Tenable connector connection failing

Scorpion81
Mega Expert

Hello,  We are using Tenable Module of Vulnerability Response in our SNOW instance.  There is an APP called tenable connector that needs to be setup as a pre-requsite.  We have a MID-server as well.

The MID-server is unable to connect to the Tenable Security Center host even though we have allowed Port 443 and the username/pwd are configured correctly.  How can i further troubleshoot what is causing the connection to fail ?

 

find_real_file.png

1 ACCEPTED SOLUTION

Scorpion81
Mega Expert

Hi All,  this has been resolved. Please ensure to put https:// when entering the name/ip in the "Address" field of Tenable.sc  . The documentation does not mention this .  After changing to https://<ip-add> it worked for us.  Ensure port 443 is open though as a pre-requisite.

View solution in original post

7 REPLIES 7

I would recommend verifying that the MID Server is able to connect to the Tenable.sc host. Typically the MID server needs to be in the same subnet as the Tenable host, and I have even put it on the same server in the past. You may also need to open additional ports, as I believe Tenable uses 8835 as a default communication port. See the Tenable documentation for more information on ports, as you may be using different ones: https://community.tenable.com/s/article/What-ports-are-required-for-Tenable-products 

The ECC queue may also be able to provide some more detailed information about the error. 

Hi @Weston Wilson , Apparently Tenable documentation for SNOW mentions only port 443 as required to be opened between the MID Server and T.SC instance.   This is because T.SC only uses 443 https for accessing its GUI.  THe nessus scanners in turn use 8834 however, they r not involved in SNOW integration directly.

I am still stuck on this error and have no clue why its happening.

Scorpion81
Mega Expert

Hi All,  this has been resolved. Please ensure to put https:// when entering the name/ip in the "Address" field of Tenable.sc  . The documentation does not mention this .  After changing to https://<ip-add> it worked for us.  Ensure port 443 is open though as a pre-requisite.