Thanks Assaf and Jim for the detailed response. Assaf - We need to keep the local firewall ON as per policy Jim - SELinux is disabled on the server so saved from the SElinux trouble. <div class="gmail_quote"> On Mon, Feb 22, 2010 at 6:39 PM, Jim Avery <<a href="mailto:jim@jimavery.me.uk">jim@jimavery.me.uk</a>> wrote: <blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;"> <div><div></div><div class="h5">On 22 February 2010 09:06, Jerry Joy <<a href="mailto:jerryapr7@gmail.com">jerryapr7@gmail.com</a>> wrote: > Hi, > > I have setup a Nagios server on RHEL 5 and it has the local firewall "ON". > What exactly are the changes required on the local firewall so that Nagios > core server is able to accept reports from NRPE and NSClient++ agents. I > don't see a fixed port used by Nagios core. > > Thanks, > Jerry </div></div>The Nagios server will pull check results using nrpe so you shouldn't need to open a specific port. Likewise, usually the Nagios server will query the NSClient++ agent either using the same nrpe protocol or using the check_nt protocol in which case you also shouldn't need to open a specific port. However, if you have configure NSClient++ to send check results to Nagios using the NSCA protocol, you will need to configure the nsca daemon on your Nagios server to receive these checks and forward them to Nagios. The port the nsca daemon listens on is configurable - by default it's port 5667. Another problem I have seen in the past with RedHat variants of Linux is that SELinux can be a right pain to configure to get things like nsca working. I used to disable SELinux, but now I tend to use Debian derived versions of Linux rather then RedHat so don't see this problem. hth, Jim </blockquote></div>