Nagios Support Forum

Hi Team,

I have uncommented the below line in NSC.ini file and restarted the NSClient service, but still I am receiving the same message.

I have executed the command below from nagios and I am receiving mentioned output:

nmap <remote host ip> -p 12489

[nagios@eu2napu002 ~]$ nmap 10.148.186.166 -p 12489

Starting Nmap 5.51 ( http://nmap.org ) at 2016-02-24 10:31 GMT
Nmap scan report for 10.148.186.166
Host is up (0.00093s latency).
PORT STATE SERVICE
12489/tcp closed unknown

Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds

Yet I am facing the same issue.

In the first screenshot you showed us, you are trying to connect to 10.148.186.140. On the last one - you are running nmap against 10.148.186.166... Which one is it? Are you testing a wrong server?

Hi Team,

We are facing the same issue on number of windows servers, but right now we are following 10.148.186.166 host.

Kindly suggest us solution, as it is affecting our production environment.

Can you post the output of netstat -an ran on windows client machine?

Hi Team,

Please find the attached snapshot for output of netstat -an command.

Can you post the entire nsclient.log from the 10.148.186.166 machine?

Hi Team,

Please find the attached nsclient.log file.

Is the NSC.ini file you posted from the 10.148.186.166 machine? You have the IP & the password obfuscated, but in your first post you showed us this: I can see the following line line in the "nsclient.log":

2016-02-11 12:23:27: error:modules\NSClientListener\NSClientListener.cpp:314: Unauthorized access from: 10.148.186.166

Is "10.148.186.166" the IP of your Nagios XI server? If this is the case, you need to modify the "NSC.ini" file: and restart NSClient++ service, so that changes can take effect.

On a different note, you also have some performance counter errors in the log...

2015-09-30 14:39:05: error:modules\CheckSystem\PDHCollector.cpp:215: Failed to query performance counters: PdhCollectQueryData failed: : No data to return. (800007D5)

You may need to manually rebuild them by following the guide below:
https://support.microsoft.com/en-us/kb/300956
You will need to restart NSClient++ service once more after rebuilding the counters.

Hope this helps.

Hi Team,

IP 10.148.186.166 is the client servers ip address and 10.147.108.45 is nagios servers ip address.

If this is the case the IP on the "allowed_hosts" line is correct. Open the CMD prompt on the Windows server, stop/start the NSClient++ service:
Make sure it is running. Run:
Do you see the NSClient++ service in the list?

If the service is running, and port 12489 is NOT blocked by your Windows firewall (or another firewall between the Windows and XI servers), 12489 port should be open. Test the connection via nmap or telnet from the Nagios XI server:
or If the port is closed, your checks in XI will fail.

Is it possible that you reinstall (possibly a newer version of) NSClient++ on the Windows server?