×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ASA 5510(8.46)-NetFlow

Endorsed Question
Jul 5th, 2013
User Badges:

I have recently upgraded our ASA to version 8.4(6) but after upgradation i have noticed that Netflow stats are not showing in our tool. I have rediscovered device in tool but still problem persist. I dont know whether issue is with config. ASA config was converted after reload from previous 8.2 version.


Below is config after upgradation OS.

============================================


access-list flow_export_acl extended permit ip host 10.110.151.11 host 10.110.151.51


flow-export destination inside 10.110.151.11 9996

flow-export template timeout-rate 1


policy-map global_policy

class inspection_default

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect skinny

  inspect icmp

class class-default

  flow-export event-type all destination 10.110.151.11

Endorsed by Julio Carvajal
jakewilson about 4 years 1 month ago

Hello Anukalp,


Cisco jumped around a bit in the different firmware releases on how the NSEL is exported. It is best explained in this post on Cisco ASA NetFlow : Bidirectional Support Added.  I hope this helps, please vote on my reply if it does.


Jake

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
smetieh001 Fri, 07/05/2013 - 13:02
User Badges:

Hi Anukalp,


I do not see any match statement in your class map. You should match the access-list "flow_export_acl you created.


Can you post the config proir to upgrade?

Anukalp S Fri, 07/05/2013 - 13:17
User Badges:

Hi..


Before upgradation config was below..

=========================================

snmp-server host inside 10.110.151.11 community *****


flow-export destination inside 10.110.151.11 9996


policy-map global_policy

class inspection_default

inspect ftp

inspect h323 h225

inspect h323 ras

inspect skinny

inspect icmp

class class-default

flow-export event-type all destination 10.110.151.11

Anukalp S Sun, 07/07/2013 - 03:28
User Badges:

Can you tell me pls how could how could i enable bidirectional support.

Also if netflow in ASA ver 8.4(6) is unidirectional then would it not work.

Julio Carvajal Sun, 07/07/2013 - 09:50
User Badges:
  • Purple, 4500 points or more

Hello Anukalp.


Exactly, on that version you could only use unidirectional,


How to enable it? I am not 100% sure but I think is the only method it supports so it will be on by default,


There is no command for it on the command reference so it's just the mode you have on this version



Regards


Remember to rate all of the helpful posts.

For this community that's as important as a thanks.

Anukalp S Mon, 07/08/2013 - 00:11
User Badges:

Hi jcarvaja,


I have nothing to do with unidirectional or bidirectional. My issue is that NetFlow collector is showing traffic of ASA. It was working fine on version 8.2(5). After upgradation it to 8.4(6) my netflow collector stops displaying data. I have mentioned config above of netflow in ASA of both version 8.2(5) & 8.4(6).


I just need to know if there is any changes in 8.4(6) which need to configure so that my netflow collector start displaying traffic.

Julio Carvajal Mon, 07/08/2013 - 09:24
User Badges:
  • Purple, 4500 points or more

Hello Anukalp.


This is what you asked:

Can you tell me pls how could how could i enable bidirectional support.

Also if netflow in ASA ver 8.4(6) is unidirectional then would it not work.


That is all related to bidirectional, unidirectional flow



Can you share the following:


show run class class-default


show service-policy


clear flow-export counters

show flow-export counters




Remember to rate all of the helpful posts.


For this community that's as important as a thanks.



Remember to rate all of the helpful posts.


For this community that's as important as a thanks.

Actions

This Discussion