1

I have nessus professional 8.14.0 installed on a server, which is attached to the network, 3 esxi 6.7 hosts and 1 vcenter servers.

Nessus Server (192.168.1.21)

vCenter Server (192.168.1.9)

ESXi Host 1 (192.168.1.10)

ESXi Host 2 (192.168.1.11)

ESXi Host 3 (192.168.1.12)

If I run a scan with just host 1 (192.168.1.10) in the targets.

Warning

Possible Reasons :

  • VMware vSphere Username/Password were not supplied.
  • Unable to authenticate with the VMware vCenter server on port 443.

If I run a scan with just host 1 (192.168.1.10) and vCenter (192.168.1.9) in the targets.

On host vCenter server I get about 68 warnings.

On host 1 I get:

Possible Reasons :

  • VMware vSphere Username/Password were not supplied.
  • Unable to authenticate with the VMware vCenter server on port 443.

The complicanse file I am using is "cis vmware esxi 6.7 v1.1.0 level 2" or "cis vmware esxi 6.7 v1.1.0 level 1"

Settings:

Target: 192.168.1.9, 192.168.1.10 or just 192.168.1.10

VMWare vCenter SOAP API:

enter image description here

enter image description here

I have also tried the bare metal scans, which ask for ssh creds, however the Credentials scans = No, which will not do.

Any suggestions on what I am missing?

I have double checked and tripple check the password,

From the nessus host I can telnet to vCenter and Host 1 on port 443.

How do I test the SOAP API access? I have googled to the end of google and cannot find out how this is done.

James Connigan
  • 137
  • 2
  • 13
  • I don't understand the question. Are you asking why Nessus is failing to scan your VMware estate or are you asking how to scan your VMware estate with Nessus? – joeqwerty Apr 29 '21 at 21:56
  • @joeqwerty I am asking how to scan your VMware estate with Nessus, the setup I have should be working, so I guess I am also asking the other question as well, why Nessus is failing to scan your VMware estate. – James Connigan Apr 30 '21 at 02:59

0 Answers0