Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
471
Views
0
Helpful
1
Replies

Nagios Server inside Cisco ASA5510 Monitoring on outside interface

Lee Murphy
Level 1
Level 1

‎06-13-2016 07:50 AM - edited ‎03-12-2019 12:52 AM

Need some advice/help on a firewall issue. Not sure this is the forum I should be in, but anyhow this is the issue: I got a Linux box hosting Nagios that is on the inside interface of a Cisco ASA5510. The Windows boxes I monitor are on the outside interface of the same Cisco ASA5510. I have no problem with Nagios communicating with the Windows servers as traffic is passed from the inside to outside on the 5510. The problem I am having is Nagios "Cannot fetch information from the server" to receive the resource information such as, C:\ Drive Space, CPU Load, Memory Usage, etc. In other words the firewall is blocking the outside interface from coming inside.

Labels:
0 Helpful
1 Reply 1

David Castro F.
Spotlight
Spotlight

‎06-13-2016 09:27 AM

Hello Lee Murphy,

This is a default behavior of the ASA from Outside interfaces(Would have a Security level of 0) and the Inside Security level of 0, so by default the ASA cannot allow Lower to Higher communication, it allows from higher to lower and the response back is allowed. If the traffic is initiating from the outside you will need to define an inbound ACL (Access group) applied to the outside interface allowing the communication such as:

access-list Outside-inbound permit ip XXXXXXX YYYYYYYYY

access-group Outside-inbound in interface Outside 

XXXXXXXX -- Outside Hosts such as the Windows Boxes IP addresses

YYYYYYY '-- Linux Nagios Box IP¨address

Keep me posted, please proceed to rate and mark as correct the helpful post!

David Castro,

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card