VPN Based monitoring


#1

Hello !

Our company have been using Nagios and Centreon for quite a while now,
everything is working as it should, but we keep struggling with the fact that we cannot really monitor our customers via VPN, we use netscreen firewalls and zyxel routers,
this moment we have it setup like this the internal IP of the VPN-modem is the master host (dependencie) and the servers/switches behind it are dependent for it.

But this is not as it should i think, now i got the following qeustions:

  1. How do you users monitor systems who are behind VPN?
  2. Does anyone have good SNMP VPN netscreen/zyxel checks?
    we use netscreen SSG-140 as our main firewall.

#2

Someone already has an answer to this? We are very interested. We already used the check_netscreen_vpn . But this only works in combination with another Juniper.


#3

If your nagios server can’t route to the computers behind the VPN, you’re going to have to set up a Distributed nagios infrastructure.
nagios.sourceforge.net/docs/2_0/distributed.html

If your nagios server can see the servers behind the vpn, but checks are getting blocked by your firewall, I would suggest setting up NRPE on the servers behind the VPN and then allowing the port NRPE uses through the firewall.