I have OSSEC 2.8.1 server installed on CentOS 7. I have OSSEC 2.8.1 agent installed on a separate CentOS 6 box. The agent cannot connect to the server and I do not understand why.
When the agent starts, I see this in the logs: 2015/05/14 15:35:11 ossec-agentd: INFO: Trying to connect to server (192.168.2.4:1514). 2015/05/14 15:35:11 ossec-agentd: INFO: Using IPv4 for: 192.168.2.4 . 2015/05/14 15:35:32 ossec-agentd(4101): WARN: Waiting for server reply (not started). Tried: '192.168.2.4'. The server ossec.log show absolutely nothing while the agent is attempting to connect. This would lead me to believe it's a firewall (or general connectivity problem). However, I can connect to the server machine from the agent machine just fine using netcat. E.g., nc -uv 192.168.2.4 1514 If I type random things into the server after connecting with netcat, I get the expected log entries on the server: 2015/05/15 15:39:37 ossec-remoted(1403): ERROR: Incorrectly formated message from '192.168.2.3'. So far as I can tell, the agent machine has connectivity to UDP 1514 on the server machine, except ossec-agentd does not. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to ossec-list+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
