Hi Marc, Well at least I'm understanding you now :->
Yeah, I can ping the private IP address of the nagios server. The public address I'm seeing is NAT'ed IP address. I'm not going to make the box dual-home, but an option seems to me to just give the Nagios server an external DNS name and IP, then have the firewall redirect the traffic to the internal IP address. You said "Is there a reason you can't just permit the public NAT IP that NRPE is seeing? Seems to me to be the most direct and easiest solution." I agree with you completely as that seems the easiest way. But I don't know if you can do that. Meanwhile, I got the network admin to allow port 5666 through the firewall, added a DNS entry on the external network. I then add the NAT'ed IP address to the nrpe.cfg file. Now when I start NRPE I get these errors in the syslog: ddress) Dec 12 14:27:04 nrpe-server nrpe[2455]: [ID 601491 daemon.notice] Starting up daemon Dec 12 14:27:04 nrpe-server nrpe[2455]: [ID 434846 daemon.error] Network server bind failure (126: Cannot assign requested address) Dec 12 14:27:04 nrpe-server svc.startd[7]: [ID 748625 daemon.error] network/cswnrpe:default failed repeatedly Now what? ----- Original Message ---- From: Marc Powell <m...@ena.com> To: nagios-user Mailinglist <nagios-users@lists.sourceforge.net> Sent: Friday, December 12, 2008 1:15:18 PM Subject: Re: [Nagios-users] Host is not allowed to talk to us! On Dec 12, 2008, at 2:45 PM, Grant Lowe wrote: > Hi Andy, > > Bear with me. I'm trying to understand all this > > Hmm. That makes sense. Judging by the IP address in the NRPE logs, > that looks like its a problem. The IP address it says its not > allowed to talk to is the NAT'ed IP address, not the real IP > address, of the Nagios server. This is what I was asking earlier ;) > I can ping the Nagios servver by IP and it does respond correctly, You can ping the private, 172.20.40.45 address? That would be a very unusual configuration if you're also seeing a public address on the NRPE side. I expect the box would have to be dual-homed for that to happen, in which case your NRPE box would also have to have an IP on the private network and you could tell Nagios to use that one instead of the one you're using now (completely guessing about your network architecture so MyMMV). > But doing a who, or a netstat -a and grepping for established > connections shows the NAT'ed IP. All addresses are adddresses that > we own. I'm at a loss of how to correct this. How do I get the > networking folks to show the NRPE host the real IP address of the > server? Can it be done? They should know how, and it depends entirely on how your network is designed. There's no way we can tell you how without knowing that in significant detail ;) Is there a reason you can't just permit the public NAT IP that NRPE is seeing? Seems to me to be the most direct and easiest solution. -- Marc ------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null ------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null