Thank you for replying the post . Here is the details below

EscapeASA# sh run

: Saved

:

ASA Version 8.2(1)

!

hostname EscapeASA

enable password /yB/dTCJeUBCqR7U encrypted

passwd 2KFQnbNIdI.2KYOU encrypted

names

!

interface Vlan1

nameif inside

security-level 100

ip address 192.168.1.1 255.255.255.0

!

interface Vlan2

nameif outside

security-level 0

ip address dhcp setroute

!

interface Vlan5

no nameif

security-level 50

no ip address

!

interface Ethernet0/0

switchport access vlan 2

!            

interface Ethernet0/1

!            

interface Ethernet0/2

!            

interface Ethernet0/3

!            

interface Ethernet0/4

!            

interface Ethernet0/5

!            

interface Ethernet0/6

!            

interface Ethernet0/7

!            

boot system disk0:/asa821-k8.bin

boot system disk0:/Asa821-k8.bin

ftp mode passive

object-group service RDP tcp

port-object eq 3389

object-group protocol TCPUDP

protocol-object udp

protocol-object tcp

object-group service CCTV tcp-udp

port-object eq 9000

object-group service 8080Web tcp-udp

port-object eq 8080

access-list inside_access_in extended permit ip any any

access-list inside_access_in_1 extended permit icmp any any

access-list inside_access_in_1 extended permit ip any any

access-list outside_access_in extended permit icmp any any log disable

access-list outside_access_in extended permit tcp any interface outside object-group RDP

pager lines 24

logging enable

logging timestamp

logging list Usman level debugging

logging monitor emergencies

logging buffered emergencies

logging trap informational

logging history emergencies

logging asdm informational

logging host inside 192.168.1.202

logging host inside 192.168.1.222

logging debug-trace

logging flash-bufferwrap

logging class auth buffered emergencies history emergencies monitor emergencies asdm emergencies

no logging message 106015

no logging message 313001

no logging message 313008

no logging message 106023

no logging message 710003

no logging message 106100

no logging message 101001

no logging message 100000

no logging message 302015

no logging message 302014

no logging message 302013

no logging message 302018

no logging message 302017

no logging message 302016

no logging message 302021

no logging message 302020

flow-export destination inside 192.168.1.80 2055

flow-export destination inside 192.168.1.222 2055

flow-export template timeout-rate 1

flow-export delay flow-create 15

mtu inside 1500

mtu outside 1500

icmp unreachable rate-limit 1 burst-size 1

icmp permit any inside

asdm image disk0:/asdm-625.bin

no asdm history enable

arp timeout 14400

nat-control  

global (outside) 1 interface

nat (inside) 1 192.168.1.0 255.255.255.0

nat (inside) 1 0.0.0.0 0.0.0.0

access-group inside_access_in in interface inside control-plane

access-group inside_access_in_1 in interface inside

access-group outside_access_in in interface outside

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

dynamic-access-policy-record DfltAccessPolicy

aaa authentication http console LOCAL

aaa authentication ssh console LOCAL

aaa authentication telnet console LOCAL

http server enable

http 192.168.1.0 255.255.255.0 inside

snmp-server enable traps snmp authentication linkup linkdown coldstart

snmp-server enable traps syslog

snmp-server enable traps entity config-change

crypto ipsec security-association lifetime seconds 28800

crypto ipsec security-association lifetime kilobytes 4608000

crypto ca trustpoint ASDM_TrustPoint0

enrollment terminal

subject-name CN=EscapeASA

crl configure

telnet 192.168.1.0 255.255.255.0 inside

telnet timeout 5

ssh 192.168.1.0 255.255.255.0 inside

ssh timeout 5

console timeout 0

dhcpd auto_config outside

!            

dhcpd address 192.168.1.5-192.168.1.132 inside

dhcpd enable inside

!            

threat-detection basic-threat

threat-detection statistics port

threat-detection statistics protocol

threat-detection statistics access-list

threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200

webvpn       

class-map global-class

description Netflow_Export_Class

match any   

class-map inspection_default

match default-inspection-traffic

!            

