https://community.cisco.com/t5/network-security/netflow-and-nat-issues/m-p/1777530#M530325 <HTML><HEAD></HEAD><BODY><P>Ok just to update there is apparently a bug in the ASA software, here is the link for the details:</P><P><A class="jive-link-external-small" href="http://thwack.solarwinds.com/forums/48/network-management/10/orion-netflow-traffic-analyzer/19114/orion-nta-35--service-pack-2/">http://thwack.solarwinds.com/forums/48/network-management/10/orion-netflow-traffic-analyzer/19114/orion-nta-35--service-pack-2/</A></P></BODY></HTML> Wed, 21 Sep 2011 18:01:55 GMT ALIAOF_ 2011-09-21T18:01:55Z https://community.cisco.com/t5/network-security/netflow-and-nat-issues/m-p/1777528#M530320 <P>I have netflow configured on one of my ASA and it was working fine.&nbsp; There was a changed made on it last night and since then apparently Netflow stopped working, however Netflow software (Solarwinds) is still showing the device up and still showing SNMP traffic once in a while I do see CFLOW data when I'm running wireshark on the Solarwinds server but nothing in the interface.&nbsp; This was the change made and wanted to see if that can cause an issue or not.</P><P></P><P>Solarwinds server: 192.168.1.135</P><P>Firewall Inside IP: 192.168.168.252</P><P>Firewall Outside IP: 10.230.168.252</P><P></P><P>global (outside) 1 interface</P><P>nat (inside) 1 192.168.0.0 255.255.0.0</P><P>nat (inside) 1 10.0.0.0 255.0.0.0 (This was added)</P><P></P><P>Would this cause any issues for the traffic going to 192.168.1.135 IP, doesn't make sense because it really shouldn't.</P> Mon, 11 Mar 2019 21:27:43 GMT https://community.cisco.com/t5/network-security/netflow-and-nat-issues/m-p/1777528#M530320 ALIAOF_ 2019-03-11T21:27:43Z https://community.cisco.com/t5/network-security/netflow-and-nat-issues/m-p/1777529#M530322 <HTML><HEAD></HEAD><BODY><P>Hi Mohammed, </P><P></P><P>Nope it shouldnt, can you take a capture and downloaded in pcap format so we can see it on wireshark? Do the following: </P><P></P><P>capture capin interface inside match udp any any eq <YOUR_NETFLOW_DEFINED_PORT></YOUR_NETFLOW_DEFINED_PORT></P><P></P><P>Wait 5 minutes and then do the following </P><P></P><P>http 0 0 inside </P><P>http server enable </P><P></P><P>From a computer on the inside access </P><P><A class="jive-link-external-small" href="https://192.168.168.252/capture/capin/pcap">https://192.168.168.252/capture/capin/pcap</A></P><P></P><P>That should give you the capture in pcap format and you will be able to see it, I want to check if the templates as well as the data packets are going ok from the firewall. </P><P></P><P>Mike </P></BODY></HTML> Wed, 21 Sep 2011 02:17:33 GMT https://community.cisco.com/t5/network-security/netflow-and-nat-issues/m-p/1777529#M530322 Maykol Rojas 2011-09-21T02:17:33Z https://community.cisco.com/t5/network-security/netflow-and-nat-issues/m-p/1777530#M530325 <HTML><HEAD></HEAD><BODY><P>Ok just to update there is apparently a bug in the ASA software, here is the link for the details:</P><P><A class="jive-link-external-small" href="http://thwack.solarwinds.com/forums/48/network-management/10/orion-netflow-traffic-analyzer/19114/orion-nta-35--service-pack-2/">http://thwack.solarwinds.com/forums/48/network-management/10/orion-netflow-traffic-analyzer/19114/orion-nta-35--service-pack-2/</A></P></BODY></HTML> Wed, 21 Sep 2011 18:01:55 GMT https://community.cisco.com/t5/network-security/netflow-and-nat-issues/m-p/1777530#M530325 ALIAOF_ 2011-09-21T18:01:55Z