Issue while installing NRPE

[nysus777]

Can you post your /var/log/messages file for us to look at from the client machine? This should indicate why the connection was closed.

Hi rkennedy,

Please find the file as requested.

Thanks,
Piyush Sinha

[bwallace]

Thanks for the requested file. Unfortunately it does not tell us much. Going forward, please post the outcome of each step listed below:

On the client machine run the following

Code: Select all

netstat -anp|grep :5666
sestatus

From your Nagios XI server execute these commands and provide the output (Where xxx is the IP address of the remote server):
nmap <client ip> -p 5666
/usr/local/nagios/libexec/check_nrpe -H <client ip> (run this one few times then immediately run the cmd below)
tail -50 /var/log/messages

[nysus777]

Thanks for the requested file. Unfortunately it does not tell us much. Going forward, please post the outcome of each step listed below:

On the client machine run the following

Code: Select all

netstat -anp|grep :5666
sestatus

From your Nagios XI server execute these commands and provide the output (Where xxx is the IP address of the remote server):
nmap <client ip> -p 5666
/usr/local/nagios/libexec/check_nrpe -H <client ip> (run this one few times then immediately run the cmd below)
tail -50 /var/log/messages

Hi bwallace,

Please find the screenshots as requested.

Thanks,
Piyush Sinha

[bwallace]

Thanks for the files.
- NRPE is indeed listening on the client
- Nmap from Nagios --> Client works fine (:5666 is open)
- you get "Connection reset by peer" when manually running check_nrpe -H xxx.xxx.xxx.xxx from the Nagios server
- nagios.log says "Could Not Complete SSL Handshake with <your client>"

Let's address the last point first by following the steps on page 3 of this doc:
https://assets.nagios.com/downloads/nag ... utions.pdf
Basically, you're going to check if you have the Nagios server's IP address defined in the remote host's nrpe.cfg file.

* If you already have the IP address of your Nagios server is listed as an allowed host in the remote host's nrpe.cfg file, then check if a Firewall is blocking access, based on the "Connection reset by peer" message.
Once you go through all these steps, re-test by manually running this check from the Nagios server
/usr/local/nagios/libexec/check_nrpe -H <client ip>

Hope this helps, let us know of the outcome.

[nysus777]

Thanks for the files.
- NRPE is indeed listening on the client
- Nmap from Nagios --> Client works fine (:5666 is open)
- you get "Connection reset by peer" when manually running check_nrpe -H xxx.xxx.xxx.xxx from the Nagios server
- nagios.log says "Could Not Complete SSL Handshake with <your client>"

Let's address the last point first by following the steps on page 3 of this doc:
https://assets.nagios.com/downloads/nag ... utions.pdf
Basically, you're going to check if you have the Nagios server's IP address defined in the remote host's nrpe.cfg file.

* If you already have the IP address of your Nagios server is listed as an allowed host in the remote host's nrpe.cfg file, then check if a Firewall is blocking access, based on the "Connection reset by peer" message.
Once you go through all these steps, re-test by manually running this check from the Nagios server
/usr/local/nagios/libexec/check_nrpe -H <client ip>

Hope this helps, let us know of the outcome.

Hi bwallace,

I have done the below as per your suggestion. I can see that the Nagios server IP is added in allowed hosts of nrpe.cfg.
Also, i see that i can not ping the Nagios server. However, even when i disable iptables, i still can't ping the server.

Another observation, when i run check_nrpe on both servers with their IPs, i get different versions of the NRPE. Can this be a reason?
Please advise.

Thanks

[rkennedy]

I have done the below as per your suggestion. I can see that the Nagios server IP is added in allowed hosts of nrpe.cfg.
Also, i see that i can not ping the Nagios server. However, even when i disable iptables, i still can't ping the server.

Can you turn the firewall off on the XI machine, and then try to ping it? Are you blocking ICMP traffic in your network at all? If NRPE is working, then it's for surely a firewall blocking it somewhere.

Another observation, when i run check_nrpe on both servers with their IPs, i get different versions of the NRPE. Can this be a reason?

No, NRPE won't affect ping. It sounds like you have multiple versions installed, which isn't a problem.