Just a guess, but try allowing 1514/udp in/out between the two public IPs. The private IPs are fully natted or just port nat? If just port nat then make sure the ports are forwarding correctly.
On Aug 11, 10:49 am, Frank Moss <[email protected]> wrote: > I have a situation that I need some help with. > here is a quick diagram of the traffic flow to ossec > 192.168.100.x -> Static public NAT IP -> Internet -> Firewall NAT IP > (external side) -> OSSEC Server 192.168.0.x > > No matter what IP I use for the servers i cannot get them to connect - I > am guessing that I need to setup some kind of reverse nat for the > servers in the Firewall next to the OSSEC server. > > I am able to get through on the port 1514. > the error I am recieving is: > 2009/08/09 18:16:26 ossec-agent: INFO: Trying to connect to server > (CLIENT IP:1514). > 2009/08/09 18:16:47 ossec-agent(4101): WARN: Waiting for server reply > (not started). Tried: 'FIREWALL PUBLIC IP'. > > The "CLIENT IP" listed above has been the 192.168.100.x IP and the > Static Public NAT IP of the server depending on the setup. > > Please help > Frank > > - > Frank Moss > nine 13 tech > 314-968-8049 < office > 314-494-2207 < mobile > [email protected]http://nine13tech.com > > signature.asc > < 1KViewDownload
