05-08-2019 02:02 PM
Para habilitar NetFlow Lite en un switch 2960-X se requiere habilitar algo adicional a configurar el Flow Record, Flow Exporter, Flow Monitor, Flow Sampler y aplicar el Flow Monitor and Sampler sobre la SVI?
Tengo todo lo anterior configurado pero no recibo flujos en el StealthWatch.
SW2_PRUEBA_ISE#show sampler
Sampler FLOW-SAMPLER-1:
ID: 2608974056
export ID: 6
Description: User defined
Type: random
Rate: 1 out of 100
Samples: 0
Requests: 0
Users (2):
flow monitor FLOW-MONITOR-1 (ip,Vl9,Input) 0 out of 0
flow monitor FLOW-MONITOR-1 (ip,Gi1/0/48,Input) 0 out of 0
El servidor StealthWatch y el switch están localmente no hay un firewall intermedio.
05-08-2019 11:41 PM
As per your configuration Vlan9 is SVI but no IP address ? in the switch all the traffic use vlan 9 ?
look at the below guide for reference.
05-09-2019 02:21 PM
As per your configuration Vlan9 is SVI but no IP address ?
he realizado la prueba sin IP y configurándole IP.
in the switch all the traffic use vlan 9 ?
La vlan 9 corresponde a Datos, un 80% del trafico es generado por este segmento.
Estuve revisando la guía compartida
Netflow configuration on a Cisco device consists of four steps:
El paso #4 lo realice en mis equipos de L3 (RT), donde no tengo ningún problema, pero en los L2 (SW) al intentar aplicar el Flow monitor sobre la SVI o interface; me pide asociar el flow monitor a un sampler:
SW2_PRUEBA_ISE(config-if)#ip flow monitor FLOW-MONITOR-1 input
% Flow Monitor: Flow Monitor 'FLOW-MONITOR-1' couldn't be added. Please associate a sampler with the monitor
Atualmente:
interface Vlan9
ip flow monitor FLOW-MONITOR-1 sampler FLOW-SAMPLER-1 input
ip address 192.168.88.252 255.255.255.0
no ip route-cache
end
05-09-2019 04:09 PM
If it english i can able to help you.
or wait for any local person understand to help you here.
05-09-2019 04:20 PM
Ok,
As per your configuration Vlan9 is SVI but no IP address?
I have done the test without IP and configuring IP.
in the switch to the traffic use vlan 9?
Vlan 9 corresponds to Data, 80% of the traffic is generated by this segment.
I was reviewing the shared guide
Netflow configuration on a Cisco device consists of four steps:
Define Flow Record
Configure Flow Exporter
Configure Flow Monitor
Apply the Flow Monitor on an interface
Step # 4, i did it on my L3 (RT) equipment, where I have no problem, but on the L2 (SW) when trying to apply the Flow monitor on the SVI or interface; asks me to associate the flow monitor with a sampler:
SW2_PRUEBA_ISE (config-if) #ip flow monitor FLOW-MONITOR-1 input
% Flow Monitor: Flow Monitor 'FLOW-MONITOR-1' could not be added. Please associate a sampler with the monitor
at present:
Vlan9 interface
ip flow monitor FLOW-MONITOR-1 sampler FLOW-SAMPLER-1 input
ip address 192.168.88.252 255.255.255.0
no ip route-cache
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide