Hello All,

I am trying to implement a Network monitoring system so that I can monitor my home servers from anywhere in the world. I am currently studying Nagios and I have successfully implemented it to monitor my two servers and clients on my LAN.

Now, what I want to do is be able to set up the monitoring server to check for devices at my parent's place. Nagios relies a lot on ping messages (I'm just getting started). How can I set it up to monitor devices in my parent's home network when I do not know the IP addresses on that end? The IPs are supplied by the gateway router through DHCP.

I don't mind using any other tools. I just want to get some ideas of how I can do it. I have checked Zabbix, OpenNMS and pfSense but really don't know which could help accomplish the task.

Any ideas and help is most welcomed,

Cheers and thanks,

Atwin.


P.S. Attached is a simplified illustration of how the network is.

http://i82.photobucket.com/albums/j2...nix/netmag.jpg

Well you could setup static ips for them and a dyndns service. You could also have one of them initiate a reverse ssh tunnel or a vpn connection to the foreign network you're monitoring from.

Thanks for the reply rweaver. A dyndns service will not really work since it will report the gateway's WAN address (tried that with dyndns.org). I need to be able to access the individual servers/clients behind the NAT/Firewall. Any tutorials on how I could set the VPN tunnel?

Without knowing IP address, How to communicate with servers or network devices?

Exactly. Apparently there is a way around this. That is what I am trying to find out.

Well with dyndns you could port forward from the router to a port behind the router on the actual hosts, it will report if the port is responding or not (snmp would be a good choice say 1161 and 1611 if there are two.)

router:1611->hosta:161
router:1161->hostb:161

Edit: And snmp provides a lot of good information on the machine.

how about NSCA using send_nsca. With this, the clients actually send their status to the nagios server, so all that is needed here is the ip address of nagios server.

http://nagios.sourceforge.net/docs/1_0/addons.html#nsca
http://www.unix-tutorials.com/go.php?id=3929

Thanks for all the help. Will check out these tools and report back. Cheers.

If u have a Public address of ur end but not with other end then u can setup a VPN connection between ur end and other end using vtun(http://vtun.sourceforge.net/) then use zenoss(www.zenoss.com) network monitoring system where u can enable monitoring traffic via vtun tunnel. this has tested and works smoothly.

Note: setup vtun tunnel as client-server then connect client to server and add routes if needed. then u should be able to access parent's location network from ur zenoss server or any other server in the network. same as from parent's location it should be able to access ur location's servers.

Can you ssh into the router? Or perhaps the router has an http(s) interface from which you could find out what IP addresses it has assigned.

Evo2.

No, I can't even ssh into the router since my ISP supplies Dynamic DHCP addresses, which changes every now and then and the modem is just an ADSL/USB modem so I can't modify it for dynamic dns.

If you do have a machine outside a firewall somewhere (lets call it "A"), you could set up one of the machines behind the routerto automatically start a reverse ssh tunnel (using a passphraseless ssh key) to host A. You could then ssh into that machine by sshing to the correct port on host A.

If you are running a sufficiently sophisticated firmware on the router (eg dd-wrt) you could even get the router itself to setup the tunnel.

I know that this is a fairly clunky way of doing it, but in principle it should work.

Evo2.

I've done this very same thing before.

Here's how I did it:

NB. All hosts in my case were running Linux.

1. Create an account on DynDNS.com
2. Download one of the DynDNS update clients and schedule/cron it to run every hour & on-boot.
3. Change your local computers to use static internal addresses.
4. Forward ports from your router to port 22 for each local computer.
   
   Eg.
   Host_A (192.168.0.2 (static)) Router:51022 -> Local:22
   Host_B (192.169.0.3 (static)) Router:52022 -> Local:22
   Host_C (192.168.0.4 (static)) Router:53022 -> Local:22

Now, from anywhere in the world, if you wanted to connect to Host_B:
Or, Host_A:
When you connect, your router will know, from the port number, which machine it should send the traffic to.

Now you can use the Nagios 'check_by_ssh' to monitor these systems.

Hope this helps.

I think the problem is that the OP can't even get their router because it is behind a dumb modem (presumably provided by the ISP). This is why I suggested a reverse ssh tunnel to an external host the that OP has control over.

Evo2.

See my previous post. Ncsa. Passive monitoring