check_nrpe socket timeout after n seconds

[manish2tiwari]

Hi Scott,

The below settings didn't work

Is there anything else i might missing?

[scottwilkerson]

To see if we are barking up the right tree, could we stop iptables temporarily

Code: Select all

service iptables stop

and run the following from the Nagios Server

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H host.ip.address.here

then to re-enable iptables

Code: Select all

service iptables start

[manish2tiwari]

Hi Scott,

I stopped the iptables then:

When i ran /usr/local/nagios/libexec/check_nrpe -H host.ip.address.here , below are the results i got:

IF host.ip.address = NAGIOS IP ADDRESSS , it is showing couldn't complete SSL handshake
IF host.ip.address = Target server which i want to monitor, it is showing socket timeout.
IF host.ip.address = localhost, it is showing NRPE v2.12.

Then I started the iptables.

Thanks,
Manish

[scottwilkerson]

IF host.ip.address = Target server which i want to monitor, it is showing socket timeout.

This is the one we are interested in and it appears something is blocking between the 2 machines.

Can you ping the target server from your XI server?

[manish2tiwari]

Hi Scott,

yes, we are able to ping the target server from our Nagios Server.

thanks

[scottwilkerson]

Next step, letstry to connect to port 5666 with telnet from the XI server

Code: Select all

telnet IP_ADDRESS 5666

[manish2tiwari]

Hi Scott,

Telnet saying:

telnet: connect to address **************** : Connection timed out
telnet: Unable to connect to remote host: Connection timed out

Thanks,
Manish

[scottwilkerson]

Ok, so earlier I had you run this on the remote machine

Code: Select all

netstat -lnp |grep 5666

Which you did and the port was open.

So if you cannot telnet to the port you must have a firewall somewhere between the 2 machines that is blocking port 5666

[manish2tiwari]

Hi Scott,

the machine which i am trying to connect is showing below results FOR netstat -lnp |grep 5666:

tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN 31397/nrpe

Thanks,
Manish

[scottwilkerson]

Correct. So it is listening, but as per your telnet test you cannot connect to that port, which means that there is something blocking the port between the 2 machines, like a firewall or router configuration..