On Fri, Aug 25, 2006 at 10:09:50AM -0400, Jerry Yu wrote:
I need to monitor OpenVPN service on a remote server (OpenVPN is
already monitored as a PROC locally on that server)
OpenVPN is SSL-based, so, I made up a service entry as below. The test
is failing, got 'unexpected service response'm w/o any data. Because a
shared HMAC secret is used for this OpenVPN server, a connection
attempt w/o the HMAC secret will not be able to get the certificate
(maybe this is why it fails?).
In the default configuration, OpenVPN is only UDP traffic - Hobbit has
no support for communicating with this type of service.
Assuming you did configure OpenVPN for TCP, then it is likely that the
SSL protocol is either wrapped inside an OpenVPN header, or some OpenVPN
traffic needs to precede the actual SSL handshake.
[openvpn]
expect "CONNECTED(00000003)"
option ssl
port 12345
That "expect" string will never match; the "CONNECTED" string is a
debugging output from the OpenSSL "s_client" utility.
Your best bet is probably to enable the OpenVPN management service, and
check that with a normal "http" status check.
Regards,
Henrik
To unsubscribe from the hobbit list, send an e-mail to
hobbit-unsubscribe (at) hswn.dk