Nagios Support Forum

Please kindly advice, i want to setup a nagios server on a public ip and i want to monitor machines on clients end and the machines will be on private ip's. How can i go around this ?

One technique would be to use passive checks on the remote (private) machines that schedule their own service checks and use NRDP or NSCA to report their results back to the Nagios server.

Another technique would be to have a second NIC on your Nagios box that spans both networks, but that may present security issues.

Another technique would be to make use of a firewall hole that allows something like SSH or NRPE to pass through to the private network, and wrap all your remote checks in a check_by_ssh or check_nrpe wrapper.

Another technique would be to make use of mod_gearman on a worker installed in the private network and allow firewall traffic to/from that machine from/to the Nagios machine (assumes you can assign at least one public IP).

And lastly, just as a general comment, without knowing more about your specific network setup and security requirements, there is no way to be able to really answer your question.

My preferred method would be to give your Nagios XI host a private IP in the same subnet as the hosts you wish to monitor. Then on your router, forward ports 22 (ssh) 80 (http) and 443 (https) of your public IP address to ports 22, 80, and 443 of your XI host's private IP. That would give you access to the Nagios XI web GUI and ssh from the internet over the public IP address. This configuration would also give you access to the XI host from inside your network without traveling out to the internet and back in. If you have a network administrator, configuring port forwarding in this way should be a trivial task.

Hope this helps.