!            

policy-map type inspect dns preset_dns_map

parameters  

  message-length maximum 512

policy-map global_policy

description Netflow_Export_Policy

class inspection_default

  inspect dns preset_dns_map

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect esmtp

  inspect xdmcp

  inspect netbios

  inspect tftp

  inspect http

class global-class

  flow-export event-type all destination 192.168.1.222

!            

service-policy global_policy global

prompt hostname context

Cryptochecksum:6ae2b7c02f4ba651faf19e959c309a0b

Thank you i follow the document setup new policy still the same issue .

I checked with wireshark traces . Thank you again for your support is there anything need to included please let me know

https://supportforums.cisco.com/docs/DOC-6114

Here is what my config now looks like matching the post above

access-list global_mpc extended permit ip any any

!

flow-export destination inside 192.168.1.80 2055

flow-export destination inside 192.168.1.222 2055

!

!            

class-map global-class

match access-list global_mpc

class-map inspection_default

match default-inspection-traffic

!            

!            

policy-map type inspect dns preset_dns_map

parameters  

  message-length maximum 512

policy-map global_policy

description Netflow_Export_Policy

class inspection_default

  inspect dns preset_dns_map

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect esmtp

  inspect xdmcp

  inspect netbios

  inspect tftp

  inspect http

class global-class

  flow-export event-type all destination 192.168.1.80 192.168.1.222

!            

service-policy global_policy global

prompt hostname context

can you post the output of show flow-export counters
and show logging flow-export-syslogs

EscapeASA# sh flow-export counter

destination: inside 192.168.1.80 2055

  Statistics:

    packets sent                                              630

  Errors:

    block allocation failure                                    0

    invalid interface                                           0

    template send failure                                       0

destination: inside 192.168.1.222 2055

  Statistics:

    packets sent                                              630

  Errors:

    block allocation failure                                    0

    invalid interface                                           0

    template send failure                                       0

EscapeASA# show logging flow

EscapeASA# show logging flow-export-syslogs

Syslog ID       Type                           Status        

302013          Flow Created                   Disabled      

302015          Flow Created                   Disabled      

302017          Flow Created                   Disabled      

302020          Flow Created                   Disabled      

302014          Flow Deleted                   Disabled      

302016          Flow Deleted                   Disabled      

302018          Flow Deleted                   Disabled      

302021          Flow Deleted                   Disabled      

106015          Flow Denied                    Disabled      

106023          Flow Denied                    Disabled      

313001          Flow Denied                    Disabled      

313008          Flow Denied                    Disabled      

710003          Flow Denied                    Disabled      

106100          Flow Created/Denied            Disabled      

Hello Gold,

Remember that there are only 3 events that will create/generate a record event

flow-create

flow-denied

flow-teardown

Can you add the following command:

flow template timeout-rate 1

Regards

I have added the below command .

EscapeASA# sh run | include template

flow-export template timeout-rate 1

EscapeASA#

however i dont see any progress i am not able see flows from all the interfaces and vlans's .

only following are generating as per my first post even after making changes .

https://supportforums.cisco.com/servlet/JiveServlet/download/3941110-15360396/ASA%20NTA.PNG

again thanking your support  any further changes need to be done ?

Hello Gold,

Okay let's start from the bottom.. I will focus on the explanation this time

How can i enable Netflow for each Vlan Or interface indvidually  in Cisco ASA?

You enable this on the ASA via the MPF setup, so if you want just to see record events for the inside traffic only match traffic that goes and starts on that interface ( this with an ACL ).

currently i have setup Netflow and only 2 interfaces are shwoing traffic for Netflow which are not even as my physical or Vlan interfaces .

Well you have only 2 interfaces UP and running (the SVI's 2 and 1) (physical port 1 and 7), So I would say that is accurate.

Now what it does seem weird is the interface name you are seeing on the netflow collector, I mean what is interface Null 0. That just does sound accurate...

What neflow collector software are you using?