Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
6754
Views
0
Helpful
4
Replies

Setup ASA 5510 Netflow for use with Solarwinds Real-Time Netflow Analyzer

Foolproof
Level 1
Level 1

‎03-03-2011 08:52 AM - edited ‎03-11-2019 01:00 PM

Ok - so the title kinda says it all.  I have an ASA 5510 and wish to use a Netflow analyzer to try and resolve an issue we're having with a sudden surge in Connections Per Second Usage, which then seems to cause a complete halt in connectivity to the 5510 for about 30 seconds.  It happens probably once every 2 hours or so and prevents any traffic going out to the internet for that 30 seconds.

If anyone can suggest an easier way to track down the cause of this, I'm all ears. This was just my first thought.

I'm more of an ASDM GUI user than CLI (just so you know).

The Solarwinds RT Netflow analyzer seems require the setup of Netflow and SNMP for it to work.  The configurator for this asks for:

  • Hostname/IP address
  • Using SNMP V3
    • Username
    • Context
    • Auth Method (MD5 or SHA1)
    • Auth Key
    • Encryption Method (DES or AES)
    • Encryption Key

I've found where to setup this in the ADSM, but I think there's something more required to get this to work.

Any assistance is greatly appreciated!!

Labels:
0 Helpful
4 Replies 4

Allen P Chen
Level 5
Level 5

‎03-03-2011 10:36 AM

Hello,

Based on the ASA configuration guide, it indicates only Netflow version 9 is supported:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/monitor_nsel.html#wp1111174

In looking at Solarwinds website, it mentions the Real-Time Netflow Analyzer supports version 5:

* SolarWinds Real-Time NetFlow Analyzer supports NetFlow Version 5 and records up to 60 minutes of NetFlow data.

http://www.solarwinds.com/products/freetools/netflow_analyzer.aspx

I believe an analyzer which supports version 9 will need to be used with the ASA.  Hope this helps.

0 Helpful

Allen P Chen
Level 5
Level 5

‎03-03-2011 10:37 AM

Here is some additional information on Netflow for the ASA:

https://supportforums.cisco.com/docs/DOC-6113

0 Helpful

tahequivoice
Level 2
Level 2

‎03-04-2011 09:06 AM

I tried this myself with NTA, and could not get it to work either, as stated before, its version 9, so Solarwinds wont work with it.  Download and trial the ManageEngine software, it does support version 9.

http://www.manageengine.com/products/netflow/cisco-netflow.html

0 Helpful

Don Jacob
Level 1
Level 1

‎03-23-2011 06:58 AM

Hi,

ManageEngine has a standalone NetFlow monitoring software which can work with NetFlow packets without the need for an SNMP based base product like SolarWinds does. You can download ManageEngine NetFlow Analyzer and then configure your ASA to export NetFlow v9. ASA configuration via ASDM for NetFlow can be seen from the below link:

http://blogs.manageengine.com/netflowanalyzer/2010/07/22/configuring-cisco-asa-netflow-via-asdm

Regards,

Don Thomas Jacob

Regards, Don Thomas Jacob http://www.solarwinds.com/netflow-traffic-analyzer.aspx Head Geek @ SolarWinds NOTE: Please rate and close questions if you found any of the answers helpful.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top