Page 1 of 1
check_nrpe and NSClient: unknow protocol 252
Posted: Mon Apr 11, 2016 9:43 am
by Bidouille
Using NSClient 0.4.4 stable and running on a Win2008 server:
Allowed hosts definition: 10.0.0.0(255.0.0.0)
Binding to: [::]:5666(ipv6)
Attempting to bind to: [::]:5666(ipv6)
Binding to: 0.0.0.0:5666(ipv4), reopen: true, reuse: true
Attempting to bind to: 0.0.0.0:5666(ipv4)
NSClient++ - 0.4.4.23 2016-04-05 Started!
Since Nagios 3.3.1 under Debian, I try to execute a classical
chech_nrpe -H < my_Win2008 >
Console in test mode show this:
Accepting connection from: 10.0.0.4, count=1
Failed to establish secure connection: unknown protocol: 252
Content of nsclient.ini:
Code: Select all
[/settings/default]
password = xxxxxx
allowed hosts = 10.0.0.0/8
[/settings/NRPE/server]
certificate key =
certificate = ${certificate-path}/certificate.pem
ssl options =
allowed ciphers = ADH
ssl = true
verify mode = none
insecure = true
payload length = 1024
allow nasty characters = false
allow arguments = true
[/modules]
CheckExternalScripts = 1
CheckHelpers = 1
CheckEventLog = 1
CheckNSCP = 1
CheckDisk = 1
CheckSystem = 1
NRPEServer = enabled
I don't understand what I missing.
Thanks for help
Re: check_nrpe and NSClient: unknow protocol 252
Posted: Mon Apr 11, 2016 10:45 am
by rkennedy
What happens if you execute the check_nrpe with the -n flag? (insecure mode)
Re: check_nrpe and NSClient: unknow protocol 252
Posted: Tue Apr 12, 2016 1:44 am
by Bidouille
Since Nagios:
Code: Select all
root@xxxxxxx:/usr/local/nagios/libexec# ./check_nrpe -H 10.0.0.45 -n
CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.
Since Win2008 w/NSClient:
D rrpe Accepting connection from: 10.0.0.4, count=1
E nrpe Failed to establish secure connection: unknown protocol: 252
c:\source\nscp\include\socket/connection.hpp:243
Re: check_nrpe and NSClient: unknow protocol 252
Posted: Tue Apr 12, 2016 2:14 am
by Box293
I've tried your config on the same version of NSClient++ and it works fine.
Bidouille wrote:Since Nagios 3.3.1 under Debian, I try to execute a classical chech_nrpe -H < my_Win2008 >
What is your version of nrpe?
On your Debian server simply execute:
Code: Select all
/usr/local/nagios/libexec/check_nrpe
Post the output here.
Have you recently upgraded?
Re: check_nrpe and NSClient: unknow protocol 252
Posted: Tue Apr 12, 2016 2:57 am
by Bidouille
Box293 wrote:What is your version of nrpe?
Code: Select all
root@xxxxxxxx:/usr/local/nagios/libexec# ./check_nrpe -h
NRPE Plugin for Nagios
Copyright (c) 1999-2008 Ethan Galstad ([email protected])
Version: 2.12
Last Modified: 03-10-2008
Box293 wrote:Post the output here.
Code: Select all
root@xxxxxxxx:/# usr/local/nagios/libexec/check_nrpe -H 10.0.0.45
CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.
And give again same error on NSClient.
Re: check_nrpe and NSClient: unknow protocol 252
Posted: Tue Apr 12, 2016 2:45 pm
by lmiltchev
Here's what I have in my nsclient.ini file (running NSClient++ ver. 0.4.4.15):
Code: Select all
[/settings/NRPE/server]
verify mode = none
insecure = true
use ssl = 1
allow nasty characters = 1
allow arguments = 1
port = 5666
extended response = 0
Also, change this:
to this:
and restart NSClient++ service. Let us know if this helped.
Re: check_nrpe and NSClient: unknow protocol 252
Posted: Tue Apr 12, 2016 2:52 pm
by lgroschen
Also good to note that you need to enable NRPE in the nsclient++ config since it isn't on by default. This may fix your issue, in addition to adding your nagios server as an allowed host. (EDIT: or just ignore this post and read the post from the above intelligent and dutiful support technician)
Re: check_nrpe and NSClient: unknow protocol 252
Posted: Tue Apr 12, 2016 3:36 pm
by scottwilkerson
Can you run this one more time and give more lines of output
Here's what I get, I've bolded the important part
NRPE Plugin for Nagios
Copyright (c) 1999-2008 Ethan Galstad (
[email protected])
Version: 2.12
Last Modified: 03-10-2008
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required
Re: check_nrpe and NSClient: unknow protocol 252
Posted: Tue Apr 19, 2016 4:53 am
by Bidouille
OK your posts help me to solve it
In [/settings/default] section, adding this line:
And now, that's work!