When you say it is successful, do you mean that you see something like this:

[***@nagios-server /]# telnet nrpe-client 5666
Trying x.x.x.x...
Connected to nrpe-client.domain.com (x.x.x.x).
Escape character is '^]'.



If you do see something like this (i.e. 'Connected to ...'), then you
are able to telnet to the host on that port.
What failure are you experiencing? What exactly is the problem? Are you
using NRPE standalone or through inetd/xinetd? What operating system(s)
are you using?

Regards,
Guy.

Nagios FAQ
http://www.nagios.org/faqs/viewfaq.php?faq_id=261&expand=false&showdesc=false

I was thinking the cause of tcp wrapper, but actually i am running from
xined, should be any tcp wrapper
------------------------------------------------------------------------------------------
I get this while telnet port 5666

Trying X.X.X.X...
Connected to X.X.X.X.
Escape character is '^]'.
Connection closed by foreign host.

I do this at my NRPE client, is it a proper way?
1) Create nrpe file > /etc/xinetd.d/nrpe

# default: on
# description: NRPE
service nrpe
{
flags = REUSE
socket_type = stream
wait = no
user = nagios
server = /usr/local/nagios/nrpe
server_args = -c /usr/local/nagios/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = 192.168.10.50
}

2) set port 5666 > /etc/services
nrpe 5666/tcp # NRPE

3) /usr/local/nagios/nrpe -c /usr/local/nagios/nrpe.cfg -i
------------------------------------------------------------------------------------------
I am using hard code from nrpe.cfg,
command[check_load]=/usr/local/nagios/libexec/check_load -w 15,10,5 -c
30,25,20


Define in Nagios server
1) in checkcommands.cfg

define command{
command_name check_nrpe
command_line $USER1$/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
}

2) # Service definition
define service{
use generic-service

host_name Testing
service_description Check Load
is_volatile 0
check_period 24x7
max_check_attempts 3
normal_check_interval 3
retry_check_interval 1
contact_groups Support-Team
notification_interval 120
notification_period 24x7
notification_options w,u,c,r
check_command check_nrpe!check_load
}


------------------------------------------------------------------------------------------

What are the things i left? Is there any mismatch of configuration
Thanks you for the reply but i still need your help :)

Regards,
Eugene


----- Original Message -----
From: "Guy Waugh" <gwaugh-CK+cXun/***@public.gmane.org>
To: "eugene" <eugene-***@public.gmane.org>
Cc: <nagiosplug-help-5NWGOfrQmneRv+***@public.gmane.org>
Sent: Wednesday, May 18, 2005 8:01 AM
Subject: Re: [Nagiosplug-help] Fail to telnet NRPE port (5666)

On my hosts (RHEL3), I had to allow connections to NRPE from the Nagios
host in /etc/hosts.allow, so TCP wrappers do seem to affect access to
xinetd services (at least on RHEL3).
Looks good (I think)... how soon does the connection close after saying
'Connected to ...'? If it is immediately, it may be something like TCP
wrappers, or the 'only from ...' line in your /etc/xinetd.d/nrpe file.
Looks good - did you SIGHUP xinetd after adding this file into
/etc/xinetd.d?
Looks good...
Looks good, provided you are not using user-supplied arguments...
Looks good, provided once again that you are not using user-supplied args...
Looks good to me as well.
Not that I can see...

Have you tried running the check_load command on the remote machine?
Does it work?

If it does, what happens when you call the 'check_load' command on the
remote machine using check_nrpe on the Nagios host? Does it work?

Regards,
Guy.

<snip>

This is just to verify if you can access your web site. You don't have to log on to the server . What you have to do is to telnet to the http port (i.e. what the browser does)

Thanks,
Amitabh

-----Original Message-----
From: nagiosplug-help-admin-5NWGOfrQmneRv+***@public.gmane.org [mailto:nagiosplug-help-admin-5NWGOfrQmneRv+***@public.gmane.org]On Behalf Of eugene
Sent: Tuesday, May 17, 2005 7:48 PM
To: nagiosplug-help-5NWGOfrQmneRv+***@public.gmane.org
Subject: [Nagiosplug-help] Fail to telnet NRPE port (5666)


When i try to telnet to port 5666 on my remote server, it will success but the telnet will drop after a few second
Can i know what is the problem? Anyone who is encounter this problem?

