Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

asa 5510 netflow

Hi Guys

Can you help me how to configure the netflow on asa 5510. 

3 REPLIES

hi,you can use the command

hi,

you can use the command:

flow-export destination <INTERFACE> <NETFLOW COLLECTOR IP> <NETFLOW UDP PORT>

find useful link:


https://supportforums.cisco.com/document/30471/netflow-asa

VIP Purple

In addition to the infos

In addition to the infos already posted, there is of course also the Configuration-Guide explaining it:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/monitor_nsel.html


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni

Hi Jcatalino, Please follow

Hi Jcatalino,

 

Please follow the below configs.

 

access-list acl-netflow extended permit ip any any 

class-map class-my-netflow
 match access-list acl-netflow


policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map 
  inspect ftp 
  inspect h323 h225 
  inspect h323 ras 
  inspect rsh 
  inspect rtsp 
  inspect sqlnet 
  inspect skinny  
  inspect sunrpc 
  inspect xdmcp 
  inspect sip  
  inspect netbios 
  inspect tftp 
  inspect ip-options 
  inspect pptp 
 class class-my-netflow
  flow-export event-type all destination 192.168.0.1

 

You are done here, IP address 192.168.0.1 is your flow collector station.

 

Thanks

Rizwan Rafeek

 

61
Views
0
Helpful
3
Replies
CreatePlease login to create content