Use "any" for the IP of the agents. The IPs have to be unique (or a CIDR range, and /32 is too small of a range).
On Fri, Oct 15, 2010 at 4:35 AM, tux3132 <[email protected]> wrote: > I > > I have installed one agent on a (linux) host on a private network > behind a firewall connected to the net with a static public IP > address. This agent contact an Ossec server with also a static public > IP address. The Ossec server is also behind a firewall on which the > 1514/UDP port is redirected to the private address of this server. > > - On the server with manage-agent I give the public IP of the firewall > behind which the agent reside. > - On the client I have in ossec.conf: > > <client> > <server-ip>public_IP_of_the_OSSEC_server</server-ip> > </client> > > When I import the key I have a good message. > > I run the agent and all is working fine. > > The problem arise when I add a new agent. On the server I have two > agent with the same IP and the second agent can't connect to the > server (the first one continue working fine). > I have carefully read this doc : > http://www.ossec.net/doc/manual/agent/agent-dhcp-nat.html > I have tried to add the agent on the server with a CID format of IP > address : public_IP_of_the_agent/32 but no more job ! > > Do you know how can I circumvent this problem because it mean that I > need one Ossec server on each site ? > > Anticipated thanks. > > Best regards. > >
