Nagios Support Forum

We have nagios core 4.4.5 running on CentOS 7 (core)

We monitor ~75 vpn tunnels we have connected to our clients and all of the sudden a huge chunk just stopped working with the error


CRITICAL! VPN peer X.X.X.X unavailable.
this is the command we use
define service{
use vpn-service
host_name DALASA01_Primary
service_description ARL_To_VW
check_command check_tunnel!X.X.X.X
}


However we have about 5 tunnels that are showing okay. and its the SAME command just different IP
Avera
Perform Extra Service Actions
OK 02-17-2020 12:51:48 23d 23h 25m 24s 1/3 OK! VPN peer X.X.X.X available.

define service{
use vpn-service
host_name DALASA01_Primary
service_description Avera
check_command check_tunnel!198.179.214.5
}

We inherited this box from the previous IT person and we have not made any changes to the vpn tunnel cfg file


I can ping the IP's that are showing down and they do respond back, our ASA shows them to be connected. Im at a loss here, any help would be appreciated

Can you please post your command definition for check_tunnel

define command{
command_name check_tunnel
command_line $USER1$/check_asa_vpn.pl -H 10.10.15.5 -C oz -P $ARG1$

found it


define command{
command_name check_tunnel
command_line $USER1$/check_asa_vpn.pl -H 10.10.15.5 -C oz -P $ARG1$

On your nagios server can you execute the following command as the nagios user:

FYI
$USER1$ = /usr/local/nagios/libexec but may be different in your environment (it's defined in resources.cfg)

it shows up as okay.


we may have found the issue. It may be with the ASA, opened up the code of the check_asa command, and ran the snmp walk against the asa and it is only spitting out 9 active 'OK' tunnels.

Let us know how you go and if you need more help.