I am currently testing the new version of openvas gvm-libs 10. The goal is to set up a master/slave architecture in which the master will be the central point for centralizing the configuration of all the slaves that will be placed in remote networks and will have to respond to the orders of the gvm master.
I had tried this type of architecture (OMP slave) on the old version of openvas 9 but it didn’t work I couldn’t succeed because OMP couldn’t connect to remote OMPs.
Then I tried with remote scanners this to work but when the scans were too large (subnet /16) it caused scan stops, unmanageable overconsumption of resources and blocking the database again.
Today I am trying my chance again for a new one but I am facing the same problem.
It is impossible on GSA to create a GMP scanner because it automatically switches to port 9391, but when the GMP of the slave is listened to on a GMP port is no longer reachable.
And the openvas master can’t contact the GMP slave with the following error:
on Master :
lib serv:WARNING:2019-04-19 14h24.08 UTC:30884: Failed to connect to server md manage:WARNING:2019-04-19 14h24.08 UTC:30884: slave_connect: failed to open connection to X.X.X.X on 9391
On slave :
md main:WARNING:2019-04-19 18h10.14 utc:1469: main: Main process is already running md main:MESSAGE:2019-04-19 18h10.58 utc:1504: Greenbone Vulnerability Manager version 8.0.0 (DB revision 205) util gpgme:MESSAGE:2019-04-19 18h10.58 utc:1505: Setting GnuPG dir to '/var/lib/gvm/gvmd/gnupg' util gpgme:MESSAGE:2019-04-19 18h10.58 utc:1505: Using OpenPGP engine version '2.0.22' md main:WARNING:2019-04-19 18h13.36 utc:1644: read_from_client_tls: failed to read from client: The TLS connection was non-properly terminated. md main:WARNING:2019-04-19 18h14.01 utc:1656: read_from_client_tls: failed to read from client: The TLS connection was non-properly terminated.
So it is really possible to have a master/slave architecture with openvas. If so, can you help me solve this issue?