NRPE issue - port 5666: Connection refused

[tezarin]

Hi all,

I am trying to get NRPE to monitor a remote host for me but I'm getting an error.

On the server:
nmap localhost
5666/tcp open nrpe

netstat -ant
tcp6 0 0 :::5666 :::* LISTEN

So far so good, but at the same time, I get an error when I try:

/usr/lib/nagios/plugins/check_tcp -H localhost -p 5666
Connection refused

And

telnet [ServerIP] 5666
Trying [ServerIP]...
telnet: Unable to connect to remote host: No route to host

Then from the remote host:

nmap [ServerIP]
5666/tcp filtered nrpe

Can someone please shed some light on this?

Thanks in advance

[jdalrymple]

On the server:
nmap localhost
5666/tcp open nrpe

netstat -ant
tcp6 0 0 :::5666 :::* LISTEN

So far so good, but at the same time, I get an error when I try:

/usr/lib/nagios/plugins/check_tcp -H localhost -p 5666
Connection refused

Maybe "only from" in inetd.conf? Maybe 'localhost' is resolving ipv6 address and you've only allowed ipv4?

Then from the remote host:

nmap [ServerIP]
5666/tcp filtered nrpe

Probably firewall.

[tezarin]

Thanks for your reply.
Both machines are Ubuntu. So I was able to fix the NRPE issue on the server by installing nagios-nrpe-plugin

Now when I run

Code: Select all

./check_nrpe -H localhost on the server, I get the version back: NRPE v2.13 

but this will fail:

But on the remote host, I can't get NRPE to work:

Code: Select all

root@server:/# /usr/lib/nagios/plugins/check_nrpe -H [remote host IP] -n
CHECK_NRPE: Error receiving data from daemon.
root@server:/# /usr/lib/nagios/plugins/check_nrpe -H [remote host IP]  
CHECK_NRPE: Error - Could not complete SSL handshake.

Then when I go to the remote host:

Code: Select all

/usr/lib/nagios/plugins/check_tcp -H localhost -p 5666
TCP OK - 0.000 second response time on port 5666|time=0.000214s;;;0.000000;10.000000

And

Code: Select all

sudo /etc/init.d/nagios-nrpe-server status
 * nagios-nrpe is not running

Am I missing something? Can someone please help me with this?

Thanks

[jolson]

When you installed the NRPE listener, did you add an allowed_host? This is either controlled by the nrpe.cfg or the xinetd.d configuration - this depends on how you installed NRPE.

Run the following:

Code: Select all

service xinetd status
cat /etc/xinetd.d/nrpe
find / -name nrpe.cfg | xargs cat

Please report the results back to us - you will need to allow your Nagios server to contact the remote server. It would also be worth running nmap from your Nagios Server targeting your remote host:

Code: Select all

nmap -p 5666 x.x.x.x

[tezarin]

Thanks for your reply, here are the outputs:

Code: Select all

service xinetd status
xinetd start/running, process 36720

cat /etc/xinetd.d/nrpe
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
        flags           = REUSE
        type            = UNLISTED
        port            = 5666
        socket_type     = stream
        wait            = no
        user            = nagios
        group           = nagios
        server          = /usr/sbin/nrpe
        server_args     = -c /etc/nagios/nrpe.cfg --inetd
        log_on_failure  += USERID
        disable         = no
}

nmap -p 5666 x.x.x.x                                                                                                                                                              

Starting Nmap 6.00 ( http://nmap.org ) at 2015-10-14 19:20 UTC
Nmap scan report for x.x.x.x
Host is up (0.00077s latency).
PORT     STATE SERVICE
5666/tcp open  nrpe

Nmap done: 1 IP address (1 host up) scanned in 0.14 seconds

The find command returned the nrpe.cfg file where I defined the allowed_hosts=127.0.0.1,x.x.x.x (which is the server's IP address). The nrpe file did not exist in /etc/xinetd.d dierctory, I created that and put it there.

Thanks in advance

[Box293]

Can you follow this troubleshooting document please:
https://assets.nagios.com/downloads/nag ... utions.pdf
Even though it is for XI, the troubleshooting steps are the same.

Please let us know what steps you tried in the document, including commands executed and the output.