Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Nrpe check_ping and Ipsec

    Scheduled Pinned Locked Moved IPsec
    3 Posts 2 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P Offline
      Payomeke
      last edited by

      Hi there,

      Have a question here.

      I want to monitor a ipsec tunnel between 2 pfsense. I thought could use nagios nrpe with check_ping to ping the other pfsense LAN interface and, thanks to this, see if the tunneling is working or not.

      The problem is, that pfsense use its default interface (WAN) for the ping, and doesn't work. Check_ping doesn't have a -S option to specify a source interface or IP.

      Do you know a way to make this work or other option for monitoring ipsec tunneling with nagios?

      Thank you.

      1 Reply Last reply Reply Quote 0
      • jimpJ Offline
        jimp Rebel Alliance Developer Netgate
        last edited by

        Two ideas:

        1. Tried and true method: https://doc.pfsense.org/index.php/Why_can%27t_I_query_SNMP,_use_syslog,_NTP,_or_other_services_initiated_by_the_firewall_itself_over_IPsec_VPN

        2. Simpler and may work just as well: Add a Phase 2 that covers the WAN IP - Remote LAN path to both sides.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • P Offline
          Payomeke
          last edited by

          Thank you very much jimp.

          I chose the first option and its working well, just as I wanted. Wasn't so hard after all. I had to add the "-4" flag in the nrpe check too.

          One problem less :)

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.