NRPE refused connect

Natxo Asenjo natxo.asenjo at gmail.com
Tue Dec 22 17:34:31 CET 2009


did you restart the nrpe service/daemon on the client after modifying
the allowed hosts parameter?
-- 
Groeten,
J.Asenjo



On Wed, Dec 16, 2009 at 1:32 AM, shacky <shacky83 at gmail.com> wrote:
> Hi.
>
> I installed the check_nrpe plugin on the Nagios server and NRPE
> running as daemon on the host I have to monitor, both compiled with
> SSL support and the dh.h file created and saved in the include/
> directory on the NRPE host.
>
> [root at monitored-host ~]# /opt/nrpe/bin/nrpe
> NRPE - Nagios Remote Plugin Executor
> Copyright (c) 1999-2008 Ethan Galstad (nagios at nagios.org)
> Version: 2.12
> Last Modified: 03-10-2008
> License: GPL v2 with exemptions (-l for more info)
> SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required
> TCP Wrappers Available
>
> nagios-server:/# /usr/local/nagios/libexec/check_nrpe
> Incorrect command line arguments supplied
> NRPE Plugin for Nagios
> Copyright (c) 1999-2008 Ethan Galstad (nagios at nagios.org)
> Version: 2.12
> Last Modified: 03-10-2008
> License: GPL v2 with exemptions (-l for more info)
> SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required
>
> The IP address of the Nagios server is specified in the
> "allowed_hosts" declaration in the nrpe.cfg file:
>
> [root at monitored-host ~]# grep allowed_hosts /opt/nrpe/etc/nrpe.cfg
> allowed_hosts=192.168.10.250
>
> The problem is that if I try to execute the check_nrpe command to test
> the NRPE daemon on the monitored host, I receive this error:
>
> nagios-server:/# /usr/local/nagios/libexec/check_nrpe -H 192.168.10.18
> CHECK_NRPE: Error - Could not complete SSL handshake.
>
> On the monitored host I see that the IP address of the Nagios server
> is allowed and then refused:
>
> [root at monitored-host ~]# tail /var/log/messages
> Dec 16 01:24:27 monitored-host nrpe[25047]: INFO: SSL/TLS initialized.
> All network traffic will be encrypted.
> Dec 16 01:24:27 monitored-host nrpe[25048]: Starting up daemon
> Dec 16 01:24:27 monitored-host nrpe[25048]: Warning: Daemon is
> configured to accept command arguments from clients!
> Dec 16 01:24:27 monitored-host nrpe[25048]: Listening for connections
> on port 5666
> Dec 16 01:24:27 monitored-host nrpe[25048]: Allowing connections from:
> 192.168.10.250
> Dec 16 01:27:01 monitored-host nrpe[25063]: refused connect from
> 192.168.10.250 (192.168.10.250)
>
> What is the problem?
> It is not a firewall problem because the connection works, and it does
> not seems to be a SSL related problem because it does not work even if
> I try the check command disabling SSL with -n (and the NRPE daemon
> runned with -n also), and it is quite curious to have two opposite log
> messages.
>
> Could you help me please? I worked all the afternoon trying to let it
> work, but it does not work...
>
> Thank you very much!!
> Bye.
>
> ------------------------------------------------------------------------------
> This SF.Net email is sponsored by the Verizon Developer Community
> Take advantage of Verizon's best-in-class app development support
> A streamlined, 14 day to market process makes app distribution fast and easy
> Join now and get one step closer to millions of Verizon customers
> http://p.sf.net/sfu/verizon-dev2dev
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>

------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev 
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list