How to Configure Zabbix Monitoring for Windows Server with NAT and iptables
This guide walks through setting up a Zabbix server on ESXi, enabling NAT and port forwarding with iptables, installing the Zabbix agent on Windows Server 2012, and creating Windows‑specific monitoring items such as IIS process status and performance counters.
Environment
Zabbix server interfaces: ens192 10.127.0.133, ens256 172.168.0.2.
Windows Server 2012 interfaces: ens192 172.168.0.3, gateway 172.168.0.2.
Configure Shared Internet and Port Forwarding
The Windows Server runs as an ESXi VM; because public IPs are scarce, NAT is performed on the Zabbix server using iptables.
Enable Routing on Zabbix Server
echo 1 > /proc/sys/net/ipv4/ip_forwardor edit /etc/sysctl.conf and add net.ipv4.ip_forward = 1, then run sysctl -p.
iptables Configuration
iptables -t nat -A POSTROUTING -s 172.168.0.0/24 -o ens192 -j SNAT --to-source 10.127.0.133
iptables -t nat -A PREROUTING -d 10.127.0.133 -p tcp --dport 3389 -i ens192 -j DNAT --to-destination 172.168.0.3:3389
iptables-saveTest Network Connectivity
Remote Connection Test
Enable the Remote Desktop role on Windows Server 2012, then connect to the internal Windows host via the Zabbix server’s port 3389.
Download Zabbix Agent Client
Download URL: https://assets.zabbix.com/downloads/4.2.6/zabbix_agent-4.2.6-win-amd64-openssl.msi
Installation Steps
Agent Service Starts Automatically
Port 10050 Listening
Add Windows Host in Zabbix
Enter the Windows host name; initial connection may fail with error 104 because iptables rules are ordered incorrectly.
get value from agent failed: ZBX_TCP_READ() failed;[104] connection reset by peer
Place the correct NAT rule at the top of the chain:
iptables -t nat -I POSTROUTING -d 172.168.0.0/24 -p tcp -m tcp --dport 10050 -j SNAT --to-source 10.127.0.133
iptables-saveAfter reloading, the agent status becomes "available”.
Zabbix provides a Windows monitoring template that discovers services and offers many built‑in items.
Example Windows Monitoring Items
Monitor IIS Process Status
Use the proc.num[] key to count processes; configure a trigger when the count is zero.
Monitor IIS Concurrent Connections
Add a performance counter for IIS connections under the Web Service path; other IIS metrics (e.g., CGI request count) can be added similarly.
Feel free to comment and discuss any questions.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Ops Development Stories
Maintained by a like‑minded team, covering both operations and development. Topics span Linux ops, DevOps toolchain, Kubernetes containerization, monitoring, log collection, network security, and Python or Go development. Team members: Qiao Ke, wanger, Dong Ge, Su Xin, Hua Zai, Zheng Ge, Teacher Xia.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.