Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA 5510(8.46)-NetFlow

I have recently upgraded our ASA to version 8.4(6) but after upgradation i have noticed that Netflow stats are not showing in our tool. I have rediscovered device in tool but still problem persist. I dont know whether issue is with config. ASA config was converted after reload from previous 8.2 version.

Below is config after upgradation OS.

============================================

access-list flow_export_acl extended permit ip host 10.110.151.11 host 10.110.151.51

flow-export destination inside 10.110.151.11 9996

flow-export template timeout-rate 1

policy-map global_policy

class inspection_default

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect skinny

  inspect icmp

class class-default

  flow-export event-type all destination 10.110.151.11

1 ACCEPTED SOLUTION

Accepted Solutions
Community Member

ASA 5510(8.46)-NetFlow

Hello Anukalp,

Cisco jumped around a bit in the different firmware releases on how the NSEL is exported. It is best explained in this post on Cisco ASA NetFlow : Bidirectional Support Added.  I hope this helps, please vote on my reply if it does.

Jake

8 REPLIES
Community Member

ASA 5510(8.46)-NetFlow

Hi Anukalp,

I do not see any match statement in your class map. You should match the access-list "flow_export_acl you created.

Can you post the config proir to upgrade?

Community Member

ASA 5510(8.46)-NetFlow

Hi..

Before upgradation config was below..

=========================================

snmp-server host inside 10.110.151.11 community *****

flow-export destination inside 10.110.151.11 9996

policy-map global_policy

class inspection_default

inspect ftp

inspect h323 h225

inspect h323 ras

inspect skinny

inspect icmp

class class-default

flow-export event-type all destination 10.110.151.11

Community Member

ASA 5510(8.46)-NetFlow

Hello Anukalp,

Cisco jumped around a bit in the different firmware releases on how the NSEL is exported. It is best explained in this post on Cisco ASA NetFlow : Bidirectional Support Added.  I hope this helps, please vote on my reply if it does.

Jake

Community Member

ASA 5510(8.46)-NetFlow

Can you tell me pls how could how could i enable bidirectional support.

Also if netflow in ASA ver 8.4(6) is unidirectional then would it not work.

Re: ASA 5510(8.46)-NetFlow

Hello Anukalp.

Exactly, on that version you could only use unidirectional,

How to enable it? I am not 100% sure but I think is the only method it supports so it will be on by default,

There is no command for it on the command reference so it's just the mode you have on this version

Regards

Remember to rate all of the helpful posts.

For this community that's as important as a thanks.

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Community Member

ASA 5510(8.46)-NetFlow

Hi jcarvaja,

I have nothing to do with unidirectional or bidirectional. My issue is that NetFlow collector is showing traffic of ASA. It was working fine on version 8.2(5). After upgradation it to 8.4(6) my netflow collector stops displaying data. I have mentioned config above of netflow in ASA of both version 8.2(5) & 8.4(6).

I just need to know if there is any changes in 8.4(6) which need to configure so that my netflow collector start displaying traffic.

ASA 5510(8.46)-NetFlow

Hello Anukalp.

This is what you asked:

Can you tell me pls how could how could i enable bidirectional support.

Also if netflow in ASA ver 8.4(6) is unidirectional then would it not work.

That is all related to bidirectional, unidirectional flow

Can you share the following:

show run class class-default

show service-policy

clear flow-export counters

show flow-export counters

Remember to rate all of the helpful posts.

For this community that's as important as a thanks.

Remember to rate all of the helpful posts.

For this community that's as important as a thanks.

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Community Member

ASA 5510(8.46)-NetFlow

497
Views
0
Helpful
8
Replies
CreatePlease to create content