Azure/AWS VPN Tunnel Monitoring

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
apteancloud
Posts: 47
Joined: Wed Sep 09, 2020 4:05 am

Azure/AWS VPN Tunnel Monitoring

Post by apteancloud »

Hi Nagios Team,

We have a couple of VPN Tunnel for customers hosted in Azure&AWS, So we are planning to create Monitoring for VPN Tunnel in NagiosXI. Could you please help with this Can we use the check_tunnel command to use this?

Help me on how to Proceed..

Waiting for the response.
User avatar
cdienger
Support Tech
Posts: 5045
Joined: Tue Feb 07, 2017 11:26 am

Re: Azure/AWS VPN Tunnel Monitoring

Post by cdienger »

Is the XI machine connected to the VPN? Usually the best way to monitor a VPN is to run a check on a machine that is connected to the VPN that in turn tries to connect to another machine available only via the VPN.

https://github.com/danfruehauf/nagios-p ... /check_vpn is a plugin that will connect to a VPN, and test an address behind the VPN. If this script does what you want then it can be integrated with XI following https://assets.nagios.com/downloads/nag ... ios-XI.pdf.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
apteancloud
Posts: 47
Joined: Wed Sep 09, 2020 4:05 am

Re: Azure/AWS VPN Tunnel Monitoring

Post by apteancloud »

Hi,

Thanks for replying to this...

To answer your question,
We have uploaded the check_vpn.php into Nagios xi, To be clear we have a site-to-site VPN tunnel setup in the Azure portal which has these VPN connections which have to be monitored in NagiosXI(This NagiosXI VM is also in Azure)
Could you please help me in Achieving this?
We are using below command.

Code: Select all

./check_vpn.php -t openvpn -H x.x.x.x(IP of VPN) -u AWS_CHS_Shared_Services(VPN Name) -p xxxxxxx(shared key) - U https://www.google.com

Code: Select all

extra arguments can be specified after --, please refer to the plugin
you're using to understand what options can be passed


Options:
  -t, --type                 VPN type, one of: l2tp, openvpn, pptp, ssh.
  -h, --hostname             Hostname to connect to.
  -u, --username             Username to use with VPN.
  -p, --password             Password to use with VPN.
  -l, --lock                 Use global lock to avoid running check_vpn more
                             then once at the same time.
  -d, --device               Device to use, can be a specific device (tunX,
                             tapX, pppX) or just a prefix (tun, tap, ppp).
  -U, --url                  URL to test connectivity with, the default is
                             http://www.google.com
User avatar
cdienger
Support Tech
Posts: 5045
Joined: Tue Feb 07, 2017 11:26 am

Re: Azure/AWS VPN Tunnel Monitoring

Post by cdienger »

Does the command work if you test it from the XI command line? If, the next step would be to integrate it with XI which is covered in this doc - https://assets.nagios.com/downloads/nag ... ios-XI.pdf.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
apteancloud
Posts: 47
Joined: Wed Sep 09, 2020 4:05 am

Re: Azure/AWS VPN Tunnel Monitoring

Post by apteancloud »

Hi,

The command works fine, with respect to Nagios xi command line, But have to find out the way in pulling out the data/status of the Azure VPN tunnel.
User avatar
cdienger
Support Tech
Posts: 5045
Joined: Tue Feb 07, 2017 11:26 am

Re: Azure/AWS VPN Tunnel Monitoring

Post by cdienger »

The status of the VPN tunnel will be reflected by the return code of the plugin and not necessarily the message that is returned - although the message will usually reflect the status as well. You can see the return code after running the plugin from the command line with the 'echo $?' command. It should be a 0,1,2, or 3 which reflect OK, WARNING, CRITICAL, and UNKNOW respectfully.

https://nagios-plugins.org/doc/guidelines.html#AEN78
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Locked