Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

Directory Tree

check_ipsec

Rating
1 vote
Favoured:
1
Hits
114072
Files:
FileDescription
check_ipseccheck_ipsec
Nagios CSP

Meet The New Nagios Core Services Platform

Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.

Monitoring Made Magically Better

  • Nagios Core on Overdrive
  • Powerful Monitoring Dashboards
  • Time-Saving Configuration Wizards
  • Open Source Powered Monitoring On Steroids
  • And So Much More!
Check ipsec connections from openswan or strongswan
Checks vpn connection status of an openswan or strongswan installation.

Usage: check_ipsec --tunnels

./check_ipsec --tunnels 10
OK - All 10 tunnels are up an running


You have to run this plugin with nrpe.
Add these lines to /etc/sudoers:

Cmnd_Alias IPSEC = /usr/lib/nagios/plugins/check_ipsec
nagios ALL=NOPASSWD:IPSEC
Reviews (1)
Core pre-req requirement not mentioned:
FPING

Ubuntu16 instance had to modify the FPING path to usrinfping (not usrsbinfping)
Also had to modify the grep string check for the latest strongSwan tunnel check:
ORIGINAL: tunneltest=`$IPSECBIN status | grep -e "IPsec SA established" | grep -e "newest IPSEC" |grep -e $CONN | wc -l`
UPDATED: tunneltest=`$IPSECBIN status | grep -e "ESTABLISHED" | wc -l`

Suggest using full path in GATEWAYLIST variable instead of relative path and just a filename.

Works effectively once tweaked for the deployed environment.