NRPE refused connect

shacky shacky83 at gmail.com
Wed Dec 16 01:32:52 CET 2009

Previous message: Question - Scripting to stop monitor
Next message: NRPE refused connect
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi.

I installed the check_nrpe plugin on the Nagios server and NRPE
running as daemon on the host I have to monitor, both compiled with
SSL support and the dh.h file created and saved in the include/
directory on the NRPE host.

[root at monitored-host ~]# /opt/nrpe/bin/nrpe
NRPE - Nagios Remote Plugin Executor
Copyright (c) 1999-2008 Ethan Galstad (nagios at nagios.org)
Version: 2.12
Last Modified: 03-10-2008
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required
TCP Wrappers Available

nagios-server:/# /usr/local/nagios/libexec/check_nrpe
Incorrect command line arguments supplied
NRPE Plugin for Nagios
Copyright (c) 1999-2008 Ethan Galstad (nagios at nagios.org)
Version: 2.12
Last Modified: 03-10-2008
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required

The IP address of the Nagios server is specified in the
"allowed_hosts" declaration in the nrpe.cfg file:

[root at monitored-host ~]# grep allowed_hosts /opt/nrpe/etc/nrpe.cfg
allowed_hosts=192.168.10.250

The problem is that if I try to execute the check_nrpe command to test
the NRPE daemon on the monitored host, I receive this error:

nagios-server:/# /usr/local/nagios/libexec/check_nrpe -H 192.168.10.18
CHECK_NRPE: Error - Could not complete SSL handshake.

On the monitored host I see that the IP address of the Nagios server
is allowed and then refused:

[root at monitored-host ~]# tail /var/log/messages
Dec 16 01:24:27 monitored-host nrpe[25047]: INFO: SSL/TLS initialized.
All network traffic will be encrypted.
Dec 16 01:24:27 monitored-host nrpe[25048]: Starting up daemon
Dec 16 01:24:27 monitored-host nrpe[25048]: Warning: Daemon is
configured to accept command arguments from clients!
Dec 16 01:24:27 monitored-host nrpe[25048]: Listening for connections
on port 5666
Dec 16 01:24:27 monitored-host nrpe[25048]: Allowing connections from:
192.168.10.250
Dec 16 01:27:01 monitored-host nrpe[25063]: refused connect from
192.168.10.250 (192.168.10.250)

What is the problem?
It is not a firewall problem because the connection works, and it does
not seems to be a SSL related problem because it does not work even if
I try the check command disabling SSL with -n (and the NRPE daemon
runned with -n also), and it is quite curious to have two opposite log
messages.

Could you help me please? I worked all the afternoon trying to let it
work, but it does not work...

Thank you very much!!
Bye.

------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev 
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: Question - Scripting to stop monitor
Next message: NRPE refused connect
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list