Monitor non-agent hosts behind NAT


I am setting up check_mk to monitor my own private network and some other “sites” at friends and family.
I have deployed a Raspberry Pi at each remote site which I can use at a jumphost, i.e. I have configured a port forwarding on the remote internet access routers to be able to SSH into the Raspberry.
Agents are running on the Raspberries and are reporting via the SSH Datasource Program.
All great!

Now I would like to monitor a few systems in the remote network like Wifi access points, internet routers and other systems where I can’t install agents on.

Some support SNMP, there is one FritzBox and other devices I would just like to check if they are up to get an alert when they are going down.

I have searched a lot but did not find a proper solution yet that does not require a VPN tunnel or port forwardings to each system. The first would be to cumbersome and unstable, the latter is too risky.
Also a slave site would be difficult as I would need more powerful raspberries for that and adds a lot of complexity and maintenance effort onto this hobby project.

I thought about using piggyback data or any other way which makes use of the raspberry as the bridge head in the remote network.

Does anyone have a similar setup or hints how I could implement that as simple as possible?


I think what you describe is a master - slave setup. I think you can do some tuning on the RaspberryPIs to get it working. You can use a SSH Tunnel to forward Livestatus and Webports.
As second solution you could use a bunch of nagios style checks via check_by_ssh or check_multi

Maybe this helps you. Check_multi can be configured to work/appear as passive checks.

Hi Marcus,

yes, it is a master - slave setup and it seems that would be the best way to do it. However, my slave Raspberries are not capable of running an OMD site, they are old Raspberry B with 256MB RAM. I tried and it literally brought the system to a halt. Also I would like to reduce complexity of the remote system as much as possible as I do not have access to all sites regularly.
Do you have a pointer to using the Nagios style checks? I have used Nagios in the past but not more than out of the box in a very simple setup…


you can trigger them as MRPE checks from your check_mk agent on the remote location or as mentioned before via check_by_ssh and/or check_multi via classic active check from your CheckMK Server. check_by_ssh is a default plugin which comes with CheckMK and can be used as classic active check. You should also install the monitoring-plugins packages on the remote RaspberryPis to have a first set of check plugins.

Hi, after some reading and considerations done over the weekend I am going to try out the distributed monitoring approach with livestatus on one of the remote sites. I ordered a RasPi 3 for that to have a sufficiently capable device to run the slave site.

At the other site (where I basically only would like to have a bit more details about the FritzBox and connected repeaters as well as usage of the wifi network) I’m going to stick with the RasPi B.
There, I’m still looking for a lean way to get the Fritz data pulled from the agent somehow and provide with its own output when called by the check_mk server.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.