Nrpe install error

Hi,

I have installed nagios 3.2.0 and nagios-plugins-1.4.14 and nrpe-2.12 on a server named “NAGIOS” for monitoring remote linux and windows servers. The “NAGIOS” [ip add is: [ 192.168.1.1/24 ]server has kernel version 2.6.27.21-170.2.56.fc10.i686 running on it. This is a virtual machine.

I have installed nrpe on both nagios server and remote linux server which is a webserver named “ISA” [IP add is 192.168.1.10/24] that has to be monitored for its public and private services.

I get following outputs/errors when i run following:

[root@nagios ~]# /usr/local/nagios/libexec/check_nrpe -H localhost
Connection refused by host
[root@nagios ~]# /usr/local/nagios/libexec/check_nrpe -H 192.168.1.1
Connection refused by host
[root@nagios ~]# /usr/local/nagios/libexec/check_nrpe -H 192.168.1.10 ---->[192.168.1.10 is IP add of webserver ISA]
NRPE v2.12

[root@ISA ~]# /usr/local/nagios/libexec/check_nrpe -H localhost
CHECK_NRPE: Error - Could not complete SSL handshake.
[root@ISA ~]# /usr/local/nagios/libexec/check_nrpe -H 192.168.1.1
Connection refused or timed out

Here nrpe is not an xinetd based service, rather it is a standalone service. I compiled nrpe with “ssl” option on webserver i.e., ISA. Cant find where the problem is? Please help, i have been trying to find the mistake for more than 2 weeks.

remote-linux-host# /usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.12

this is what we are ideally supposed to get

remote-linux-host# /usr/local/nagios/libexec/check_nrpe -H localhost
CHECK_NRPE: Error - Could not complete SSL handshake.
above is the output i get…

If i use IP address of remote-linux-host that is 192.168.1.10 i get correct output…here it is
remote-linux-host# /usr/local/nagios/libexec/check_nrpe -H 192.168.1.10
NRPE v2.12
nagios-host# /usr/local/nagios/libexec/check_nrpe -H 192.168.1.10
NRPE v2.12
if i get correct output using ip address instead of localhost? Is this correct? Please suggest…

If I understand what your trying to say, you would like the VM to talk to the host machine’s loop-back interface?

You are going to have to route things using a shared address of some sort and then DNAT your way to 127.0.0.1. Configure a private network, 10.50.207.140/30 where one box is 10.50.207.141 and the other is 10.50.207.142.

The other solution is that this is just impossible and you should forget about it, that is to say if you can’t figure it out from here don’t expect any help.