- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-30-2012 09:22 AM
Hi,
I am trying to configure netflow/flexible netflow on some branch site 887 routers which have a IPSec tunnel back to the main office. It is my understanding that the router will not encrypt traffic that it generates itself so the standard netflow will not work. The workaround I have seen is to use flexible netflow rather than standard.
I have tried to configure flexible netflow with the following configuration;
flow exporter EXPORTER-1
destination 192.168.10.1
source Vlan1
transport udp 9996
template data timeout 60
flow monitor FLOW-MONITOR-1
exporter EXPORTER-1
cache timeout active 60
record netflow-original
interface dialer 1
ip flow monitor FLOW-MONITOR-1 input
ip flow monitor FLOW-MONITOR-1 output
However this does not seem to work and our monitoring server is not recieving any data (I have used network monitor to capture the traffic to see if the router is sending the traffic or not)
When I check the flow's it does seem to collecting the data (the site does not have many users by the way);
FIU-R-DUM-001#sh flow monitor FLOW-MONITOR-1 cache
Cache type: Normal
Cache size: 4096
Current entries: 11
High Watermark: 403
Flows added: 164825
Flows aged: 164814
- Active timeout ( 60 secs) 22720
- Inactive timeout ( 15 secs) 142094
- Event aged 0
- Watermark aged 0
- Emergency aged 0
FIU-R-DUM-001#sh flow exporter EXPORTER-1 statistics
Flow Exporter EXPORTER-1:
Packet send statistics (last cleared 6d05h ago):
Successfully sent: 69071 (13068236 bytes)
Client send statistics:
Client: Flow Monitor FLOW-MONITOR-1
Records added: 164840
- sent: 164840
Bytes added: 8736520
- sent: 8736520
FIU-R-DUM-001#sh flow interface dialer 1
Interface Dialer1
FNF: monitor: FLOW-MONITOR-1
direction: Input
traffic(ip): on
FNF: monitor: FLOW-MONITOR-1
direction: Output
traffic(ip): on
I was wondering if someone could confirm whether I am along in the right lines in terms of configuration or am I missing some step that need to be configured or if there is any other commands I can use to check the netflow exports
Many thanks in advance
Brian
Solved! Go to Solution.
- Labels:
-
Network Management
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-31-2012 08:30 AM
Hi Brian,
Ensure you have the option "output-feature" added to your flow exporter. For details, check this blog:
http://blogs.manageengine.com/netflowanalyzer/2011/04/01/netflow-data-export-over-ipsec-tunnels/
Regards,
Don Thomas Jacob
NOTE: Please rate posts and close questions if your query has been answered
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-31-2012 08:30 AM
Hi Brian,
Ensure you have the option "output-feature" added to your flow exporter. For details, check this blog:
http://blogs.manageengine.com/netflowanalyzer/2011/04/01/netflow-data-export-over-ipsec-tunnels/
Regards,
Don Thomas Jacob
NOTE: Please rate posts and close questions if your query has been answered
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-02-2012 05:39 AM
Hi Don,
Thanks you for your response, implementing those changes worked perfectly.
Again, thank you for your assistance.
Cheers,
Brian
