Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4206
Views
40
Helpful
16
Replies

Netflow via ASA 5512 managemet interface

mathewdevanny75576
Level 1
Level 1

‎06-15-2020 06:20 PM

Hi there,

 

I have an ASA 5512 running 9.9(2)18, and I am trying to make it send Netflow traffic out of its management interface to collector in an adjacent subnet. I used a number of the simple tutorials available in the public domain.

 

It just won't work; although all of the routing configuration is in place, tcpdump on the collector shows me that no traffic from the ASA is coming in, even though ADSM shows that the ASA is sending plenty of UDP packets to that destination.

 

When I add a Netflow collector to the 'flow-export destination' that is on the inside interface however, that collector happily receives the traffic.

 

Are there any limitations about a 5512 sending Netflow traffic out of the management interface?

 

Mat

1 person had this problem
0 Helpful
16 Replies 16

sdemlow007
Level 1
Level 1
In response to mathewdevanny75576

‎08-07-2020 01:53 PM

I'm seeing this same behavior in one of our 5512-X, ver 9.12(3)12 as well. If I revert the code to the 9.8 train netflow works as expected out the MGMT interface. I ran PCAP's on the port the ASA was on and no packets destined for our netflow server showed up and yet were reported in the connections on the ASA itself.

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to sdemlow007

‎08-08-2020 05:06 AM

That sounds like a bug. I'd recommend opening a TAC case. Please share the results here if you are able to do so.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card