On Dec 12, 2008, at 2:45 PM, Grant Lowe wrote: > Hi Andy, > > Bear with me. I'm trying to understand all this > > Hmm. That makes sense. Judging by the IP address in the NRPE logs, > that looks like its a problem. The IP address it says its not > allowed to talk to is the NAT'ed IP address, not the real IP > address, of the Nagios server.
This is what I was asking earlier ;) > I can ping the Nagios servver by IP and it does respond correctly, You can ping the private, 172.20.40.45 address? That would be a very unusual configuration if you're also seeing a public address on the NRPE side. I expect the box would have to be dual-homed for that to happen, in which case your NRPE box would also have to have an IP on the private network and you could tell Nagios to use that one instead of the one you're using now (completely guessing about your network architecture so MyMMV). > But doing a who, or a netstat -a and grepping for established > connections shows the NAT'ed IP. All addresses are adddresses that > we own. I'm at a loss of how to correct this. How do I get the > networking folks to show the NRPE host the real IP address of the > server? Can it be done? They should know how, and it depends entirely on how your network is designed. There's no way we can tell you how without knowing that in significant detail ;) Is there a reason you can't just permit the public NAT IP that NRPE is seeing? Seems to me to be the most direct and easiest solution. -- Marc ------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/ _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
