Zabbix + Stunnel
Hi,
Is there a way to secure the communication between a Zabbix server and a Zabbix agent?
From what I have read on the net, people have suggested the use of stunnel with a Zabbix proxy configuration.
While I can understand how that could work, it does not solve my problem as the communication between the zabbix agent and the zabbix proxy will still be in the clear. (although the communication from the proxy into the server will be encrypted).
What I would like to achieve is to have an stunnel client on the zabbix agent and an stunnel server on the zabbix server.
Problem: I am missing the port (see below XXX) the stunnel client will be listening to, in order to intercept Zabbix agent reply to the server.
On Zabbix Agent machine, stunnel client
--------------------------------------
; to get requests from zabbix server and forward to the zabbix agent
client = yes
accept= 10051
connect= 10052
; to intercept zabbix agent's reply to the zabbix server
accept= XXX
Connect= ZABBIX_SERVER_IP:11162
On Zabbix Server machine, stunnel:
----------------------------------
accept= 11162
connect= 10050
My Zabbix client listens on port 10051
My Zabbix server listens on port 10050
The Command does not return anything...:
zabbix_get -s AGENT_IP_MACHINE -p 10051 -k "system.cpu.util[,user,avg1]"
I am using Zabbix 1.8.x.
Many thanks,
Elextra--
Is there a way to secure the communication between a Zabbix server and a Zabbix agent?
From what I have read on the net, people have suggested the use of stunnel with a Zabbix proxy configuration.
While I can understand how that could work, it does not solve my problem as the communication between the zabbix agent and the zabbix proxy will still be in the clear. (although the communication from the proxy into the server will be encrypted).
What I would like to achieve is to have an stunnel client on the zabbix agent and an stunnel server on the zabbix server.
Problem: I am missing the port (see below XXX) the stunnel client will be listening to, in order to intercept Zabbix agent reply to the server.
On Zabbix Agent machine, stunnel client
--------------------------------------
; to get requests from zabbix server and forward to the zabbix agent
client = yes
accept= 10051
connect= 10052
; to intercept zabbix agent's reply to the zabbix server
accept= XXX
Connect= ZABBIX_SERVER_IP:11162
On Zabbix Server machine, stunnel:
----------------------------------
accept= 11162
connect= 10050
My Zabbix client listens on port 10051
My Zabbix server listens on port 10050
The Command does not return anything...:
zabbix_get -s AGENT_IP_MACHINE -p 10051 -k "system.cpu.util[,user,avg1]"
I am using Zabbix 1.8.x.
Many thanks,
Elextra--