Re: [Nagios-users] Ports used in Nagios infrastructure

[Morris, P. <pat...@hp...>]

Jerry Joy wrote:
> I'm trying to find out all the ports used by Nagios infrastructure 
> components in a distributed architecture. The idea is to identify the 
> firewall changes required for the implementation. As per documentation 
> and information on web I notice the following ports. Please let me 
> know if I missed anything
>
>
> Port 80 for Console Access on Primary Nagios server (including web server)
> Port 5667 for NSCA on Primary Nagios server
> Port 12489 on Windows clients for NSClient++
> Port 5666 on Linux clients for NRPE daemon
>
> Is there any other port on the Primary Nagios server which is 
> listening for reports from clients?
> Also, is there any port opening required for any port on the 
> distributed Nagios server which sends reports to the Primary Nagios server

Strictly speaking, Nagios does not open *any* network ports. If your 
setup includes NSCA, NRPE, and NSCLient++ then yes, you need to make 
sure their ports are open, but that's dependent on your implementation 
and whether you've installed those add-ons.  The same goes for any other 
services external to Nagios itself (like the front-end web-server, and 
other network-enabled external components) you may use in your 
particular setup.

I've noted you haven't mentioned any access from the Nagios server to 
other hosts, which will be necessary if you actually want the Nagios 
server to be able to check anything on other hosts, but again, that's 
dependent on your configuration and maybe outbound access from the 
Nagios machine isn't an issue in your environment.

In any case, what ports you need opened to your Nagios server is 
completely defined by your configuration. There are multiple ways to do 
a distributed setup, and the ports you'll need will be defined by how 
you choose to do that.