check_ipsec

Submit review Recommend Print

Rating

1 vote

Favoured:

Owner

nagiosexchange

Hits

113349

Files:

File	Description
check_ipsec	check_ipsec

Network Monitoring Software - Download Nagios XI

Log Management Software - Nagios Log Server - Download

Netflow Analysis Software - Nagios Network Analyzer - Download

Check ipsec connections from openswan or strongswan

Checks vpn connection status of an openswan or strongswan installation.

Usage: check_ipsec --tunnels

./check_ipsec --tunnels 10
OK - All 10 tunnels are up an running

You have to run this plugin with nrpe.
Add these lines to /etc/sudoers:

Cmnd_Alias IPSEC = /usr/lib/nagios/plugins/check_ipsec
nagios ALL=NOPASSWD:IPSEC

Reviews (1)

Not the easiest to get working, but simple enough to get your head around

byscar4me, February 13, 2017

Core pre-req requirement not mentioned:
FPING

Ubuntu16 instance had to modify the FPING path to usrinfping (not usrsbinfping)
Also had to modify the grep string check for the latest strongSwan tunnel check:
ORIGINAL: tunneltest=`$IPSECBIN status | grep -e "IPsec SA established" | grep -e "newest IPSEC" |grep -e $CONN | wc -l`
UPDATED: tunneltest=`$IPSECBIN status | grep -e "ESTABLISHED" | wc -l`

Suggest using full path in GATEWAYLIST variable instead of relative path and just a filename.

Works effectively once tweaked for the deployed environment.

Nagios, the Nagios logo, and Nagios graphics are the servicemarks, trademarks, or registered trademarks owned by Nagios Enterprises. All other servicemarks and trademarks are the property of their respective owner. The files and information on this site are the property of their respective owner(s). Nagios Enterprises makes no claims or warranties as to the fitness of any file or information on this website, for any purpose whatsoever. In fact, we officially disclaim all liability. We do, however, think these community contributions are pretty damn cool. Website Copyright © 2009-2024 Nagios Enterprises, LLC. All rights reserved.