Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I setup a Linux box w/fprobe to provide netflow information about a network segment. I have checked to make sure that Fprobe is generating the netflow data I want. I would like to send this data to my MARS box. Should I setup a generic device in MARS...
I just upgraded to 4.3.5 from 4.3.3.2636 two days ago. At first MARS lost the ability to generate a path for any incident. Today I can see that the path is being generated again but, the computer is shown as being connected to a VLAN instead of a spe...
Our MARS device seems to be up and running correctly. Most of our equipment seems to be correctly configured and appears in the topology. However, when an incident occurs MARS does not list the switch the device is connected to. How would I go about ...
I am having a problem with passing through a VPN client connection on an ASA 5505. The ASA is running version 8 and terminates an anyconnect VPN. The ASA is using PAT. When the inside user connects with the VPN client, it connects but no traffic pass...
Check this link:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_bulletin_c25-526545.htmlCut and paste from article: Cisco NetFlow Secure Event Logging: This feature was originally introduced on the Cisco ASA 5580, and ...
Version 7 fixed that problem for me. I can actually turn on auto upgrade and not have to worry about coming in the next day and having the sensor down. For what it is worth, I have had about 50 packets denied in the last couple of days due to reputat...
For what it is worth, I talked to someone from Netflow Auditor today and they said they should be able to parse this data with Version 4 which comes out in June sometime. I am going to download version 4 and get a trial key when it is available to te...
Thanks for reply.I forgot that the higher end ASA models were able to generate netflows at the 8.1 level. I guess the capability to parse v9 netflow was probably added to MARS at that time. The lower end models only received that capability in versio...