I am having difficuilties to use NRPE, anyone has NRPE documentation? I had read its own documentation and also try to work on it
, but still encounter failure

Thank You....



Eugene Than
HelpDesk Support, Network and System
MNC Wireless Berhad (635884-T)
No. 45, Block A, Level 3, Unit 3.03,
Medan Setia 1, Plaza Damansara,
Bukit Damansara, 50490 Kuala Lumpur

M: +6012-613 4855
T: +603-2095 6063
F: +603-2093 5909
E: eugene-***@public.gmane.org
W: www.mnc.com.my
Mobile Portal: www.gospecial.com

_____

This email is intended only for the use of the individual or entity named above and may contain information that is confidential and/or privileged. If you are not the intended recipient, you are hereby notified that any review, retransmission, dissemination, distribution, copying of, or other use of, or taking of any action in reliance upon this email is strictly prohibited. When addressed to our clients, any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing MNC client engagement letter. If you have received this email in error, please notify us immediately by return email or telephone +603-2095 6063 and destroy the original message. Thank you.

Guy,

I got some question as below,
- Do you mean i need to allow the IP of my nagios server?
I had done it > ALL: X.X.X.X
It disconnetec after few seconds (3-5 sec)
How to run it? what is the command? I thought it only can run on nagios
server?
1 more question,
Do I need to install nagios plugins in Remote machine? Cause i only install
plugin in Nagios server

Thanks for the reply again :) Still need ur help

Regards,
Eugene

----- Original Message -----
From: "Guy Waugh" <gwaugh-CK+cXun/***@public.gmane.org>
To: "eugene" <eugene-***@public.gmane.org>; <nagiosplug-help-5NWGOfrQmneRv+***@public.gmane.org>
Sent: Wednesday, May 18, 2005 10:18 AM
Subject: Re: [Nagiosplug-help] Fail to telnet NRPE port (5666)

Hi Eugene,
OK, looks good.
Ah-hah! Yes, you need to install the plugins on the remote machine. You
don't have to install Nagios, just the plugins. This is necessary
because NRPE on the remote machine executes the plugins on the remote
machine.

HTH,
Guy.
<snip>

Guy,
I had install plugin in the remote host with below, can i know is it the
proper way?

./configure --prefix=/usr/local/nagios/ --with-nagios-user=nagios --with-nagios-group=nagios
make all
make install

I had tried to run the check_load in remote host and it works,

[***@Testinglibexec]# ./check_load -w 5 -c 6
OK - load average: 0.00, 0.03,
0.03|load1=0.000000;5.000000;6.000000;0.000000
load5=0.030000;5.000000;6.000000;0.000000
load15=0.030000;5.000000;6.000000;0.000000

I also tried to run check_nrpe in Nagios server but i got same error,
CHECK_NRPE: Error - Could not complete SSL handshake.

Can i know how and why? I still need your help Guy :)
Thanks for the reply

I think the config is almost there to make it work. I strongly believe you
can help me :)

Regards,
Eugene

Hi Eugene,
You should read the documentation for this kind of question, but it
looks OK to me.
OK, if this is on the remote host, then this is good.
How are you running check_nrpe on the Nagios server? I think it should
be something like this:

check_nrpe -H <remote-host> -c check_load -a 5 6

(you put the arguments for the check_load plugin after the '-a', as above.)

If that doesn't work, then something is wrong with check_nrpe on the
Nagios server calling NRPE on the remote server.
I strongly believe that this is probably the case ;-)

Ciao,
Guy.

Guy,

Thank You for the help :)

Unfortunately I still get this while i use the below command in Nagios
server

./check_nrpe -H 10.1.8.248 -c check_load -a 5 6
CHECK_NRPE: Error - Could not complete SSL handshake.

Do you have any idea? What are the documentation you refer to previously
when u setup NRPE plugin?
Can i have it please?

