2009
12.28

Monitoring server using your Nagios Server as PPTP Client

Category: Linux, Nagios / Tags: no tag / Add Comment

I have a customer who has a Windows SBS2K3 server behind a pretty crappy router (installed by ISP). It’s not possible to create a Site-to-Site VPN between the location where my Nagios Server is located and the location where the SBS2K3 is located.

Because I insist throwing all monitoring traffic over an Encrypted Tunnel, I thought about letting the Nagios Server log in as a PPTP Client onto the WSBS2K3.

I did the following the configure everything for the above:

  • Created a Service account on the SBS2K3 with VPN login permissions.
  • Installed PPPd on the Nagios Server.
  • Created a new PPTP VPN Tunnel using Webmin (PPTP VPN Client module will be available after installing PPPd and refreshing the modules in Webmin).
  • Created a route for my Nagios Server that it can access the SBS2K3 server for monitoring.

I will give you an example to make it more clear to understand:

Let’s say your Remote Server has public ip 1.1.1.1 and it’s internal IP is 192.168.2.10.

You will have to do the following on your Nagios Server:

  • Open a SSH session.
  • Execute the following command to install PPPd: 
# apt-get install pppd
  • Make sure you have webmin installed on your Linux (Nagios) server. If you don’t have Webmin installed, check http://www.webmin.com/deb.html for a tutorial how to install Webmin (Webmin will always come in handy, so don’t hesitate to install Webmin).
  • Open the webmin console of your Nagios Server (https://[Local Nagios IP]:10000)
  • Go to “Networking” – “PPTP VPN Client”
  • Add a new PPTP VPN Tunnel
  • Make sure the PPTP Tunnel is configured like beneath.

  PPTP VPN Client add tunnel

  • Create the tunnel

You can test if the tunnel will be created successful by choosing your newly created Tunnel and pressing “Connect to:” on the left side of the PPTP VPN Client screen.

When the PPTP VPN session is enabled successfully, you only need to add a route so Nagios knows how to reach the Remote Server. The command for adding a route to use in this example is:

# route add -net 192.168.2.0 netmask 255.255.255.0 dev ppp0

This command will make sure that the whole 2.* range is available through the PPP0 interface.

You can also automate the establishment of the tunnel and the route. To let the Nagios Server establish the PPTP Tunnel at boot you can configure the option in your Nagios Webmin PPTP Client Console to connect at boot.
For the route you can edit the Defined Tunnel, and add the above line into the “Other route commands” field of your PPTP VPN tunnel options.

This way your PPTP Tunnel will automatically be established on a boot of the Nagios Server and the route will automatically be added after establishing the PPTP Tunnel.

No Comment.

Add Your Comment

Your Comment