Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

check_ipsec

Rating
1 vote
Favoured:
1
Hits
104975
Files:
FileDescription
check_ipseccheck_ipsec
Network Monitoring Software - Download Nagios XI
Log Management Software - Nagios Log Server - Download
Netflow Analysis Software - Nagios Network Analyzer - Download
Check ipsec connections from openswan or strongswan
Checks vpn connection status of an openswan or strongswan installation.

Usage: check_ipsec --tunnels

./check_ipsec --tunnels 10
OK - All 10 tunnels are up an running


You have to run this plugin with nrpe.
Add these lines to /etc/sudoers:

Cmnd_Alias IPSEC = /usr/lib/nagios/plugins/check_ipsec
nagios ALL=NOPASSWD:IPSEC
Reviews (1)
Core pre-req requirement not mentioned:
FPING

Ubuntu16 instance had to modify the FPING path to usrinfping (not usrsbinfping)
Also had to modify the grep string check for the latest strongSwan tunnel check:
ORIGINAL: tunneltest=`$IPSECBIN status | grep -e "IPsec SA established" | grep -e "newest IPSEC" |grep -e $CONN | wc -l`
UPDATED: tunneltest=`$IPSECBIN status | grep -e "ESTABLISHED" | wc -l`

Suggest using full path in GATEWAYLIST variable instead of relative path and just a filename.

Works effectively once tweaked for the deployed environment.