• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Policy rules for Nagios running on ISA

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> Policy rules for Nagios running on ISA Page: [1]
Login
Message << Older Topic   Newer Topic >>
Policy rules for Nagios running on ISA - 17.Jul.2006 5:18:51 PM   
jasho.mendinka

 

Posts: 4
Joined: 2.Dec.2005
Status: offline
Hello All,

I have an ISA2004 Std. Edition and I have a problem configuring rules to allow the Nagios Agent, running on ISA, to get polled by the Nagios server. In ISA there is a persistent route to network 192.168.10.0/24 via 192.168.100.1. The Nagios server can be pinged from ISA (it was added to system policy).


The server polls the agents regularly using TCP dst.port = 5666 and src.port > 1023. The Nagios Agent is running on ISA server and the configuration is described below:
 
Nagios Server (192.168.10.9)
|
Router (192.168.100.1 and 192.168.10.1)
|
LocalNet (192.168.100.0/24)
|
ISA (internal interface is 192.168.100.2)
|
Internet (External)
 

My doubt is regarding protocol definition on ISA. How to create an access rule, using an user defined protocol that can work properly?
 
So far, Ive created a rule and protocol defition for Nagios, described below:
 
Access-rule Allow Nagios Comm. to ISA
{
    Action { Allow }
    Protocol { Nagios
        {  Primary Connections
                   PortRange {1024-65535}
               protocol-type {TCP}
               Direction {Outbound}
        }
    }
    From {NagiosServer {192.168.10.9} }
    To { LocalHost }
    Condition {All Users}
}
 
Any Ideas??? Id really appreciate comments here!
Regards,
Jasho.
Post #: 1
RE: Policy rules for Nagios running on ISA - 23.Jul.2006 9:50:35 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
What's Nagios?

What protocols do it use?

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to jasho.mendinka)
Post #: 2
RE: Policy rules for Nagios running on ISA - 2.Aug.2006 6:19:05 PM   
jasho.mendinka

 

Posts: 4
Joined: 2.Dec.2005
Status: offline
Hello Tom,

sorry for the delay in answering your last post.

What is Nagios?
Nagios is a great monitoring tool, a very nice alternative or compliment to MOM2005. Nagios is a host and service monitoring utility, designed to run under the Linux operating system. The monitoring daemon runs intermittent checks on hosts and services you specify using external "plugins" which return status information to Nagios.
More info: http://www.nagios.org/about/

What protocols does it use?
The Nagios server polls the Nagios agents using TCP dst.port = 5666 and src.port > 1023. The Nagios Agent runs on the monitored servers listens for requests from the Nagios server on port TCP 5666. So far I've create a protocol called 'Nagios TCP>1023', defined as follows:

Protocol { Nagios

        {  Primary Connections
                   PortRange {1024-65535}
               protocol-type {TCP}
               Direction {Outbound}
        }
    }

It is working, although I don't like the fact I cannot simply use destination port on the protocol definition! This would make life easier. :)

Thanks and keep up the nice work!
Greetings,
Jasho.

< Message edited by jasho.mendinka -- 3.Aug.2006 12:56:21 PM >

(in reply to tshinder)
Post #: 3
RE: Policy rules for Nagios running on ISA - 13.Aug.2006 7:27:21 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Jasho,

Thanks for the info on Nagios!

It looks like their documentation is incorrect, because if you go with their docs, you should be able to allow access with a single rule allow TCP 5666 outbound from the the Nagios server to the Local Host Network.

Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to jasho.mendinka)
Post #: 4
RE: Policy rules for Nagios running on ISA - 28.Oct.2010 3:24:59 PM   
gazy007

 

Posts: 43
Joined: 29.Aug.2008
Status: offline
quote:

ORIGINAL: tshinder

Hi Jasho,

Thanks for the info on Nagios!

It looks like their documentation is incorrect, because if you go with their docs, you should be able to allow access with a single rule allow TCP 5666 outbound from the the Nagios server to the Local Host Network.

Tom

Hi Tom,

I wanted to ask what rule would you create for nagios as I am having the same problem. An external company wants to collect info from our internal network to their web site where they can monitor the servers and network. I have tried inbound tcp 5666,tcp 4949(for munin) but it does not seem to be working I did publish this linux box but I got nowhere as I had to allow access to only one particular ip address. I have checked the log sometime this company source protocol is 56333 or 54717 and vice versa. Is there a way you could shed some light on it. I have 2006 Enterprise Isa server. Thanks

(in reply to tshinder)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> Policy rules for Nagios running on ISA Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts