monitoring remote networks

[Jim Avery]

2009/3/19 Mark Weaver <mweaver at compinfosystems.com>:
> Hi Jim,
>
> There's the rub... they're not remote or child branches of the same company
> or parent. These are separate entities. Actively monitoring the router is
> like falling out of bed, however there is a single IP for that remote client
> router with a LAN subnet behind it. I'm trying to wrap my brain around  a
> number of things all at once here.
>
> Setup the host groups... ok. not a problem of course these groups would have
> a different parent than the ones on my LAN where the nag server is, but the
> hosts would all have the same IP address given that there's no site-to-site
> connection between my network where the Nag server is and the remote LAN.
> It's ok if all checks are passive as long as Nagios doesn't mind that all
> the hosts have the same IP address defined in the host files for this remote
> network.

I doubt there should be a problem having all of the checks passive.
NSClient++ has nsca functionality built-in now.  I think it's
currently beta status, but I've been using it for months in a similar
situation here (remote site on one-way VPN) without any problems.
Admittedly, I didn't bother trying to set up passive host checks as I
was more interested in the performance data than anything else.  Of
course this means you can only really monitor nodes which are able to
send passive checks (Unix  and Windows hosts and not much else) unless
you script some checks on those hosts to montitor the other stuff.

Alternatively, you might consider installing a small Nagios server on
each customer site.  You could then, if you wish, configure it only to
send a check result back to your central Nagios server if any state
changes, and send the occasional heartbeat check to make sure it's
working.  The advantage of this is that you can monitor whatever you
like (printers, switches, etc,) on the customer site and keep the
amount of bandwidth used down to an absolute minimum (if that's
important to you).  It also means that your customer can have a view
of how their systems are doing even if their internet connection is
down at the time and it means you can guarantee that one customer
can't see the status of another customer's systems.

You will of course need to enable the relevant ports in your firewall
to allow the incoming passive connections (regardless of which method
you choose).

Cheers,

Jim

------------------------------------------------------------------------------
Apps built with the Adobe(R) Flex(R) framework and Flex Builder(TM) are
powering Web 2.0 with engaging, cross-platform capabilities. Quickly and
easily build your RIAs with Flex Builder, the Eclipse(TM)based development
software that enables intelligent coding and step-through debugging.
Download the free 60 day trial. http://p.sf.net/sfu/www-adobe-com
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null