How to monitor Cisco IPsec VPN with Nagios

cisco-vpnmonitoringnagios

How to monitor Cisco IPsec VPN with Nagios? I want to check if a user can connect to VPN.

Best Answer

Try to do the following if you can:

Test the authentication backend - does your vpn authenticate against radius? if so, setup nagios with the radius plugin.
Check for gaps in VPN login times. If you are running a busy vpn server, most likely you see a login at least once every 10 minutes during business hours. I have a custom nagios plugin that queries the radius accounting database, and checks to see if anyone has successfully logged in in the past 10 minutes.

The above 2 'extra' checks have been invaluable.

Related Solutions

Nagios – How to Monitor Windows Host

Install the nsclient++ agent on windows, then configure your RHEL5 nagios config file accordingly.

There may be other windows nagios agents, or you can configure nagios to use remote probes with SNMP, but I've used nsclient++ and it works well.

Monitor DNS server with Nagios

# su - nagios [enter]

Go to the /usr/local/nagios/libexec dir (assuming you have installed nagios from source, if you have used a package from your distribution, check the docs of your package):

$ cd /usr/local/nagios/libexec

execute the check_dns plugin with the --help switch. It will give you all the available options:

$./check_dns --help
check_dns v1.4.15 (nagios-plugins 1.4.15)
Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>
Copyright (c) 2000-2008 Nagios Plugin Development Team
    <nagiosplug-devel@lists.sourceforge.net>

This plugin uses the nslookup program to obtain the IP address for the given host/domain query.
An optional DNS server to use may be specified.
If no DNS server is specified, the default server(s) specified in /etc/resolv.conf will be used.


Usage:
check_dns -H host [-s server] [-a expected-address] [-A] [-t timeout] [-w warn] [-c crit]

Options:
 -h, --help
    Print detailed help screen
 -V, --version
    Print version information
 -H, --hostname=HOST
    The name or address you want to query
 -s, --server=HOST
    Optional DNS server you want to use for the lookup
 -a, --expected-address=IP-ADDRESS|HOST
    Optional IP-ADDRESS you expect the DNS server to return. HOST must end with
    a dot (.). This option can be repeated multiple times (Returns OK if any
    value match). If multiple addresses are returned at once, you have to match
    the whole string of addresses separated with commas (sorted alphabetically).
 -A, --expect-authority
    Optionally expect the DNS server to be authoritative for the lookup
 -w, --warning=seconds
    Return warning if elapsed time exceeds value. Default off
 -c, --critical=seconds
    Return critical if elapsed time exceeds value. Default off
 -t, --timeout=INTEGER
    Seconds before connection times out (default: 10)

Send email to nagios-users@lists.sourceforge.net if you have questions
regarding use of this software. To submit patches or suggest improvements,
send email to nagiosplug-devel@lists.sourceforge.net

So, if you want to check that serverfault.com resolves to 69.59.196.211, yo do this:

./check_dns -H serverfault.com -a 69.59.196.211
DNS OK: 0.013 seconds response time. serverfault.com returns 69.59.196.211|time=0.012614s;;;0.000000

As you can see you can also especify which DNS server to query with the -s switch, warning and critical thresholds, etc. Once you're satisfied with the check you run from the cli, you edit the nagios config file where you define the services (probably services.cfg) and apply the check to a given host(group). But that is much better documented in the fine manual you can even read from the web interface that got installed when you installed nagios.

Best Answer

Related Solutions

Nagios – How to Monitor Windows Host

Monitor DNS server with Nagios

Related Topic