Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
753
Views
0
Helpful
1
Replies

Netflow + NAT on Cisco 1760 (ios 12.3.(10))

alexis-ks
Level 1
Level 1

‎04-20-2006 01:55 AM - edited ‎03-03-2019 02:52 AM

Is there any way to configure netflow trafic accounting (incomming and upcomming traffic) on Cisco 1760 Router with ios 12.3(10) with NAT and without "ip flow egress"?

My system has only 32 Mb RDAM so i could not install 12.3(11)T.

Current confi (icluded) allow to account only upcomming trafficr (not incomming)

----

Config:

----

Router#show running-config

Building configuration...

Current configuration : 3579 bytes

!

! Last configuration change at 23:42:33 UTC Tue Apr 18 2006 by adms

! NVRAM config last updated at 08:00:12 UTC Tue Mar 28 2006 by adms

!

version 12.3

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

service sequence-numbers

!

hostname Router

!

boot-start-marker

boot system flash flash:c1700-y-mz.123-10.bin

boot-end-marker

!

logging buffered 8000 debugging

enable secret 5 CCCCCCCCCCCCCCCCCCCCCCCC

!

username adms password 7 CCCCCCCCCCCCC

aaa new-model

!

!

aaa session-id common

ip subnet-zero

!

!

!

ip cef

!

!

!

!

interface FastEthernet0/0

ip address 10.1.0.2 255.0.0.0

ip access-group 100 in

ip nat inside

ip route-cache flow

speed auto

!

interface Serial0/0

ip address X.X.X.X 255.255.255.252

ip access-group InternetIn in

ip access-group InternetOut out

ip nat outside

encapsulation frame-relay IETF

ip route-cache flow

load-interval 30

frame-relay interface-dlci 440

!

interface Serial0/1

no ip address

shutdown

!

ip nat inside source list NAT interface Serial0/0 overload

ip nat inside source static 10.0.0.3 X.X.X.X

ip nat inside source static 10.0.0.5 X.X.X.X

ip nat inside source static 10.0.0.6 X.X.X.X

ip classless

ip route 0.0.0.0 0.0.0.0 X.X.X.X

ip http server

ip http access-class 1

ip flow-export version 5

ip flow-export destination 10.10.0.77 9999

!

!

ip access-list extended InternetIn

permit tcp any any eq smtp

permit udp any any eq domain

permit tcp any any eq domain

permit tcp any any eq www

permit tcp any any eq ftp

permit tcp any any eq ftp-data

permit icmp any any echo-reply

permit icmp any any echo

evaluate InternetTraffic

deny ip any any log

ip access-list extended InternetOut

permit tcp any any reflect InternetTraffic

permit udp any any reflect InternetTraffic

permit icmp any any reflect InternetTraffic

ip access-list extended NAT

permit ip host 10.0.3.12 any

permit ip host 10.0.4.1 any

permit ip host 10.0.30.7 any

permit ip host 10.0.0.50 any

permit ip host 10.0.0.55 any

permit ip host 10.0.0.77 any

permit ip host 10.0.0.222 any

permit ip host 10.0.4.81 any

permit ip host 10.0.0.107 any

permit ip 10.0.0.0 0.0.0.7 any

access-list 1 permit 10.0.0.50

access-list 1 permit 10.0.0.55

access-list 1 permit 10.0.0.77

access-list 1 permit 10.0.0.222

access-list 1 permit 10.0.0.0 0.0.0.7

access-list 100 deny tcp any any eq 881 log

access-list 100 deny tcp any eq 881 any log

access-list 100 deny udp any any eq 881 log

access-list 100 deny udp any eq 881 any log

access-list 100 permit ip any any

snmp-server community public RO 1

!

line con 0

line aux 0

line vty 0 4

access-class 1 in

exec-timeout 30 0

!

end

Router#

Labels:
0 Helpful
1 Reply 1
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card