bb-service entry for OpenVPN

Jerry Yu jjj863 at gmail.com
Mon Aug 28 15:34:29 CEST 2006


anyone ?

On 8/25/06, Jerry Yu <jjj863 at gmail.com> wrote:
>
> I need to monitor OpenVPN service on a remote server (OpenVPN is
> already monitored as a PROC locally on that server)
>
> OpenVPN is SSL-based, so, I made up a service entry as below. The test
> is failing, got 'unexpected service response'm w/o any data. Because a
> shared HMAC secret is used for this OpenVPN server, a connection
> attempt w/o the HMAC secret will not be able to get the certificate
> (maybe this is why it fails?).
>
> [openvpn]
> expect "CONNECTED(00000003)"
> option ssl
> port 12345
>
> Here is a few manual sessions using openssl. I'd be happy to label the
> service as 'up' if I get the CONNECTED(00000003) string. any ideas?
>
> /etc/hobbit# openssl s_client -ssl3 -connect vip1.vip.com:12345
> CONNECTED(00000003)
> 30739:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
> number:s3_pkt.c:286:
> /etc/hobbit# openssl s_client -ssl2 -connect vip1.vip.com:12345
> CONNECTED(00000003)
> 30742:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake
> failure:s2_pkt.c:429:
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20060828/97b7b232/attachment.html>


More information about the Xymon mailing list