On-premises Connection Troubleshooting

The RESCAN option is disabled when the on-premises connection is in a "Pending" or "Disconnected" state.

Ensure the on-premises connection status is Connected before rescanning.

Ubuntu 22.04 – Missing libssl.so.1.1 library error, which is required for fortanix-dsm-scanner and fortanix-oracle-scanner to run.

Ensure the following dependencies are installed:

wget http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2_amd64.deb
dpkg -i libssl1.1_1.1.1f-1ubuntu2_amd64.deb
apt-get install -f

Ubuntu 24.04 – Missing libaio.so.1 library error, which is required for fortanix-oracle-scanner and fortanix-scanner to run.

Ensure the following dependencies are installed:

apt-get update
apt-get install libaio-dev -y
ln -s /lib/x86_64-linux-gnu/libaio.so.1t64 /lib/x86_64-linux-gnu/libaio.so.1

RHEL 9 – Missing libssl.so.1.1 library error, which is required for fortanix-dsm-scanner and fortanix-oracle-scanner to run.

Ensure the following dependencies are installed:

wget https://yum.oracle.com/repo/OracleLinux/OL9/appstream/x86_64/getPackage/compat-openssl11-1.1.1k-3.el9.x86_64.rpm
dnf install ./compat-openssl11-1.1.1k-3.el9.x86_64.rpm -y

File System and Network Scanner Agent fails with the error:

"Error in perform_local_fs_scan(): SinkError { message:perform_local_fs_scan(): Sink error while scanning filesystem", cause: AccumulatorClientError { message: Couldn't register a new scan, cause: ReqwestError { message:Error registering new scan: RegisterNewScanRequest { agent_group_id: 243fe2af-3daa-4f88-901f-83d0e460d7cf, agent_host_info: HostInfo { id: \\"09465eca9e7140e9b1ec9d06f154e7f6\\\", hostname: \\\"sandeep-ThinkPad-P14s-Gen-4\\\", ips: [\\\"xxx.xx.x.x\\\", \\\" xxx.xx.x.x \\\", \\\"172.23.0.1\\\", \\\" xxx.xx.x.x \\\", \\\" xxx.xx.x.x \\\", \\\" xxx.xx.x.xx\\\"], os_string: \\\"Ubuntu 24.4.0\\\" } } ==> 'http:// xxx.xx.x.x:xxxx/v1/register_new_scan'\", cause: reqwest::Error { kind: Request, url:"http:// xxx.xx.x.x:xxxx /v1/register_new_scan”, source: hyper_util::client::legacy::Error(Connect, ConnectError(\"tcp connect error\", Os { code: 111, kind: “Connection Refused” })) } } } }"

Ensure the Fortanix On-premises Scanner is running before starting the File System Scanner Agent (Windows) or File System and Network Scanner Agent (Linux).

On a Windows Server 2019 SQL Virtual Machine (VM), running FortanixFsScanner.exe failed with an “Access is denied” error due to a corrupted zero-byte executable (FortanixFsScanner.exe was 0 KB in size).

Uninstall and reinstall the File System Scanner Agent and run it from an elevated (Administrator) terminal.

The File System Scanner Agent failed with “Couldn't register a new scan … tcp connect error … connection timed out” because it could not reach the Fortanix On-premises Scanner at the configured host or port.

• Configure inbound rules on the on-premises Virtual Machine (VM), allowing traffic from the File System Scanner Agent VM.

• Validate connectivity before running the File System Scanner Agent:

  • On Linux (Fortanix On-premises Scanner):

    nc -l -p <PORT>  
    # or  
    iperf3 -s -p <PORT>

    Here, replace <PORT> with the value configured for the Fortanix On-premises Scanner (fortanix-scanner). For example, 8080 or 1443.

  • On Windows (File System Scanner Agent):  

    Test-NetConnection <ONPREM_IP> -Port <PORT>
    #or
    ncat <ONPREM_IP> <PORT>
    iperf3 -c <ONPREM_IP> -p <PORT>

    Here, replace <ONPREM_IP> with the IP address of the Fortanix On-premises Scanner (fortanix-scanner) and <PORT> with the value configured for the Fortanix On-premises Scanner. For example, 8080 or 1443.

The container image scan fails with the following error because the Docker daemon is not installed or not running:

{level=info msg=\"try to fetch image daemon:hello-world:latest ...\"","timestamp":"2025-12-10 07:23:09.560"} {"level":"INFO","message":"time=\"2025-12-10T12:53:09+05:30\" level=error msg=\"could not fetch image: unable to detect input for 'hello-world:latest', errs: docker not available: failed to connect to Docker daemon. Ensure Docker is running and accessible\\npodman not available: no host address\\ncontainerd not available: no grpc connection or services is available: unavailable\"",}

Perform the following steps:

1. Ensure Docker is installed on the host machine where the Fortanix On-premises Scanner is running.

2. Ensure the Docker service is running before initiating any scans:

   • Linux - Run the following command:

     sudo systemctl start docker

   • Windows - Start the Docker Desktop application or enable the Docker Engine service.

3. Verify that the Fortanix On-premises Scanner can access the Docker socket:

   • Linux (default) - unix:///var/run/docker.sock

   • Windows (default) - npipe:////./pipe/docker_engine

4. After Docker is running and accessible, rerun the Fortanix On-premises Scanner for container image scan.

The Fortanix On-premises Scanner displays the error: {"connection":"bbc57939-c376-466b-b7fb-5f7072e1fa86","error":"....... cause: Os { code: 13, kind: PermissionDenied, message: \"Permission denied\" } }","level":"ERROR","message":"Unable to start onprem infra scanner heartbeats","timestamp":"2026-04-27 09:47:40.984"}.

Change the permissions to allow the Fortanix user or group to access the specified files and directories.