Regards,
Eugene

----- Original Message -----
From: "Guy Waugh" <gwaugh-CK+cXun/***@public.gmane.org>
To: "eugene" <eugene-***@public.gmane.org>
Cc: <nagiosplug-help-5NWGOfrQmneRv+***@public.gmane.org>
Sent: Thursday, May 19, 2005 8:00 AM
Subject: Re: [Nagiosplug-help] Fail to telnet NRPE port (5666)

From memory, I got this a bit when I first set up NRPE. It basically
gives this error if check_nrpe on the Nagios server can't get a response
from NRPE on the remote server.

Just a thought: Have you set up the nagios user on the remote host? This
is necessary, as this user is specified in your /etc/xinetd.d/nrpe file...

If you have already set up the nagios user on the remote host, have you
tried executing the check_load plugin on the remote host as the nagios user?
I was referring to the Nagios and Nagios Plugins documentation, i.e. how
you set up Nagios and the plugins.

Regards,
Guy.
<snip>

Eugene,

if you do not want to do a search through older mails :-> in this list, you
may append -n to the command line on both nagios host an monitored client.
In my case, I use "check_nrpe -n -H ...." on the nagios host and "nrpe -c
/etc/nrpe.cfg -n --inetd" on the monitored host.

When you search long enough you may find the info that -n disables SSL
communication. And when you search a bit more, you will find the way you
can create and share the certificates that are needed for SSL ;-)

HTH,
Werner

Guy,
I also create a nagios user in remote host
I tried to login as "nagios" and use the check_load plugin as below. It works

[***@Testing libexec]$ ./check_load -w 5 -c 6
OK - load average: 0.00, 0.00, 0.00|load1=0.000000;5.000000;6.000000;0.000000 load5=0.000000;5.000000;6.000000;0.000000 load15=0.000000;5.000000;6.000000;0.000000

How to check all the steps below? I get this from nagios FAQ


a.. Different versions. Make sure you are using the same version of the check_nrpe plugin and the NRPE daemon. Newer versions of NRPE are usually not backward compatible with older versions.
a.. SSL is disabled. Make sure both the NRPE daemon and the check_nrpe plugin were compiled with SSL support and that neither are being run without SSL support (using command line switches).
a.. Incorrect file permissions. Make sure the NRPE config file (nrpe.cfg) is readable by the user (i.e. nagios) that executes the NRPE binary from inetd/xinetd.
a.. Pseudo-random device files are not readable. Greg Haygood noted the following... "After wringing my hair out and digging around with truss, I figured out the problem on my Solaris 8 boxen. The files /devices/pseudo/random* (linked through /dev/*random, and provided by Sun patch 112438) were not readable by the nagios user I use to launch NRPE. Making the character devices world-readable solved it."
a.. Unallowed address. If you're running the NRPE daemon under xinetd, make sure that you have a line in the xinetd config file that say "only_from = xxx.xxx.xxx.xxx", where xxx.xxx.xxx.xxx is the IP address that you're connected to the NRPE daemon from.

------------------------------------------------------------------------------------------------------------
Different versions
- I should have the same version on both remote host and nagios server
- I am using nrpe-2.0

SSL is disabled
- How to check this?

Incorrect filer permission
- I think should be correct
-rw-rw-rw- 1 nagios nagios 5076 May 18 03:07 nrpe.cfg

Pseudo-random device files are not readable.
- How to check this?

Unallowed address
- I think is correct

# default: on
# description: NRPE
service nrpe
{
flags = REUSE
socket_type = stream
wait = no
user = nagios
server = /usr/local/nagios/nrpe
server_args = -c /usr/local/nagios/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = 10.1.8.77
}


--------------------------------------------------------
Any part i make mistake?

Guy, Thanks for the reply and help....
I still need help :)

Regards,
Eugene

So the Nagios server is 10.1.8.77...? Everything else looks good to me...

Is there anything in the logs, on either the Nagios server or the remote
server?

You could turn debug on in nrpe.cfg on the remote server, and send all
debug messages to a file in the remote server's /etc/syslog.conf...
maybe something will show up there. Otherwise, I'm out of ideas I'm
afraid...

Regards,
Guy.