configuration netflow on asa

pugliededaniele88 — Fri, 21 Feb 2020 14:44:23 GMT

Dear all,

I configured netflow on asa but on PRTG i don't see any traffic. Below the configuration I did:

flow-export destination inside 10.111.1.102 2055

access-list netflow-hosts extended permit ip any any

class-map NetFlow-traffic

match access-list netflow-hosts

policy-map global_policy

class inspection_default

class NetFlow-traffic

flow-export event-type all destination 10.111.1.102

I configured also a capture

capture test2 type raw-data interface inside [Capturing - 2724 bytes]
match udp any host 10.111.1.102 eq 2055

and this is the output:

2 packets captured

1: 14:12:20.075588 802.1Q vlan#1 P0 10.111.2.250.12235 > 10.111.1.102.2055: udp 1388
2: 14:12:20.075618 802.1Q vlan#1 P0 10.111.2.250.12235 > 10.111.1.102.2055: udp 1212

# sh flow-export counters

destination: inside 10.111.1.102 2055
Statistics:
packets sent 4
Errors:
block allocation failure 0
invalid interface 0
template send failure 0
no route to collector 0
source port allocation failure 0

Can anyone help me to understand why the PRTG dosen't receive traffics ?

Re: configuration netflow on asa

mikael.lahtela — Mon, 13 Nov 2017 16:55:00 GMT

Hi,

Can you run Wireshark or something else on you PRTG server to see that the packets arrive at the server?
Check that ports are open on the PRTG server firewall.
The traffic information on PRTG is not live, see more information here:
https://kb.paessler.com/en/topic/1423-how-to-monitor-cisco-asa-firewalls-using-netflow-9-and-prtg

br, Micke

topic configuration netflow on asa in Network Security

configuration netflow on asa

Re: configuration netflow on asa