Greenbone 4.2.24 fresh install, can't see Internet


#1

Completely baffled here. I cannot get GCE to see outside my local LAN. Installed from the ISO downloaded a couple hours ago on my vmware host. Otherwise networking works fine. This is just my home LAN, nothing terribly complex, though I do have a barracuda firewall that lets me see traffic in realtime, so fancier than most home networks.

I can try and ping 8.8.8.8 for example, I see the traffic hit my firewall (not blocked), and that’s it. GCE shell reports 100% packet loss.

My feed updates fail because it cannot reach the feed server. If i use google’s 8.8.8.8 DNS, it can’t even resolve gl.greenbone.net, or anything else. if I point it to an internal DNS server, DNS works, but the subsequent actual feed download fails.Likewise, if I start a feed update, I see hits on TCP 873, but no actual traffic.

yes, I’m in the shell and I know that’s frowned upon, but I’m really at a loss here.

It’s acting like my default gateway is wrong, but with the traffic being seeing by the firewall, clearly it is not.

Oddly enough, I’m seeing some of the same nonesense on my install of GCE at work, I thought I had my IPS settings botched up on my firewall, but now I think something else is going on. The same appliance which previously scanned hosts on the Internet successfully, now fails completely.

Looking at the box I just setup, I see in the performance graphs a period of a few minutes of ~1.7 Mb/s network RX. So clearly during the initial install it was able to get to the Internet, but nothing since.

if it matters, this is on vmware 6.5, with a E1000 vnic.


#2

Replying to myself because I think I have an answer.

Yes, from the shell, you can’t ping anything. I’m sure someone thought that was a good idea, it seems to work better in older 4.1 release.

But the real problem for me was a lack of memory. I used the documented 2 GB, but when watching the logs with journalctl -f I saw a critical failure with an out of memory error during a feed update. Adding memory after the VM is already built only seems partially effective?? I went from 2 to 6 GB, but the performance charts and top only shows 3 GB total. But a fresh install with 6GB of memory already in the VM seems to work properly.

So while my scans before were running, everything was only showing as a log item, because my feeds were all corrupt.

So if it helps anyone, add memory.


#3

Hi,

i did a fresh installation of the GCE 4.2.24 using VirtualBox 5.2.22 using 2GB of RAM and with NAT networking a few days ago (Virtual Appliance v4.2.24 all scans fail). Booting this VM today and going to the shell a ping 8.8.8.8 was successful:

admin@gsm:~$ ping -c 3 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=63 time=12.625 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=63 time=11.862 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=63 time=12.528 ms
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 11.862/12.338/12.625/0.339 ms