issues, contact Tenable Support at firstname.lastname@example.org.