Hi, question… I have a Linux redhat icingaweb2 set up, working fine with Linux using agentless ssh checks using nagios plugins. I have just got Windows servers into the config and im using wmi with a plugin to monitor (again agentless). My question is this… I have some windows servers on a dmz network behind a firewall. the network team are telling me that where the port 135 is used for standard WMI connections I need to narrow it down and assign some other ports for security reasons… so how do I specify some ports within icinga2 to use for WMI connections, so I can give the network team the port numbers to use for the firewall rules ?? thanks in advance.
I would say that this is the “job” of the check script/plugin.
Which one are you using?
Normally all plugins have a parameter
-h to display a detailed help page with instructions on how to use the plugin. This help page also lists the different parameters the plugin accepts when getting called, like
-H for the IP/hostname. Check if there is a parameter that allows you to set a different port.
./check_snmp --help check_snmp v2.2 (monitoring-plugins 2.2) Copyright (c) 1999-2007 Monitoring Plugins Development Team <firstname.lastname@example.org> Check status of remote machines and obtain system information via SNMP Usage: check_snmp -H <ip_address> -o <OID> [-w warn_range] [-c crit_range] [-C community] [-s string] [-r regex] [-R regexi] [-t timeout] [-e retries] [-l label] [-u units] [-p port-number] [-d delimiter] [-D output-delimiter] [-m miblist] [-P snmp version] [-N context] [-L seclevel] [-U secname] [-a authproto] [-A authpasswd] [-x privproto] [-X privpasswd] [-4|6] Options: -h, --help Print detailed help screen -V, --version Print version information ... -H, --hostname=ADDRESS Host name, IP Address, or unix socket (must be an absolute path) -p, --port=INTEGER Port number (default: 161)
Hi thanks for reply.
Im using check_wmi_plus.pl
and the only information I can find on ports and wmi (rpc) is as follows
TCP/135 is the standard port for RPC. It also uses a randomly assigned port between 1024-65535(TCP) for Windows 2003 and older, and 49152 - 65535(TCP) for Windows 2008
I quickly downloaded the plugin and had a look at the script. It seems like there is no parameter to specify a different port.
I have never use the plugin myself, but my guess is that you/the network admins have to open port 135/tcp for the checks, as this is the port where the incoming connections (monitoring->checked host) will be done over.
As far as I know port 135/tcp is the default. Have a discussion with your network group to open the port and also check the following if needed.
I am also using check_wmi_plus behind firewalls and like @gkoutsog said, you have to set a fixed port on the agents