Hi Team,
I have installed NRPE on a Linux server(CentOS 6.4) using the document from below link:
https://assets.nagios.com/downloads/nag ... -Linux.pdf
While configuring the services in Nagios XI, I am getting "Connection refused or timed out" error. I checked from Nagios support and followed the steps mentioned in below link:
https://support.nagios.com/kb/article/n ... t-626.html
I have made the changes to nrpe.cfg file like "allowed host" and "don't_blame_nrpe" values as well and restarted nrpe. Still I am getting the same error.
Kindly, help me out with the problem I am facing. Thanks in advance!!
Connection refused or timed out
Connection refused or timed out
Thanks & Regards,
I2MP Team.
I2MP Team.
Re: Connection refused or timed out
I am a bit confused. Are you trying to install the Linux agent (NRPE + Nagios plugins) on a remove machine that you would like to monitor? The link you provided is a document for a manual install of Nagios XI... You should have used the document below:I have installed NRPE on a Linux server(CentOS 6.4) using the document from below link:
https://assets.nagios.com/downloads/nag ... -Linux.pdf
https://assets.nagios.com/downloads/nag ... _Agent.pdf
Can you clarify?
Run the following commands from the command line and show the output:
on the Nagios XI server:
Code: Select all
/usr/local/nagios/libexec/check_nrpe -H <client ip>
nmap <client ip> -p 5666Code: Select all
ps axuw | grep nrpe
netstat -at | grep nrpeBe sure to check out our Knowledgebase for helpful articles and solutions!
Re: Connection refused or timed out
Hello,
Apologies for the confusion, I am new to Nagios, and used more than one document/links for the nrpe installation.
Yes you are correct, I have used the below document for NRPE installation:
https://assets.nagios.com/downloads/nag ... _Agent.pdf
But I was getting some error and after I googled, I thought the error is coming because Nagios plugins are missing, so I have used another document to install the plugins as well.
I have ran the commands provided by you in Nagios XI server and client machine and attached the same.
I am not sure about the iptables and firewalls, but I have googled and ran few commands to check iptables and firewalls in both machines and attached the output for the same.
Thanks a lot for your reply
Apologies for the confusion, I am new to Nagios, and used more than one document/links for the nrpe installation.
Yes you are correct, I have used the below document for NRPE installation:
https://assets.nagios.com/downloads/nag ... _Agent.pdf
But I was getting some error and after I googled, I thought the error is coming because Nagios plugins are missing, so I have used another document to install the plugins as well.
I have ran the commands provided by you in Nagios XI server and client machine and attached the same.
I am not sure about the iptables and firewalls, but I have googled and ran few commands to check iptables and firewalls in both machines and attached the output for the same.
Thanks a lot for your reply
You do not have the required permissions to view the files attached to this post.
Thanks & Regards,
I2MP Team.
I2MP Team.
Re: Connection refused or timed out
It seems like there is a firewall issue... You should see "open" in the output of the nmap command, not "filtered". You could run the following command as root to list the iptables chains (rules) in numeric format:[nagios@eu2napu003 ~]$ nmap 10.147.108.45 -p 5666
Starting Nmap 5.51 ( http://nmap.org ) at 2018-08-15 08:44 BST
Nmap scan report for eu2napu002.sharedev.org (10.147.108.45)
Host is up (0.00028s latency).
PORT STATE SERVICE
5666/tcp filtered nrpe
Nmap done: 1 IP address (1 host up) scanned in 0.03 seconds
[nagios@eu2napu003 ~]$
Code: Select all
iptables -nLCode: Select all
/usr/local/nagios/libexec/check_nrpe -H <client ip>Usually, when you install the Linux agent, following the document you referenced, NRPE runs under xinetd. It possible that you are trying to run NRPE as both, standalone daemon and under xinetd, which creates issues.nagios 25754 0.0 0.0 39368 1316 ? Ss Aug14 0:00 /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d
Can you post the /usr/local/nagios/etc/nrpe.cfg file, and /etc/xinetd.d/nrpe, and /usr/local/nagios/etc/nrpe/common.cfg (if the last two exist on your system)?
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: Connection refused or timed out
Hi,
I ran "iptables -nL" command as root user in both Nagios and client machines and attached the output.
I googled and found below commands to check if 5666 is nrpe listening port and attached the output for both client and Nagios machine.
