Hello,
I have configured a Nagios Core 4.4.14 in a Rocky Linux 8.10 host. All configuration seems to be running perfectly but, now, I need to check some hosts that are behind a NAT/firewall host (this host is already monitored and checked from my server). That hosts have, also, some services (disk, load, check some NFS folders) that should be checked. If a use NRPE, I suppose I need to open some port s in the NAT/firewall to check all servers (one port to each host), so my question is if there is a better configuration to check that servers and their services.
Thanks.
Using NRPE would work good for this.
By default, the NRPE daemon listens on TCP port 5666 so make sure that port is open.
Also, if you use a dedicated daemon for NRPE, then you need to add the Nagios server's IP address to the nrpe.cfg configuration file /usr/local/nagios/etc/nrpe.cfg.
Thank you,
Nagios Support
Hi,
I use NRPE to execute some scripts for checking NFS mountpoints, firewall rules, etc on remote servers, but in this question, some servers are behind a NAT, so by default, from an public IP address I can't access to that servers. What I do is have some iptables rules on the server that acts as "NAT/router" (public and private IP) and, then, that server redirects connection to the privates servers. With this configuration, if my Nagios servers executes a NRPE to that private servers, my NAT/router server would need to redirect each 5666 received connection to each 5666 port for each private server... With this scenario, I suppose it would be easier if NAT server redirect using a port range but if I have 1000 servers, I would need to configure 1000 redirection ports. So, if I want to avoid that and check directly from a Nagios with public IP to "n" privates nodes, is there any way?
Thanks.
