Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
857
Views
0
Helpful
0
Replies

Basic NetFlow setup with SolarWinds

jbakke
Level 1
Level 1

‎05-23-2018 12:19 PM - last edited on ‎03-25-2019 02:37 PM by Community Manager

Below is a partial config that I am using for a cisco 3850 L3 switch. We are trying to monitor network traffic to a Solarwinds server. Does anyone notice anything out of the ordinary?

I have only recently hired on at this establishment and this is something that hasn't worked in a few years. So, I'm trying to eliminate things to better get an idea of what the hold up is. 

 

***

 

 

flow record NetFlow-to-Orion-Output

 match ipv4 tos

 match ipv4 protocol

 match ipv4 source address

 match ipv4 destination address

 match transport source-port

 match transport destination-port

 match interface output

 collect interface input

 collect counter bytes long

 collect counter packets long

!

!

flow record NetFlow-to-Orion-Input

 match ipv4 tos

 match ipv4 protocol

 match ipv4 source address

 match ipv4 destination address

 match transport source-port

 match transport destination-port

 match interface input

 collect interface output

 collect counter bytes long

 collect counter packets long

!

!

flow exporter NetFlow-to-Orion-Output

 destination ip address here (ip omitted for security reasons)

 source Vlan90

 transport udp 2055

!

!

flow exporter NetFlow-to-Orion-Input

 destination ip address here (ip omitted for security reasons)

 source Vlan90

 transport udp 2055

!

!

flow monitor NetFlow-to-Orion-Output

 exporter NetFlow-to-Orion-Output

 cache timeout active 60

 record NetFlow-to-Orion-Output

!

!

flow monitor NetFlow-to-Orion-Input

 exporter NetFlow-to-Orion-Input

 cache timeout active 60

 record NetFlow-to-Orion-Input

 

*************************we're only monitoring these 2ports for now.*******************

 

 

 

interface GigabitEthernet3/0/21
  switchport access vlan 90
  switchport mode access
  switchport voice vlan 10
  ip flow monitor NetFlow-to-Orion-Input input
  ip flow monitor NetFlow-to-Orion-Output output
  auto qos trust 
  spanning-tree portfast
  service-policy input AutoQos-4.0-Trust-Cos-Input-Policy
  service-policy output AutoQos-4.0-Output-Policy

interface GigabitEthernet5/0/38

  description **Uplink to Sophos Firewall**

  switchport access vlan 250

  switchport mode access

  ip flow monitor NetFlow-to-Orion-Input input

  ip flow monitor NetFlow-to-Orion-Output output

  spanning-tree portfast

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents