> The agents in my local network(192.x.x.x)) instead, are able to authenticate > over port 1515 TCP, but not to send logs over 1514 UDP. The agents log said > that they are unable to connect over that port. > > If I temporally change the port 1514 UDP to 1514 TCP in my HIDS nodes, and > make the same change on Nginx configuration, they are able to send logs > like nothing happen
This gives more things to test: (I would also change the error_log level to notice and see if there is anything logged) 1. Can you test from any client in the lan (192.x.x.x) that you are able to connect to the nginx udp port Iand send some message /csee if it lands in the backends), for example with netcat: nc -u your.centos.ip 1514 2. See if you are able to actually connect from the centos box to the backends: nc -u 10.0.0.7 1514 With two network interfaces there might be also routing issues and depending on the configuration you could need to specify the outgoing 10.x interface with proxy_bind (https://nginx.org/en/docs/stream/ngx_stream_proxy_module.html?#proxy_bind) Something like: server { listen 1514 udp; proxy_pass mycluster; proxy_bind 10.x.x.x; // the ip of the centos machine } rr _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
