Virtual Appliance Guide


The Virtual Appliance has limited disk space and is only intended for product evaluation purposes.

It is NOT intended for enterprise and production deployments.

Deploying the Virtual Appliance

Read this section to learn how to deploy the Virtual Appliance in one of the supported environments.

Supported environments

The Virtual Appliance is tested and supported in the following environments:

  • VMware Player 6 or later
  • VMware Workstation 9 or later
  • VMware Fusion 8 or later
  • VMware vCenter 5.5, 6.0
  • VMware ESXi 5.5, 6.0

Downloading the Virtual Appliance

Rapid7 provides the Virtual Appliance as an Open Virtualization Archive (OVA) file. You can download either a Virtual Appliance Security Console (VA) or the Virtual Appliance Scan Engine (VASE). Download links for both are as follows:

Deploying in VMware Player and VMware Workstation

  1. In VMware Player and VMware Workstation, click "File" -> "Open".
  2. In the dropdown list, select the group that includes *.ova.
  3. Select the Virtual Appliance file, and click "Open".

Select the Virtual Appliance file

The "Import Virtual Machine" window will appear.

Import Virtual Machine


You can rename the Virtual Appliance file name if desired.

  1. Specify the storage path for the Virtual Appliance.
  2. Click "Import".

The import process converts the Virtual Appliance file to a Virtual Machine Disk Format (VMDK) file. When the import process is complete, the Virtual Appliance appears on the list of available virtual machines in VMware Player.

  1. Select the Rapid7 Virtual Appliance, and click "Play" or "Power On this Virtual Machine" if using VMware Workstation.

Select the Rapid7 Virtual Appliance

Deploying in vCenter or VMware ESXi

  1. In vCenter or VMware ESXi, click File | Deploy OVF Template... The Deploy OVF template window appears.

Deploy the OVF template

  1. Locate the downloaded Virtual Appliance file, and click Next. The OVF Template Details panel appears for configuring Virtual Appliance set- tings.

Configure Virtual Appliance settings

  1. Enter a name for the Virtual Appliance.
  2. Select an inventory location, and click Next.
  3. Select a host or cluster for the Virtual Appliance, and click Next.
  4. Select a resource pool, and click Next.
  5. Select a datastore, and click Next.
  6. Select Thin or Thick (recommended) Provision for the disk format, and click Next.
  7. Select a network mapping, and click Next.
  8. Click Finish.

Powering on the Virtual Appliance

  1. When the import process is complete, select the Virtual Appliance from the list of available virtual machines.
  2. Click Power on.
  3. Click the Console tab to view a terminal window for the Virtual Appliance.

Administering the Virtual Appliance

Log in to the Virtual Appliance after it starts to perform any necessary administrative functions. The operating system for the Virtual Appliance is a CIS hardened, minimal install of Ubuntu Server 16.04 LTS.

When startup is complete, the Virtual Appliance window displays a login prompt. If you are logging in for the first time, you will be asked to change the current UNIX password:

Set your new password

  1. Enter the default username: nexpose
  2. Enter the default password: nexpose


Your password keystrokes will not appear in the terminal as you type them. Take care that you input the password accurately.

  1. When prompted, enter the default password again.
  2. Enter your new password according to the complexity requirements.

Password Complexity Requirements

Passwords must at least 14 characters long and contain at least one uppercase letter, one lowercase letter, one number, and one special character.

  1. Enter your new password again to confirm the change.

You need the IP address of the Virtual Appliance in order to login to to the Web interface. Run ifconfig -a to view the IP address.

Updating the host's operating system

As a security best practice, make sure to keep your operating system current with the latest updates. To apply an update, take the following steps:

  1. Access the operating system of your Virtual Appliance using SSH or by opening the a virtual console.
  2. Run the following command to update all operating system packages to the latest versions:
sudo apt-get update && sudo apt-get upgrade


The unattended-updates package is installed and configured to automatically apply security updates when available. The virtual appliance requires access to and to retrieve updated packages. Unattended update logs can be reviewed in /var/log/unattended-upgrades/unattended-upgrades.log

Logging onto the Security Console

You perform all Security Console operations through a Web-based interface, which supports the browsers listed at

To log onto the Security Console take the following steps:

  1. Open a web browser.
  2. Enter the URL for the Virtual Appliance: https://<Virtual_Appliance_IP>:3780
  3. Enter the default username (nxadmin) and password (nxpassword).
  4. Click the Logon button.

Change Password

Upon first login the Security Console will prompt you to change your password. Enter the default username and password: nxadmin and nxpassword. Enter a new password, and confirm the new password.

If you are a first-time user and have not activated your license, the Security Console displays an activation dialog box. Enter your license key. If you do not have a license key, visit to start your 30-day free trail.

After you receive the license key, login and enter the license key in the activation window.

Frequently Asked Questions

How do I set up a static IP?

There are two different ways to set up a static IP.

  1. Option 1 - edit one file only

Open the /etc/network/interfaces file in a text editor with the following command:

sudo nano /etc/network/interfaces

Edit the /etc/network/interfaces config with the following code. Note that you do not need to do the /etc/resolvconf/resolv.conf.d/tail section if you add the dns-nameservers to the /etc/network/interfaces conf file.

auto ens32
iface ens32 inet static
  1. Option 2 - Edit two files

Open the /etc/network/interfaces file in a text editor with the following command:

sudo nano /etc/network/interfaces

Match the corresponding lines to the following values:

auto ens32
iface ens32 inet static

Add the following address, netmask, and gateway lines and specify the values as desired.


Values shown here are only examples. ens32 is the default network interface for the OVAs. Run ifconfig to display existing network interfaces to confirm which interface is in use.


How do I set up DNS?

Create the /etc/resolvconf/resolv.conf.d/tail file with the following command:

sudo nano /etc/resolvconf/resolv.conf.d/tail

Add the following lines and specify values according to your configuration requirements:


How do I restart networking?

In order for the static IP and DNS changes to take effect, the existing IP must be flushed with the following command:

sudo ip addr flush ens32

To restart the networking service, use the following command:

sudo systemctl restart networking.service

How do I set the system time?

The virtual appliance comes preinstalled with chrony. To check the current system time, run the chronyc tracking command.

Chrony can be configured by editing the /etc/chrony/chrony.conf file.

Please see for complete documentation.

To manually sync the time, run the following commands:

sudo service chrony stop
sudo chronyd -q 'pool iburst'
sudo service chrony start

To change the timezone, run sudo dpkg-reconfigure tzdata and select the desired timezone.

How do I start, stop, and check the status of the console and engine services?


sudo systemctl status nexposeconsole.service
sudo systemctl start nexposeconsole.service
sudo systemctl stop nexposeconsole.service


sudo systemctl status nexposeengine.service
sudo systemctl start nexposeengine.service
sudo systemctl stop nexposeengine.service

What is the OS account lockout policy?

Accounts will get locked out after 5 invalid login attempts. Accounts will get automatically unlocked after 15 minutes.