Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2197
Views
0
Helpful
4
Replies

Netflow 3850 switch - prtg

carl_townshend
Spotlight
Spotlight

‎03-21-2017 05:52 AM - edited ‎03-08-2019 09:50 AM

Hi All

I have configured netflow on my 3850 to send to PRTG, However it doesn't seem to be showing anything

I have a routed vlan to my firewall which I want to monitor

how should I do this?

cheers

Labels:
0 Helpful
4 Replies 4

Julio E. Moisa
VIP Alumni
VIP Alumni

‎03-21-2017 07:11 AM

Hi

is there communication between the PRTG and the switch, ping or traceroute? could you please share the netflow configuration?

Thanks 




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

carl_townshend
Spotlight
Spotlight
In response to Julio E. Moisa

‎03-21-2017 07:24 AM

Yes there is comms

flow record FLOW-RECORD-IN
 match ipv4 tos
 match ipv4 protocol
 match ipv4 source address
 match ipv4 destination address
 match transport source-port
 match transport destination-port
 match interface input
 match flow direction
 collect interface output
 collect counter bytes long
 collect counter packets long
!
!
flow record FLOW-RECORD-OUT
 match ipv4 tos
 match ipv4 protocol
 match ipv4 source address
 match ipv4 destination address
 match transport source-port
 match transport destination-port
 match interface output
 match flow direction
 collect interface input
 collect counter bytes long
 collect counter packets long

!

flow exporter PRTG-IN
 destination 10.1.1.1
 source Vlan2403
 transport udp 2055
!
!
flow exporter PRTG-OUT
 destination 10.1.1.1
 source Vlan2403
 transport udp 2055
!
!
flow monitor FLOW-MONITOR-IN
 exporter PRTG-IN
 cache timeout active 60
 record FLOW-RECORD-IN
!
!
flow monitor FLOW-MONITOR-OUT
 exporter PRTG-OUT
 cache timeout active 60
 record FLOW-RECORD-OUT

!

vlan configuration 2403
ip flow monitor FLOW-MONITOR-IN input
ip flow monitor FLOW-MONITOR-OUT output

0 Helpful

johnd2310
Level 8
Level 8
In response to carl_townshend

‎03-21-2017 04:33 PM

Hi,

Have you tried adding the following commands on the physical port the firewall is connected to:

ip flow monitor FLOW-MONITOR-IN input
ip flow monitor FLOW-MONITOR-OUT output

thanks

John 

**Please rate posts you find helpful**
0 Helpful

communities@paessler.com
Level 1
Level 1

‎05-05-2017 04:29 AM

Have you tried using Paessler's "netflow tester"?  It's a simple netflow receiver that you can use to see if the flows are arriving at the PRTG server at all.

If you don't see any flows in the test tool, then the problem is either with the switch or something between the switch and the PRTG server.

If you do see flows with the test tool, but not inside PRTG, then the problem is the PRTG configuration.

And, one more tip: inside PRTG, please put the netflow sensor on the probe device, not on the switch.  Only after it's working at the probe level, move it down to the switch. If it works at the probe level but not at the switch level, then the problem is probably a hidden filter that PRTG uses in flow sensors.  PRTG filters out all flows except those that come from the IP address that PRTG is using for that switch.  If the flows appear to come from a different address than the one PRTG is using, then they all disappear when you move the sensor to the switch.  Is this perhaps the behaviour you're seeing?

0 Helpful
Customers Also Viewed These Support Documents