cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5971
Views
0
Helpful
4
Replies

Setup ASA 5510 Netflow for use with Solarwinds Real-Time Netflow Analyzer

Foolproof
Level 1
Level 1

Ok - so the title kinda says it all.  I have an ASA 5510 and wish to use a Netflow analyzer to try and resolve an issue we're having with a sudden surge in Connections Per Second Usage, which then seems to cause a complete halt in connectivity to the 5510 for about 30 seconds.  It happens probably once every 2 hours or so and prevents any traffic going out to the internet for that 30 seconds.

If anyone can suggest an easier way to track down the cause of this, I'm all ears. This was just my first thought.

I'm more of an ASDM GUI user than CLI (just so you know).

The Solarwinds RT Netflow analyzer seems require the setup of Netflow and SNMP for it to work.  The configurator for this asks for:

  • Hostname/IP address
  • Using SNMP V3
    • Username
    • Context
    • Auth Method (MD5 or SHA1)
    • Auth Key
    • Encryption Method (DES or AES)
    • Encryption Key

I've found where to setup this in the ADSM, but I think there's something more required to get this to work.

Any assistance is greatly appreciated!!

4 Replies 4

Allen P Chen
Level 5
Level 5

Hello,

Based on the ASA configuration guide, it indicates only Netflow version 9 is supported:

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/monitor_nsel.html#wp1111174

In looking at Solarwinds website, it mentions the Real-Time Netflow Analyzer supports version 5:

* SolarWinds Real-Time NetFlow Analyzer supports NetFlow Version 5 and records up to 60 minutes of NetFlow data.

http://www.solarwinds.com/products/freetools/netflow_analyzer.aspx

I believe an analyzer which supports version 9 will need to be used with the ASA.  Hope this helps.

Allen P Chen
Level 5
Level 5

Here is some additional information on Netflow for the ASA:

https://supportforums.cisco.com/docs/DOC-6113

tahequivoice
Level 2
Level 2

I tried this myself with NTA, and could not get it to work either, as stated before, its version 9, so Solarwinds wont work with it.  Download and trial the ManageEngine software, it does support version 9.

http://www.manageengine.com/products/netflow/cisco-netflow.html

Don Jacob
Level 1
Level 1

Hi,

ManageEngine has a standalone NetFlow monitoring software which can work with NetFlow packets without the need for an SNMP based base product like SolarWinds does. You can download ManageEngine NetFlow Analyzer and then configure your ASA to export NetFlow v9. ASA configuration via ASDM for NetFlow can be seen from the below link:

http://blogs.manageengine.com/netflowanalyzer/2010/07/22/configuring-cisco-asa-netflow-via-asdm

Regards,

Don Thomas Jacob

Regards, Don Thomas Jacob http://www.solarwinds.com/netflow-traffic-analyzer.aspx Head Geek @ SolarWinds NOTE: Please rate and close questions if you found any of the answers helpful.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: