i'm trying to get nagios to run a check on the isakmpd (UDP port 500) service on gateway machines for 2 private subnets connected by a VPN. additionally, i would like to include the isakmpd service as a dependency for the hosts that are checked behind the remote gateway, i.e. if the VPN isn't up nagios can't reach my remote hosts. it is likely noteworthy that the host running nagios is the local firewall/gateway.
to check UDP port 500, i've tried to list a service with "check_command check_udp!500". i cannot get this to work on the local or remote gateway. nagios issues the status information "No data was received from host!". when i issue a "nmap -P0 -sU -p 500 <either gateway>" from another local machine i get PORT STATE SERVICE 500/udp open|filtered isakmp Nmap finished: 1 IP address (1 host up) scanned in 2.044 seconds the "filtered" part is likely because the PF rules on the gateways are set to only allow the other gateway to connect on UDP port 500. do i need to change my PF rules? perhaps there is another way of checking this service of which i am unaware. also, in the event that the isakmpd service stops, the remote machines without public IPs will go critical. what is the best way to make these remote hosts depend on the status of the isakmpd service? just point me in the right direction and i'll do the rest. no excessive cluesticking required. cheers, jake ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
