Netflow and NAT issues

ALIAOF_ · ‎09-20-2011

I have netflow configured on one of my ASA and it was working fine. There was a changed made on it last night and since then apparently Netflow stopped working, however Netflow software (Solarwinds) is still showing the device up and still showing SNMP traffic once in a while I do see CFLOW data when I'm running wireshark on the Solarwinds server but nothing in the interface. This was the change made and wanted to see if that can cause an issue or not.

Solarwinds server: 192.168.1.135

Firewall Inside IP: 192.168.168.252

Firewall Outside IP: 10.230.168.252

global (outside) 1 interface

nat (inside) 1 192.168.0.0 255.255.0.0

nat (inside) 1 10.0.0.0 255.0.0.0 (This was added)

Would this cause any issues for the traffic going to 192.168.1.135 IP, doesn't make sense because it really shouldn't.

Maykol Rojas · ‎09-20-2011

Hi Mohammed,

Nope it shouldnt, can you take a capture and downloaded in pcap format so we can see it on wireshark? Do the following:

capture capin interface inside match udp any any eq

Wait 5 minutes and then do the following

http 0 0 inside

http server enable

From a computer on the inside access

https://192.168.168.252/capture/capin/pcap

That should give you the capture in pcap format and you will be able to see it, I want to check if the templates as well as the data packets are going ok from the firewall.

Mike

ALIAOF_ · ‎09-21-2011

Ok just to update there is apparently a bug in the ASA software, here is the link for the details:

http://thwack.solarwinds.com/forums/48/network-management/10/orion-netflow-traffic-analyzer/19114/orion-nta-35--service-pack-2/