Technote (troubleshooting)
Problem(Abstract)
How do you diagnose communication problems when scanning my application using IBM Rational AppScan Standard?
Symptom
Symptom 1
Scan Log (from View -> Scan Log or ScanLog.log file under Logs folder of the AppScan Standard installation directory) may show errors in this format during the course of the scan:
... Cannot connect to host: [IP/HOSTNAME]...
... Test [TEST_NUMBER] [TEST_NAME] failed due to communication error: ...
... Connection established with host: [IP/HOSTNAME]
Symptom 2
Alternately, you may see errors like these in the System Log (from Help -> AppScan Log or AppScanSys.log file under Logs folder of the AppScan Standard installation directory):
... Warning: Communication problems occurred while testing URL '[PATH]' for '[TEST_NAME]'
You may also see these:
... System : Server [IP/HOSTNAME] is not responding...
... System : Server [IP/HOSTNAME] is responding again
Resolving the problem
- Cause: A personal firewall and or anti-virus application is installed on the AppScan Standard host that is blocking outgoing connections.
Resolution: Check the system to make sure that any such applications are disabled during the crawling and testing phases.
-
- Cause: A corporate firewall is dropping connections because it is recognizing them as attacks.
- Resolution: Check with your system administrator/IT to confirm if the corporate firewall is actually dropping connections. Issues have been encountered where a new proxy and or firewall gets installed on the network, which filters requests that in turn leads to poor scan performance by AppScan Standard.
- Resolution: Check with your system administrator/IT to confirm if the corporate firewall is actually dropping connections. Issues have been encountered where a new proxy and or firewall gets installed on the network, which filters requests that in turn leads to poor scan performance by AppScan Standard.
- Cause: A slow Web server is denying the connections when AppScan Standard tries to send a large number of requests to it.
- Resolutions:
- Reduce the number of threads to 1 and increase the time-out to 30 seconds to see if this removes the communication entries. These options can be configured in Scan Configuration > Communication and Proxy. Once you confirm that this addresses the communication issues that AppScan Standard is experiencing, then the thread count can be increased.
- You can also force AppScan Standard to use HTTP/1.1 to resolve the communication issues that AppScan is experiencing. For more information about Forcing AppScan to use HTTP/1.1, see Technote 1298662: Forcing AppScan Standard to use HTTP/1.1.
- Resolutions:
- Cause: The application does not response to the AppScan system down checks. In the traffic log, you would see the "starting URL" requests with no responses.
- Workaround: Turn off the "heartbeat" checks by going to
Scan Configuration > Advanced Configuration and change to
False the following options:
- Server-down detection: Check for "server down" in Explore
- Server-down detection: Check for "server down" in Explore
- Workaround: Turn off the "heartbeat" checks by going to
Scan Configuration > Advanced Configuration and change to
False the following options: