Netflow Analyzer

Faisal Khan · ‎08-19-2013

Hi,

We are using Manage Engine product Netflow Analyzer, we are facing a problem in traffic flow between Netflow server and Edge routers. No packet has been received in Netflow server from Edge routers. between Edge routers and Netflow server ASA is installed. Router uses dynamic source ports and detination port is 9996. we cannot allow all source ports due to network security breaches.

Can anyone help me!!!

Regards,

Faisal Naseem Khan

Faisal Khan · ‎08-19-2013

One more thing before ASA we are using router as a firewall at this time Netflow works fine.

Marvin Rhoads · ‎08-20-2013

You inbound access-list should just specify the source and destination address and destination port (TCP 9996). You cannot specify source port for the reason you noted.

The way I suggested is the standard approach for allowing inbound traffic on an ASA.

Faisal Khan · ‎08-22-2013

Hi,

Thanks for replay,

i hv also create rule a soure ip XX.XX.XX.XX destination ip XX.XX.XX.XX destination port 9996 and source port any (any :1-65535).

But still not working.