Adding nexpose as a VA source using asset manager , but when testing connection its failed with following error
Error: Command has timed out (ER68)

I selected Rapid7 Nexpose as a VA source , give the IP / Username and Password of nexpose web console administrator and selected weekly schedule

Priority is set to 1 and port is by default set to 3780

Checked network connectivity from SIEM to Nexpose server on port 3780 it is connecting

Timed out??? Maybe check your Nexpose console is up and on port 3780? and verify the ERC can get through to the Nexpose console, check using telnet.

I checked ERC was not whitelisted in nexpose , now its connecting

I have configured to fetch VA data to daily basis but on last retrieval there is none, The time which needs to be set in Daily schedule is the user time of SIEM ?

Hi, 

Would you be able to let me know how to whitelist the ERC IP on Rapid 7? 

TIA.

Thanks for the suggestion, through asset manager VA now i am getting the vulnerability data showing in the vulnerability summary dashboard.

What do you mean add each scanner as a datasource ? previously i added nexpose as a single data source and marked start stop and vulnerability data in nexpose but couldnt get any event in esm and nexpose reciever was marked as incative plus i also tried tcpdump from esc/erc to the nexpose server and there was incoming data but it was not visible in esm

Start/stop of scans events  come from the server that the Nexpose console is installed on.  Vulnerability events will come from the Nexpose scanners configured for the site scan so you have add each external scanner as a datasource if you want to see vulnerability data as events.  If you aren't using external scanners then the one datasource is enough.

For fetching VA data, I had large scans that were timing out before all of the results were downloaded.  I had to change the timeout value in /etc/NitroGuard/vathirdparty.conf on the receiver to fix the problem.