Ossec agent with static ip, server with dynamic ip does not connects outside the LAN
19 views
Skip to first unread message
Trevisi Roberto
May 1, 2025, 7:49:13 AMMay 1
to ossec...@googlegroups.com
Hi,
2025/04/28 21:07:25 ossec-agentd: INFO: Trying to connect to server any, port 1514.
2025/04/28 21:07:25 getaddrinfo: Name or service not known
2025/04/28 21:08:09 ossec-syscheckd: INFO: Starting syscheck scan (forwarding database).
2025/04/28 21:08:09 ossec-syscheckd: WARN: Process locked. Waiting for permission... ```
I have this situation:
_one agent inside a LAN whose default gateway has a static ip _and a server that I use, inside the same LAN with the static dhcp ip and outside the LAN with dynamic ip
I configured the server's ossec.conf with both the agent ips ( the LAN ip and the router static ip which has a port forwarding ) The agent's ossec.conf with the LAN server ip and with "any"
When I'm inside the LAN agent and server connects When I'm outside the LAN with the server they don't connect
Does the server search for agents to the two ips I set in the server's ossec.conf ? or it is only the agent that try to connect to the server (in this last case there is no way the agent can find the server outside the LAN)
The agent's log:
_one agent inside a LAN whose default gateway has a static ip _and a server that I use, inside the same LAN with the static dhcp ip and outside the LAN with dynamic ip
I configured the server's ossec.conf with both the agent ips ( the LAN ip and the router static ip which has a port forwarding ) The agent's ossec.conf with the LAN server ip and with "any"
When I'm inside the LAN agent and server connects When I'm outside the LAN with the server they don't connect
Does the server search for agents to the two ips I set in the server's ossec.conf ? or it is only the agent that try to connect to the server (in this last case there is no way the agent can find the server outside the LAN)
The agent's log:
``` 2025/04/28 21:07:24 ossec-agentd: INFO: Trying next server in the line: 'any'.
2025/04/28 21:07:25 ossec-agentd: INFO: Closing connection to server any, port 1514.2025/04/28 21:07:25 ossec-agentd: INFO: Trying to connect to server any, port 1514.
2025/04/28 21:07:25 getaddrinfo: Name or service not known
2025/04/28 21:08:09 ossec-syscheckd: INFO: Starting syscheck scan (forwarding database).
2025/04/28 21:08:09 ossec-syscheckd: WARN: Process locked. Waiting for permission... ```
Is there a way to enable connection when the server is out of LAN ?
thnks
thnks
Roberto Trevisi
May 1, 2025, 7:49:13 AMMay 1
to ossec-list
Hi,
I have this situation:
_one agent inside a LAN whose default gateway has a static ip _and a server that I use, inside the same LAN with the static dhcp ip and outside the LAN with dynamic ip
I configured the server's ossec.conf with both the agent ips ( the LAN ip and the router static ip which has a port forwarding ) The agent's ossec.conf with the LAN server ip and with "any"
When I'm inside the LAN agent and server connects When I'm outside the LAN with the server they don't connect
2025/04/28 21:07:25 ossec-agentd: INFO: Trying to connect to server any, port 1514.
2025/04/28 21:07:25 getaddrinfo: Name or service not known
2025/04/28 21:08:09 ossec-syscheckd: INFO: Starting syscheck scan (forwarding database).
2025/04/28 21:08:09 ossec-syscheckd: WARN: Process locked. Waiting for permission...```
0
I have this situation:
_one agent inside a LAN whose default gateway has a static ip _and a server that I use, inside the same LAN with the static dhcp ip and outside the LAN with dynamic ip
I configured the server's ossec.conf with both the agent ips ( the LAN ip and the router static ip which has a port forwarding ) The agent's ossec.conf with the LAN server ip and with "any"
When I'm inside the LAN agent and server connects When I'm outside the LAN with the server they don't connect
Does the server searchs for agents to the two ips I set in the server's ossec.conf ? or it is only the agent that try to connect to the server (in this last case there is no way the agent can find the server outside the LAN)
The agent's log:
The agent's log:
```
2025/04/28 21:07:24 ossec-agentd: INFO: Trying next server in the line: 'any'.
2025/04/28 21:07:25 ossec-agentd: INFO: Closing connection to server any, port 1514.2025/04/28 21:07:25 ossec-agentd: INFO: Trying to connect to server any, port 1514.
2025/04/28 21:07:25 getaddrinfo: Name or service not known
2025/04/28 21:08:09 ossec-syscheckd: INFO: Starting syscheck scan (forwarding database).
2025/04/28 21:08:09 ossec-syscheckd: WARN: Process locked. Waiting for permission...```
Is there a way to enable connection when the server is out of LAN ?
thks
Reply all
Reply to author
Forward
0 new messages