09-20-2011 03:33 PM - edited 03-11-2019 02:27 PM
I have netflow configured on one of my ASA and it was working fine. There was a changed made on it last night and since then apparently Netflow stopped working, however Netflow software (Solarwinds) is still showing the device up and still showing SNMP traffic once in a while I do see CFLOW data when I'm running wireshark on the Solarwinds server but nothing in the interface. This was the change made and wanted to see if that can cause an issue or not.
Solarwinds server: 192.168.1.135
Firewall Inside IP: 192.168.168.252
Firewall Outside IP: 10.230.168.252
global (outside) 1 interface
nat (inside) 1 192.168.0.0 255.255.0.0
nat (inside) 1 10.0.0.0 255.0.0.0 (This was added)
Would this cause any issues for the traffic going to 192.168.1.135 IP, doesn't make sense because it really shouldn't.
09-20-2011 07:17 PM
Hi Mohammed,
Nope it shouldnt, can you take a capture and downloaded in pcap format so we can see it on wireshark? Do the following:
capture capin interface inside match udp any any eq
Wait 5 minutes and then do the following
http 0 0 inside
http server enable
From a computer on the inside access
https://192.168.168.252/capture/capin/pcap
That should give you the capture in pcap format and you will be able to see it, I want to check if the templates as well as the data packets are going ok from the firewall.
Mike
09-21-2011 11:01 AM
Ok just to update there is apparently a bug in the ASA software, here is the link for the details:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide