Unable to communicate with Nsclient from Internet but working in local network



I use Nsclient 4.3.143. I use secure connexion with certificate.

For my test I have 3 computer PC-Luc (on my desk office) : with Nsclient where I try to make request PC1 (home): Monitored computer with NSClient in test mode PC2 (home): Another computer to make request.

On PC2 when I use this command: nscp nrpe host=PC1 certificate=security/icMonitoringClient.pem certificate-key=security/icMonitoringClient.key or check_nrpe with the same value

it’s working fine PC1 wrote:nrpe Accepting connection from: “PC1 IP”, count=1 PC2 wrote: I ( 2015-04-29) seem to be doing fine…

When I try same command from PC-Luc, PC1 wrote: D nrpe Accepting connection from : “My desk public IP”, count=1 nrpe failed to establish secure connection: short read: 219 D:\source\nscp\include\socket/connection.hpp:243 PC-Luc wrote: SSL Handshake failed: short read failed to connect to: “My home IP”:5666 : short read

What I missed ?

Best regards


Ok the problem is ALLOWED-CIPHERS default value,

I have changed to (for exemple) SEED-SHA it’s TLS 1.0 ciphers and it’s working fine.

I’m not specialist of encryption or authentication,

Could I suggest that in trace mode or debug mode you write the ciphers negotiate with peer ?


in trace mode i do net get informations that could help me.

nmap does not find ciphers remotely? ;-(

nmap --script ssl-enum-ciphers -p 5666 vm323

Starting Nmap 6.40 ( http://nmap.org ) at 2017-08-11 09:11 CEST Nmap scan report for server (192.168.0.x) Host is up (0.00056s latency). rDNS record for 192.168.0.x: server PORT STATE SERVICE 5666/tcp open nrpe MAC Address: F0:51:00:FF:00:E4 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.13 seconds