check_nrpe SSL problem

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
jbecerra37
Posts: 1
Joined: Mon Dec 26, 2011 9:35 am

check_nrpe SSL problem

Post by jbecerra37 »

Hi everybody. First of all, I apologize for my poor english. I have nagios 3 configured and installed within OSSIM for monitoring several Windows Servers. The only problem I have is with the execution of check_nrpe command. I have configured the host.cfg file in the nagios server this way:

define host{
host_name sapbogtc002
alias sapbogtc002
address 192.168.xxx.xxx
use generic-host
}
define service{
use generic-service
host_name sapbogtc002
service_description SMTP Relay Colpatria
check_command check_nrpe!-H 10.150.xxx.xxx -c check_relay_smtp

The sapbogtc002 server is behind the corporate firewall, so my Nagios Server do not communicate directly with this server and, for security reasons, it is impossible to open ports in the Firewall for that communication. The server 10.150.xxx is in the same Nagios Server subnet, and 10.150xxx server is able to communicate directly with sapbogtc002 server.
In the 10.150.xxx.xxx server, I have installed NSClient++-0.3.9-x64 and added the next lines in the NSC.ini file:

[NRPE Handlers]
command[check_relay_smtp]=c:\Nagios_Plugins\check_tcp -H 192.168.xxx.xxx -p 25

For checking this configuration, I execute this command from the Nagios Server:

/usr/lib/nagios/plugins/check_nrpe -H 10.150.xxx.xxx -c check_relay_smtp

and the command executes successfully and give me this output:

TCP: 0 second response time on port 25
So everything seems to be ok. In the NSClient++ debug mode then next output is generated when I ececute the check_nrpe command from the command line:

NSClient++.cpp(1144) Injecting: check_relay_smtp:
NSClient++.cpp(1180) Injected Result: OK 'TCP: 0 second response time on port 25

But when the scheduled check runs, the next error (in the NSClient++ debug mode) is generated:

\Socket.h(713) Error: Could not complete SSL handshake : [0] 5, attempting to resume......

And it does not matter the command I am trying to execute in the 192.168.xxx.xxx. I am sure it is not a firewall issue (because the command in the command line execute succesfully). I suppose that it is not a NSClient++ issue for the same razon. Please help me, I have checked several forums but no problem is similar to my situation because in my case the command executes succesfully from the command line.
Last thing. I am using the NSClient++ in the 10.150.xxx.xx server for monitoring filesystem space using check_nt with absolutely no problem. The problem appears to be the check_nrpe command but executed from the .cfg file, no from the comand line.
Top
cojo
Posts: 2
Joined: Tue Jan 10, 2012 12:33 pm

Re: check_nrpe SSL problem

Post by cojo »

Did you allow nagios server to communicate with your client? it's located in the /etc/nagios/nrpe.cfg

allowed_hosts=127.0.0.1,nagios server IP
Top
Locked

Return to “Open Source Nagios Projects”