Ad Widget

Collapse

Zabbix Through SSH Tunnel

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Fatboy125
    Junior Member
    • Apr 2011
    • 4
    #1

    Zabbix Through SSH Tunnel

    First let me say I'm new to Zabbix and I'm loving it so far, I've been working with it for about a week now and I've got it running on my LAN perfectly. Now I need to run it over the internet I've created a SSH tunnel on a non-standard port for security and I can ping a client across it and see that the port is open using nmap from the server, but I can't get the server to connect to the client. The Host Configuration page tells me that it assumes the agent dropped connection because of access permissions. If yall could help I would greatly appreciate it. If you need any of my config files I would be happy to show them.
    Last edited by Fatboy125; 01-05-2011, 17:45.
    Tags: None
    • Fatboy125
      Junior Member
      • Apr 2011
      • 4
      #2
      I was in a hurry earlier here is my zabbix_server.conf on my server
      Code:
      LogFile=/tmp/zabbix_server.log
DBName=zabbix
DBUser=root
DBPassword=password
      zabbix_agentd.conf on the server
      Code:
      LogFile=/tmp/zabbix_agentd.log
Server=127.0.0.1
Hostname=Zabbix server
      /etc/network/interfaces on the server
      Code:
      auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 192.168.0.212
netmask 255.255.255.0
gateway 192.168.0.1

iface tun0 inet static
address 10.0.0.1
netmask 255.255.255.0
pointopoint 10.0.0.2
up route add -net 192.168.2.0 netmask 255.255.255.0 gw 10.0.0.2 tun0
post-up /sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
post-down /sbin/iptables -t nat -D POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
      zabbix_agentd.conf on the client
      Code:
      LogFile=/tmp/zabbix_agentd.log
Server=192.168.0.212
Hostname=Zabbix client
      /etc/network/interfaces
      Code:
      auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 192.168.2.205
netmask 255.255.255.0
gateway 192.168.2.1

auto tun0
iface tun0 inet static
pre-up sleep 2
pre-up ssh -i /root/.ssh/VPNkey -S /var/run/ssh-vpn-tunnel-control -M -f -w 0:0 1.2.3.4 -p 6840 true
pre-up sleep 2
address 10.0.0.3
pointopoint 10.0.0.1
netmask 255.255.255.0
up route add -net 192.168.0.0 netmask 255.255.255.0 gw 10.0.0.1 tun0
post-up /sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
post-down /sbin/iptables -t nat -D POSTROUTING -s 10.0.0.0/24 -o eth0 -j MASQUERADE
post-down ssh -i /root/.ssh/VPNkey -S /var/run/ssh-vpn-tunnel-control -O exit 1.2.3.4:6840
post-down ifup tun0

        Comment

        • Fatboy125
          Junior Member
          • Apr 2011
          • 4
          #3
          I found what the problem was it only saw the ssh tunnel ip as the server so it always rejected it from the lan address of the server. Thanks for all your help.

            Comment

            Previous template Next
            Working...