Nagios Support Forum

We are using NSCA to send encrypted passive check updates from one Nagios server ("Nagios1") to another ("Nagios2").
The issue is that using AES256 encryption works fine, but AES128 cannot get any messages to the receiving server.

Versions:
NSCA 2.9.2
JSendNSCA 2.1.1
BouncyCastle 1.54

JSendNSCA (sending side, "Nagios1") is generating this exception when using AES128 encryption:
Exception trying to send passive check to Nagios: Read timed out
java.net.SocketTimeoutException: Read timed out
In /var/log/messages on the server ("Nagios2") side we see:
Received invalid packet type/version from client - possibly due to client using wrong password or crypto algorithm?

We have configured /usr/local/nagios/etc/nsca.cfg on the receiving host "Nagios2", and restarted nsca service (>service nsca restart):
decryption_method=14 (when testing AES128)
decryption_method=16 (when testing AES256)

Is there anything related to the NSCA Server on the receiving end ("Nagios2") that we need to recompile or modify to change decryption method, other than nsca.cfg?

Any help would be greatly appreciated!

I hadn't heard of the JSendNSCA or BouncyCastle packages before today, so I'd like to rule those out first. Can you try sending using the standard send_nsca we provide? It is available on our GitHub here: https://github.com/NagiosEnterprises/nsca

If you still are having the issue using that send_nsca binary, we can look into this further.