Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
425
Views
0
Helpful
1
Replies

It used to work. Please look over my configs.

jbakke
Level 1
Level 1

‎05-23-2018 11:22 AM - last edited on ‎03-25-2019 01:03 PM by Community Manager

Below is a partial config that I am using for a cisco 3850 L3 switch. We are trying to monitor network traffic to a Solarwinds server. Does anyone notice anything out of the ordinary?

I have only recently hired on at this establishment and this is something that hasn't worked in a few years. So, I'm trying to eliminate things to better get an idea of what the hold up is.

***

flow record NetFlow-to-Orion-Output

match ipv4 tos

match ipv4 protocol

match ipv4 source address

match ipv4 destination address

match transport source-port

match transport destination-port

match interface output

collect interface input

collect counter bytes long

collect counter packets long

!

!

flow record NetFlow-to-Orion-Input

match ipv4 tos

match ipv4 protocol

match ipv4 source address

match ipv4 destination address

match transport source-port

match transport destination-port

match interface input

collect interface output

collect counter bytes long

collect counter packets long

!

!

flow exporter NetFlow-to-Orion-Output

destination ip address here (ip omitted for security reasons)

source Vlan90

transport udp 2055

!

!

flow exporter NetFlow-to-Orion-Input

destination ip address here (ip omitted for security reasons)

source Vlan90

transport udp 2055

!

!

flow monitor NetFlow-to-Orion-Output

exporter NetFlow-to-Orion-Output

cache timeout active 60

record NetFlow-to-Orion-Output

!

!

flow monitor NetFlow-to-Orion-Input

exporter NetFlow-to-Orion-Input

cache timeout active 60

record NetFlow-to-Orion-Input

*************************we're only monitoring these 3 ports for now.*******************

interface GigabitEthernet3/0/20
  switchport access vlan 90
  switchport mode access
  switchport voice vlan 10
  auto qos trust
  spanning-tree portfast
  service-policy input AutoQos-4.0-Trust-Cos-Input-Policy
  service-policy output AutoQos-4.0-Output-Policy

interface GigabitEthernet3/0/21
  switchport access vlan 90
  switchport mode access
  switchport voice vlan 10
  ip flow monitor NetFlow-to-Orion-Input input
  ip flow monitor NetFlow-to-Orion-Output output
  auto qos trust
  spanning-tree portfast
  service-policy input AutoQos-4.0-Trust-Cos-Input-Policy
  service-policy output AutoQos-4.0-Output-Policy

interface GigabitEthernet5/0/38

  description **Uplink to Sophos Firewall**

  switchport access vlan 250

  switchport mode access

  ip flow monitor NetFlow-to-Orion-Input input

  ip flow monitor NetFlow-to-Orion-Output output

  spanning-tree portfast

Labels:
0 Helpful
1 Reply 1

jbakke
Level 1
Level 1

‎05-23-2018 12:18 PM

Correction

we are only wanting to monitor the last 2 interfaces that I mentioned:

interface GigabitEthernet3/0/21
  switchport access vlan 90
  switchport mode access
  switchport voice vlan 10
  ip flow monitor NetFlow-to-Orion-Input input
  ip flow monitor NetFlow-to-Orion-Output output
  auto qos trust
  spanning-tree portfast
  service-policy input AutoQos-4.0-Trust-Cos-Input-Policy
  service-policy output AutoQos-4.0-Output-Policy

interface GigabitEthernet5/0/38

  description **Uplink to Sophos Firewall**

  switchport access vlan 250

  switchport mode access

  ip flow monitor NetFlow-to-Orion-Input input

  ip flow monitor NetFlow-to-Orion-Output output

  spanning-tree portfast

0 Helpful
Customers Also Viewed These Support Documents