Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
838
Views
0
Helpful
2
Replies
Highlighted
john.gregory
Beginner
Beginner
‎11-30-2019 12:47 AM
‎11-30-2019 12:47 AM

Implementing Netflow on Core Switch (6500)

I have a scenario where in the Core Switch (6500) is running only as Layer 2. And this switch is connected to a Firewall via trunk links. Behind the core switch is access switches on where the user and server farm is connected. The server's/user's gateway is the firewall.

 

I want to implement netflow at the core but the flow monitor command is not supported on the trunk ports. The core switch only has one SVI, which is only meant for management traffic (like ssh, tacacs, snmp, ntp). Whats the other way to implement netflow on the Core so it capture all user and server traffics.

Labels:
0 Helpful
2 REPLIES 2
Highlighted
balaji.bandi
VIP Mentor VIP Mentor
VIP Mentor
‎11-30-2019 09:20 AM
‎11-30-2019 09:20 AM

Personally I don't believe you able to achieve what you looking to do over L2, what kind of FW you have If this is ASA you can able to achieve, or any other FW if this is next-generation one you should able to use Netflow feature.

 

BB
*** Rate All Helpful Responses ***
0 Helpful
Highlighted
kyoshiik
Cisco Employee
Cisco Employee
In response to balaji.bandi
‎12-02-2019 12:45 AM
‎12-02-2019 12:45 AM

ASA Configuration sample for NSEL:

https://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/general/asa-general-cli/monitor-nsel.html

 

FTD Configuration sample for NSEL:

https://community.cisco.com/t5/security-documents/configuring-nsel-netflow-on-cisco-firepower-threat-defense-ftd/ta-p/3646300

0 Helpful
Latest Contents
Endpoint purge
Created by craiglebutt on 10-24-2020 06:42 AM
1
0
1
0
We have the Endpoint purge to delete any thing over 365 days, but this wasn't working as standard since in was installedSo disabled and enabled again and this seem to fix it, as had just under 200k endpoints captured. But it removed all clients that ... view more
Script to push/post all static routes on Firepower Managemen...
Created by Dv on 10-24-2020 03:07 AM
0
10
0
10
Problem: When we unregister FTD from FMC and re-register, all the static routes are lost on it. Sometimes device has database corruption, if re-image is the only solution then upon re-image, FTD comes up fresh and we need to configure everything from scra... view more
ASA 5585-X Howo change Secondary Active to Standby without R...
Created by MANFRED LIEBCHEN on 10-23-2020 01:07 AM
3
0
3
0
Hi,I have a very simple question; we have two ASA 5585-X working in Active/Standby Mode with multiuser Contexts.Normally Primary Unit is active for failover group 1 and 2; Secondary Unit is standby !At the moment our Secondary Unit is completely disconnec... view more
CCIE Security and Practical Applications in Today’s Network:...
Created by ciscomoderator on 10-22-2020 11:48 AM
0
0
0
0
Meet the Authors Event - CCIE Security and Practical Applications in Today’s Network: Zero Trust (Live event – Thursday, 29th, 2020 at 10:00 a.m. Pacific / 1:00 p.m. Eastern / 6:00 p.m. Paris) This event will have place on Thursday 29th, October 2020 at 1... view more
My company uses Microsoft Azure AD, can I sign into Cisco Se...
Created by diddly on 10-22-2020 06:34 AM
0
5
0
5
Question My company uses Microsoft Azure AD, and I sign into all my applications using that account. Can I use that account when I sign in? Answer Yes - all applications that support SecureX sign-on allow direct login with your Microsoft Azure AD accou... view more
Content for Community-Ad