Monitor hosts in Vyatta Private Networks

[kennedto]

I have a nagios server out side of a Vyatta servers private subnet.
I have set up Nat rules that allow me to SSH to systems inside the Vyatta private network.
Now I want to use NRPE to monitor some systems in the private subnet.

I installed NRPE on one of these boxes.
I tested it locally
psdospm1:~ # /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.15

When I SSH to this box from the nagios server I see this in tcpdump.
11:21:31.446275 IP psdospm1.edulab.tivoli.com.ssh > 9.53.113.186.44099

9.53.113.186 is the IP of the nagios server and /etc/xinetd.d/nrpe looks like this
I have this in /etc/xinetd.d/nrpe
only_from = 9.53.113.186 127.0.0.1

So I think the local host should allow the nagios server to connect.
When I try to test connection from Nagios server to this box, I get
c9053113186:/usr/local/nagios/etc # /usr/local/nagios/libexec/check_nrpe -H 9.38.24.64
connect to address 9.38.24.64 port 5666: Connection refused

At this point I suspect vyatta server is not allowing port 5666 through
Can some one tell me how to get Vyaata to allow access from Nagios server to the system I am trying to access.
Thanks

[kennedto]

OK, turns our DMZ firewall was blocking 5666. It does not block 3489, so i used that and it now works.

[tmcdonald]

I'll be closing this thread now, but feel free to open another if you need anything in the future!