Ok - so the title kinda says it all. I have an ASA 5510 and wish to use a Netflow analyzer to try and resolve an issue we're having with a sudden surge in Connections Per Second Usage, which then seems to cause a complete halt in connectivity to the 5510 for about 30 seconds. It happens probably once every 2 hours or so and prevents any traffic going out to the internet for that 30 seconds.
If anyone can suggest an easier way to track down the cause of this, I'm all ears. This was just my first thought.
I'm more of an ASDM GUI user than CLI (just so you know).
The Solarwinds RT Netflow analyzer seems require the setup of Netflow and SNMP for it to work. The configurator for this asks for:
I've found where to setup this in the ADSM, but I think there's something more required to get this to work.
Any assistance is greatly appreciated!!
Based on the ASA configuration guide, it indicates only Netflow version 9 is supported:
In looking at Solarwinds website, it mentions the Real-Time Netflow Analyzer supports version 5:
* SolarWinds Real-Time NetFlow Analyzer supports NetFlow Version 5 and records up to 60 minutes of NetFlow data.
I believe an analyzer which supports version 9 will need to be used with the ASA. Hope this helps.
Here is some additional information on Netflow for the ASA:
I tried this myself with NTA, and could not get it to work either, as stated before, its version 9, so Solarwinds wont work with it. Download and trial the ManageEngine software, it does support version 9.
ManageEngine has a standalone NetFlow monitoring software which can work with NetFlow packets without the need for an SNMP based base product like SolarWinds does. You can download ManageEngine NetFlow Analyzer and then configure your ASA to export NetFlow v9. ASA configuration via ASDM for NetFlow can be seen from the below link:
Don Thomas Jacob