Unable to connect NX Witness to the cloud
Answered
I recently updated NX Witness to version 5.0.0.35064 by creating a new docker container based on the examples provided. I didn't have any issues connecting v4 to Nx Cloud, but v5 is refusing to connect.
When using NX Witness Client, I am getting the error message "Failed to connect System to Nx Cloud. None of your systems is connected to the internet". When using the browser interface, I get redirected to nxvms.com where I can provide my NX Cloud password, I get redirected back to my own system where I have to provide my local password, but pressing 'Connect' keeps the password dialog on screen without connecting.
The docker container doesn't appear to have any internet issues. All my tests (ping, wget and so on) work without any issues. The previous v4 release didn't have any problems as well. The "Sync time with the internet" seems to be having the same issue, it gives a "No internet connection" error.
Any idea how to connect to Nx Cloud again? How to convince NX Witness that there is an internet connection?
-
Hi maarten,
Can you please disconnect the docker and make sure the HTTPS connection has been allowed to your docker? On v5.0, the secure connection has been improved, so likely there would be some connections were not able to be passed through.
Can you try to clean up your browser cache and browse history and try again? Or if you use the incognito tab to check the webAdmin, will the issue persist?
If the issue persist, can you help to record your screen to show the exact screen/procedure of your issue for us?
Thanks.
0 -
Hi Ichiro, thanks for your response!
My NX Witness Server is using the SSL certificate that was installed during installation, issued to "NX Witness", and in the browser I have to manually accept that certificate first. Does v5.0 require a valid certificate to connect to the cloud?
I tried clearing browser cache and incognito tab, but that does not work as well.
What is confusing is that I login with my admin username and password, I am using my e-mail address and the nxvms.com password for nxvms.com, but after returning from nxvms.com it asks a password for 'Maarten' which is my name but it does not match the local user or nxvms.com user, and at the moment such user does not exist. I don't know why it shows my name as login, and I am unable to change it as this username field is read only. What user should this be?
0 -
Hello Ichiro,
We have a similar, maybe the same problem as maarten.
We have updated the server and local client to 5.0.0.35064 and since then with the mobile devices no access via NX cloud. The server is connected to the associated cloud account. The server is a physical Windows PC - so no Docker container or other VM.
Unfortunately, trying to log off and log back on to the server in the cloud did not solve the problem.
Translated with www.DeepL.com/Translator (free version)
0 -
I installed a valid Sectigo SSL certificate on my server, but unfortunately this didn't fix my issue. Still the same problem...
0 -
i have the same problem, tried disconecting and reconecting to NX cloud, this also did not work.
localy it works on the clients and mobile.
only external does not work
0 -
I tried 5.0.0.35136 but it has the same issue.
0 -
detach and reconnect NXwitness server to cloud did also not resolve the issue.i see the folowing erros in my log viewer on my sophos firewall
0 -
Hi Freddy Hoogeveen,
Did you add the Sophos Firewall certificate to the clients?
0 -
i did add the certificate to the server, and i also dont use hhtps scanning
still does not work
0 -
I have resolved my issue! It took me a lot of hours, but it is indeed a more strict checking of the certificates by NX Witness. I had no issue with version 4, but version 5 apparently requires the ca-certificates package to be installed. I spotted some errors in the log file on some Amazon certificates, and after fixing this I was able to connect to the cloud again.
In my Dockerfile I added both wget (for testing) and the ca-certificates package installation:
RUN apt update \
&& apt upgrade -y \
&& apt install -y iputils-ping wget ca-certificates curl0 -
Hi Freddy Hoogeveen,
The Firewall certificate needs to be added to the clients.
Please check the Install the Certificate in the local computer’s Trusted Root Authority container section of the instructions I shared with you before.
0 -
Hi Norman
i did also fix the issue, but not with a certificate.
i did connect the server trough a 5g router and then it worked, when i did switch back to the normal internet conection with the sophos firewall it did work again.
donk know the exact thing that resolved it.
mayby you can clarify
0 -
Hi Freddy Hoogeveen,
By connecting through the 5G router the certificate was renewed, but please note that once you remove the 5G connection and all communication passes through the firewall, the issue will reoccur when the certificate gets void after X period of time. The better solution is to add the firewall certificate to the clients.
0 -
after removing the 5G router it did work fine.
inporting the firewall certificate to the clients did not help before the 5g router
0 -
I also had this issue on a Server running Windows Server 2019. The Internet on Site is Starlink, and the solution i found was to disable IPv6. Once that was done and restarting the service, it connected to cloud right away.
0
Please sign in to leave a comment.
Comments
15 comments