Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
./check_http -I 10.10.12.89 -S
HTTP OK: HTTP/1.1 301 Moved Permanently - 126 bytes in 0.013 second response time |time=0.013359s;;;0.000000 size=126B;;;0
Nmap scan report for 10.10.110.10
Host is up (0.00052s latency).
PORT STATE SERVICE
443/tcp filtered https
MAC Address: 44:C3:CA:CE:99:37 (Cisco Systems)
Nmap done: 1 IP address (1 host up) scanned in 6.44 seconds
what is the problem?
Seek and you shall find, knock and it shall be opened, cry and you shall find comfort
Allow this to run just long enough to reproduce the error, use CTRL+C to stop it, and gather the asa.pcap that was generated. Feel free to PM me the results if you'd like to keep info regarding your network private.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
If you google the error message, the message can mean a lot of things. The tcpdump may help us determine what the problem is. Also, what are security settings on the asa? Is it expect specific tls or ssl version or ciphers? What is the difference between the old asa and the new asa? Is there anything on the asa that would tell us more about why the connection is failing?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Another ting to look at is if the ASA has a certificate enabled and if not, it would have to be regenerated.
Take a look at this link for help in doing that on the ASA Firewall. http://www.cisco.com/c/en/us/support/do ... ate-I.html
Be sure to check out our Knowledgebase for helpful articles and solutions!
Only those who love big brother use google or public search engines, Thanks for the link, it helped me see that on the older asa there was no certificate while on the newer asa there is a self-signed certificate. I generated a self signed certificate, unfortunately the same error remains for some reason. -S 1 -S 2 -S 3 produces the same error.
Well, I read the document till the end, and configured the ssl setting. added active encryption algorithms and added the trust points to the needed interfaces and...wait for it.... it worked! Be happy and thanks for your tips and relentless aid.
Seek and you shall find, knock and it shall be opened, cry and you shall find comfort