Nagios Support Forum

Hi !!!

When i tried to connect to a host using the quick action connect to "host_name" ( using the method "SSH" ) i cant do it, and there is not error messages.

Can somebody help me?

Thank you.

We are using:
Nagios XI Version : 2014R2.6
x86_64
Red Hat Enterprise Linux Server release 7.0 (Maipo)
Gnome is not installed

There is a doc that goes along with this, but it has not been published yet. I will PM you the pre-release version so you can try it out. It's been tested and it works, just the doc has to go through the normal channels before it is approved.

Thank you !!!!

I gonna test it immediately !!!!

Greetings !!!

Let us know if it is safe to lock the topic.

Having the same issue with a newly deployed XI server....could I have a look at this doc as well? I can test tonight and provide feedback ASAP.

Thanks!

Sent

Thank you Sir!

I will have a look, play with this today and report back.

So the doc was awesome and solved about 1/2 of my issue

Perhaps this is a dumb question but since that has never stopped me in the past...no need to change now.

This server was deployed in a pretty challenging network architecture. There is a northbound interface (eth1) that connects to the "outside" network and an "inside" interface (eth0) that connects to the network where all the hosts live. The outside network does not have direct access to the hosts on the internal interface. What happens when an outside host tries to connect to an inside network device, the request times out because the request is originating from the outside host.

Is there a way have that request initiate from the Nagios server itself? The Nagios server has connectivity to these access layer devices and if I could get a session to initiate from the server itself, I'd be in business.

(I do realize this is a potential massive security risk...but my constraints are what they are....)

thanks!!!!

rkymtnman wrote:What happens when an outside host tries to connect to an inside network device, the request times out because the request is originating from the outside host.

The Nagios server isn't intended to be a router or a bridge - this should be the expected behavior I'd think.

rkymtnman wrote:Is there a way have that request initiate from the Nagios server itself? The Nagios server has connectivity to these access layer devices and if I could get a session to initiate from the server itself, I'd be in business.

I don't understand the use case, but from a network perspective yes - NAT on the inside interface and turn your Nagios server into a router. I don't understand the use case though and I'd expect your network team to frown on this behavior.

rkymtnman wrote:(I do realize this is a potential massive security risk...but my constraints are what they are....)

Definitely inform your network team of your plan.

jdalrymple wrote:

rkymtnman wrote:What happens when an outside host tries to connect to an inside network device, the request times out because the request is originating from the outside host.

The Nagios server isn't intended to be a router or a bridge - this should be the expected behavior I'd think.

rkymtnman wrote:Is there a way have that request initiate from the Nagios server itself? The Nagios server has connectivity to these access layer devices and if I could get a session to initiate from the server itself, I'd be in business.

I don't understand the use case, but from a network perspective yes - NAT on the inside interface and turn your Nagios server into a router. I don't understand the use case though and I'd expect your network team to frown on this behavior.

rkymtnman wrote:(I do realize this is a potential massive security risk...but my constraints are what they are....)

Definitely inform your network team of your plan.

Agree 100%.....for the record, the entire system is not publicly accessible. It lives in between 2 internal networks and due to "political boundaries" within the company, this is the world I live in.

EDIT: My hope is to get Nagio to proxy the connection to a host via ssh. I don't want it to be a router/bridge....just proxy the connection.