1. netstat -tpln | grep 5666
2. nmap host
I think I have both Nagios and NRPE installed as I checked in /usr/local/nagios/etc path, I can see both nagios.cfg and nrpe.cfg,
also in /usr/local/nagios/bin path, I can see both nrpe and nagios.
I am also attaching /usr/local/nagios/etc/nrpe.cfg file and /etc/xinetd.d/nrpe file output, but could not find /usr/local/nagios/etc/nrpe/common.cfg.
If presence of both Nagios and NRPE is creating issue, is there a way to uninstall both and do a fresh NRPE installation?
I ran "iptables -nL" command as root user in both Nagios and client machines and attached the output.
I googled and found below commands to check if 5666 is nrpe listening port and attached the output for both client and Nagios machine.
1. netstat -tpln | grep 5666
2. nmap host
I think I have both Nagios and NRPE installed as I checked in /usr/local/nagios/etc path, I can see both nagios.cfg and nrpe.cfg,
also in /usr/local/nagios/bin path, I can see both nrpe and nagios.
I am also attaching /usr/local/nagios/etc/nrpe.cfg file and /etc/xinetd.d/nrpe file output, but could not find /usr/local/nagios/etc/nrpe/common.cfg.
If presence of both Nagios and NRPE is creating issue, is there a way to uninstall both and do a fresh NRPE installation?
You do not have the required permissions to view the files attached to this post.
Thanks & Regards,
I2MP Team.
I2MP Team.
Re: Connection refused or timed out
Open port 5666 on the client machine (eu2napu002, 10.147.108.45) by running the following commands as root:
Run the following commands on the nagios machine (eu2napu003, 10.147.108.46) and show the output:
Code: Select all
iptables -A INPUT -p tcp -m tcp --dport 5666 -j ACCEPT
/etc/init.d/iptables saveCode: Select all
nmap 10.147.108.45 -p 5666
/usr/local/nagios/libexec/check_nrpe -H 10.147.108.45Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: Connection refused or timed out
Hi,
I have ran the commands as suggested by you and attached the output.
Thanks a lot for your help
I have ran the commands as suggested by you and attached the output.
Thanks a lot for your help
You do not have the required permissions to view the files attached to this post.
Thanks & Regards,
I2MP Team.
I2MP Team.
Re: Connection refused or timed out
There may be a firewall or other device between machines preventing the connection. I would suggest running tcpdump simultaneously on the XI machine and client machine while you reproduce the error. This can be done with:
yum -y install tcpdump
tcpdump -s 0 -i any port 5666 -w output.pcap
Let it run just long enough to capture reproduce the error message and then use CTRL+C to stop it. The captures and be reviewed using wireshark, but feel free to PM them to one of us if needed.
yum -y install tcpdump
tcpdump -s 0 -i any port 5666 -w output.pcap
Let it run just long enough to capture reproduce the error message and then use CTRL+C to stop it. The captures and be reviewed using wireshark, but feel free to PM them to one of us if needed.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: Connection refused or timed out
Hello,
I installed tcpdump on both the machines and ran "tcpdump -s 0 -i any port 5666 -w output.pcap" command.
I also installed wireshark and using "tshark -r output.pcap > pcap" command, copied the output to pcap file. I could not find anything after checking the output, so I am attaching the output here. As the file was too large, I am attaching output of head -500 pcap and tail -500 pcap.
I installed tcpdump on both the machines and ran "tcpdump -s 0 -i any port 5666 -w output.pcap" command.
I also installed wireshark and using "tshark -r output.pcap > pcap" command, copied the output to pcap file. I could not find anything after checking the output, so I am attaching the output here. As the file was too large, I am attaching output of head -500 pcap and tail -500 pcap.
You do not have the required permissions to view the files attached to this post.
Thanks & Regards,
I2MP Team.
I2MP Team.
Re: Connection refused or timed out
Please confirm for us the IP addresses of both machines. The nagios_machine_output doesn't seem to have any attempts to connect to 10.147.108.45 and the client_machine_output seems to be showing the client making outbound nrpe requests when in most cases it should just be accepting inbound nrpe.
Are you able to reproduce the error at will? The traces are 10+ minutes in length and it would make for a shorter capture to start the captures, reproduce the error, and stop it immediately.
Are you able to reproduce the error at will? The traces are 10+ minutes in length and it would make for a shorter capture to start the captures, reproduce the error, and stop it immediately.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.