wazuh setup through OpenVPN

[Gangadhar Bharadwaj K]

Hello Everyone,

I'm trying to setup wazuh as part of our project, we are using wazuh manager OVA in our work laptop and trying to install agent on the client environment which is connected through OpenVPN. The agent is installed on the client's server but its not visible in the dashboard. 

I've even tried installing openvpn directly on the wazuh OVA and try to connect but its not working. Can anyone help me on how i can overcome this issue, i've put Wazuh VM in bridged mode BTW. I think the issue is that the VM is not able to share the same VPN connection as host. Once connected to the VPN the host is able to ping the client's server IP but from VM its not working.

Regards,

Gangadhara Bharadwaj K

[Dario Menten]

Hello Gangadhar,

As far as I understand, you are having issues with networking configuration, nothing regarding Wazuh itself, so I recommend checking all the networking configurations on the Hypervisor you are using, then the laptop and finally on the VPN you are configuring.

Have in mind that you need to have published the following ports outside the Wazuh Server VM in order to allow the Wazuh Agent to connect:

- 1515: Agent Registration

- 1514: Agent communication

Here you can learn more about the Wazuh ports: https://documentation.wazuh.com/current/getting-started/architecture.html#required-ports

I hope this information could be helpful.

[Gangadhar Bharadwaj K]

Hi Dario,

Thanks for the response, I've put the wazuh vm in bridged mode with the host. It might be network configuration issue, is there way that i could make some settings to make mazuh VM communicate over host VPN connection. I know this is outside the scope but i appreciate any help.

Also from wazuh setup prespective, i just want to know that if i use wazuh ova as the server and install an agent on the client side which is connected through a VPN, will the agent be able to communicate in my dashboard. Does the VM based setup support this functionality? or do i have to use linode or wazuh cloud. I just want to know that.

Regards,

[Dario Menten]

Hello Gangadhar,

Just so you know, the setup you are proposing should work without issues.
As you stated it is an issue with the VPN, and the only thing I can think of that you can check is the routes, check if the agent and the server (and the host maybe) have the correct routes to communicate through the VPN (Other than this could be related to the configuration of the devices you are using in the middle).

• Routing tables in Linux
• Routing tables in Windows

I hope this could be helpful.

​