It's good !!! I had some doubt about a /32 netmask but I have never seen the keyword "any" in the doc. Where have you find this info ? Now all work fine.
A very great thank. Best regards. On 15 oct, 15:50, "dan (ddp)" <[email protected]> wrote: > Use "any" for the IP of the agents. The IPs have to be unique (or a > CIDR range, and /32 is too small of a range). > > On Fri, Oct 15, 2010 at 4:35 AM, tux3132 <[email protected]> wrote: > > I > > > I have installed one agent on a (linux) host on a private network > > behind a firewall connected to the net with a static public IP > > address. This agent contact an Ossec server with also a static public > > IP address. The Ossec server is also behind a firewall on which the > > 1514/UDP port is redirected to the private address of this server. > > > - On the server with manage-agent I give the public IP of the firewall > > behind which the agent reside. > > - On the client I have in ossec.conf: > > > <client> > > <server-ip>public_IP_of_the_OSSEC_server</server-ip> > > </client> > > > When I import the key I have a good message. > > > I run the agent and all is working fine. > > > The problem arise when I add a new agent. On the server I have two > > agent with the same IP and the second agent can't connect to the > > server (the first one continue working fine). > > I have carefully read this doc > > :http://www.ossec.net/doc/manual/agent/agent-dhcp-nat.html > > I have tried to add the agent on the server with a CID format of IP > > address : public_IP_of_the_agent/32 but no more job ! > > > Do you know how can I circumvent this problem because it mean that I > > need one Ossec server on each site ? > > > Anticipated thanks. > > > Best regards.
