cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Configuring NSEL (~NetFlow) on Cisco Firepower Threat Defense (FTD)

40628
Views
76
Helpful
19
Comments

How to configure NSEL (~NetFlow) on Cisco Firepower Threat Defense (FTD) using the FlexConfig feature introduced in Firepower Management Center (FMC) software version 6.2
See the attached doc.

Note that in a few versions of FTD code, the Flexconfig deployment for NetFlow as given in this document, may fail. This is due to a minor bug. Check out my comment in this article (scroll towards the bottom of the page) talking about this bug and its workaround.

 

Note that this document is applicable only if you are using managing your firewall using FMC. If you are using the on-box management functionality using Firepower Device Manager (FDM), then you may want to look at this article

https://community.cisco.com/t5/security-documents/how-to-enable-netflow-on-firepower-using-fdm/ta-p/4048081

Comments
Aref Alsouqi
VIP Rising star

Just repeat the flow-export destination line with the second FC, and repeat the flow-export event-type line under the policy map with the second FC. Or, you can add both FCs on the same line under the policy map such as flow-export event-type $event_type destination $FIRST_FC.get(1) $SECOND_FC.get(1)

buffkata
Beginner

Thank you, Aref - but is your suggestion for FMC with FlexConfig or ASA CLI ?

Aref Alsouqi
VIP Rising star

You welcome. FMC, in the FlexConfig object config window.

shaikh.zaid22
Beginner

Hi Anand,

 

Am experiencing a similar kind of error :"deployment error", even after making  a copy of netflow_add_destination 

i am running fmc 6.6.4.

Need help.