Checklist when Vex cannot acquire proxy logs

Go to the next one.

Make sure that the target site is properly running, and that the IP address is not restricted in your testing environment.

Go to "Target information" > "Detail settings", and specify "Upstream proxy server" before accessing the target, if it has not been specified.

[Related article] Is it possible to run Vex through an internal proxy server?

Go to the next one.

If you use a web browser's automatic configuration script (Proxy Auto Configuration - PAC), check the distributed destination proxy server, and go to "Target information" > "Detailed settings" to specify "Upstream proxy server".

[Related article]Is it possible to run Vex through an internal proxy server?

Also, be sure to uncheck "Use automatic configuration script" in the "Proxy Settings" on your browser.

For more details, see Quick Start "3.3 Browser Setting".

Go to the next one.

Review the "Proxy Settings" of your web browser and make sure there are no errors in the settings.

For more details, see Quick Start "3.3 Browser Setting".

go to the next one.

You may not have a scanning project open. If the scanning project is not open, the port assigned to the Vex user will not be valid. Make sure that you have the scanning project open when you record a proxy log. 

When this error message appears while you have the scanning project open, the access destination on the browser and the target information specified in Vex scanning project may be different.
Follow the steps below to confirm that the URL to be accessed and the target information are the same.

<Steps>
1.Check the URL to be accessed
See the address bar of your browser to make sure that the URL to be accessed is correct.

2.Check the Target information
Select "Settings" in the common header, and click "Edit target information" to check if the target information host is specified correctly.

For example, if the target URL is "http://www.example.com/index.html", specify "http"://"www.example.com":80" as the setting value.

Go to the next one.

"Excluded access path" setting limits the access. Make sure that the setting is correct.

Go to the next one.

Go to the next one.

Click "Enable logging" on the upper left of Vex screen to enable the logging.

 [Ex] When Javascript is dynamically changing the display information on the client-side browser.
→ Even when a screen changes, no communication with the web server occurs. Therefore a proxy log is not recorded.

Go to the next one.

Go to "Target information" > "Detail settings" and specify "Client certification", if it has not been specified, before accessing the target.

[Related article]Settings for scanning a site using a client certificate

Go to the next one.

Go to "Target information">"Detail settings" and specify the authentication information in the relevant fields if it has not been specified.

For more details, see User Guide "4.1.2.2 Target information" 

Go to the next one.

When the target site  implement HTTP Strict Transport Security (HSTS), the SSL certificate checker on the browser blocks the communication via Vex. If you have not specified "Vex CA certificate" on the browser for operating the target, be sure to specify it before accessing it.

[Related article] Presetting for scanning a target using HTTPS communication

Go to the next one.

Go to "Target information" > "Detail Settings" and disable the "Server Name Indication (SNI)" before accessing the site.
*The default setting is "Enabled".

For more details, see User's Guide "4.1.2.2 Target information".

Go to the next one.

Go to "Target information" > "Detail settings" , and set the "HTTP Version" to "1.1" before accessing the site. *The default is "1.0".[Related article] How is it possible to get the proxy logs that is communicated with HTTP/1.1?

Go to the next one.

Go to the next one.